peta909
/ peta909_IDA_color.clr
Created
December 31, 2018 17:49
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [DISASM] | |
| 000000 // | |
| aaaaaa //Default color | |
| f3c5ff //Regular comment | |
| 7e6082 //Repeatable comment | |
| 666666 //Automatic comment | |
| ffffff //Instruction | |
| b9ebeb //Dummy Data Name | |
| b9ebeb //Regular Data Name | |
| bbecff //Demangled Name |
peta909
/ MakeComm_DecodingStrFunc.py
Last active
April 29, 2018 17:10
IDApython script to be used during debugging to make comments using results from string decoding functions.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #make comms using result from string decoding functions | |
| #27 Apr 2018 | |
| #Mark Lim @peta909 | |
| def get_string(addr): | |
| out = "" | |
| while True: | |
| if Byte(addr) != 0: | |
| out += chr(Byte(addr)) | |
| else: |
peta909
/ MakeName_Indirect_FuncCalls.py
Last active
May 21, 2018 19:13
IDApython script used to rename addresses with strings of function names
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Author: Mark Lim | |
| #Version: 0.2 (01 May 2018) | |
| #Use while debugging target using IDAPro | |
| #locate list of function pointers | |
| #Make names of function pointers using strings of function names | |
| #FuncName without DLL prefix result in IDA recognizing the API functions and populate the parameter arguments. [Credits to @nullandnull] | |
| ea = SelStart() | |
| end = SelEnd() |
peta909
/ PythonCheatSheet.py
Created
February 1, 2018 01:42
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import struct | |
| # Rotate left: 0b1001 --> 0b0011 | |
| rol = lambda val, r_bits, max_bits: \ | |
| (val << r_bits%max_bits) & (2**max_bits-1) | \ | |
| ((val & (2**max_bits-1)) >> (max_bits-(r_bits%max_bits))) | |
| # Rotate right: 0b1001 --> 0b1100 | |
| ror = lambda val, r_bits, max_bits: \ | |
| ((val & (2**max_bits-1)) >> r_bits%max_bits) | \ |
peta909
/ main.cpp
Created
January 7, 2018 16:27
— forked from hasherezade/main.cpp
FlareOn4 Chall6 - solution using #libpeconv
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <windows.h> | |
| #include "peconv.h" | |
| const size_t g_flagLen = 26; | |
| char g_flag[g_flagLen + 1] = { 0 }; | |
| int my_index() | |
| { | |
| static int index = 0; |
NewerOlder