Skip to content

Instantly share code, notes, and snippets.

@smx-smx
smx-smx / XZ Backdoor Analysis
Last active April 18, 2024 20:00
[WIP] XZ Backdoor Analysis and symbol mapping
XZ Backdoor symbol deobfuscation. Updated as i make progress
@smx-smx
smx-smx / !microsoft_pe.txt
Last active March 16, 2024 17:27
microsoft_pe.ksy
Improved Microsoft PE parser from Kaitai
@smx-smx
smx-smx / CMakeLists.txt
Created February 9, 2024 01:41
!linker_proxy
project(linker_test)
macro(handle_asm_file file)
set_property(SOURCE "${file}" PROPERTY LANGUAGE C)
set_property(SOURCE "${file}" PROPERTY COMPILE_DEFINITIONS __ASSEMBLY__)
endmacro()
find_library(LIBCRYPTO_LIBRARY NAMES crypto REQUIRED)
message(STATUS ${LIBCRYPTO_LIBRARY})
@smx-smx
smx-smx / lgsym.ksy
Last active January 6, 2024 21:23
LG Sym Kaitai definition
meta:
id: lg_sym
file-extension: sym
endian: le
encoding: ascii
seq:
- id: header
type: header
- id: sym_entries
type: sym_entry
@smx-smx
smx-smx / _INSTALL.md
Created December 5, 2023 01:38 — forked from robinsmidsrod/_INSTALL.md
Bootstrapping full iPXE native menu with customizable default option with timeout (also includes working Ubuntu 12.04 preseed install)

Add the following chunk to your existing ISC dhcpd.conf file.

if exists user-class and ( option user-class = "iPXE" ) {
    filename "http://boot.smidsrod.lan/boot.ipxe";
}
else {
    filename "undionly.kpxe";
}

(or see https://gist.github.com/4008017 for a more elaborate setup

@smx-smx
smx-smx / ffi.patch
Created November 28, 2023 01:29
PHP FFI Thread Safe patch
diff --git a/ext/ffi/ffi.c b/ext/ffi/ffi.c
index 9be5ac3405..81ac091750 100644
--- a/ext/ffi/ffi.c
+++ b/ext/ffi/ffi.c
@@ -922,9 +922,11 @@ static void zend_ffi_callback_hash_dtor(zval *zv) /* {{{ */
}
/* }}} */
-static void zend_ffi_callback_trampoline(ffi_cif* cif, void* ret, void** args, void* data) /* {{{ */
-{
@smx-smx
smx-smx / nand_extract.php
Last active November 1, 2023 20:38
nandsim helper
<?php
function kilo($n){ return $n * 1024; }
function mega($n){ return kilo($n) * 1024; }
function to_cmdline(array $cmd){
return implode(' ', array_map('escapeshellarg', $cmd));
}
function make_pipe(array ...$cmds){
$cmdlines = array_map('to_cmdline', $cmds);
@smx-smx
smx-smx / script.js
Created September 4, 2023 20:26
Soundcloud Scrub Login bypass (UserScript)
// ==UserScript==
// @name soundcloud
// @namespace https://soundcloud.com/
// @version 0.1
// @include http*://*soundcloud.com*
// @description try to take over the world!
// @author You
// @icon https://www.google.com/s2/favicons?domain=soundcloud.com
// @grant none
// @run-at document-start
@smx-smx
smx-smx / override.cs
Created December 14, 2022 21:29
GetEntryAssembly override
private static unsafe void ReplaceGetEntryAssembly() {
MethodInfo methodToReplace = typeof(Assembly).GetMethod("GetEntryAssembly", BindingFlags.Instance | BindingFlags.Static | BindingFlags.NonPublic | BindingFlags.Public);
MethodInfo methodToInject = typeof(EzDotnetCompat).GetMethod("MyGetEntryAssembly", BindingFlags.Instance | BindingFlags.Static | BindingFlags.NonPublic | BindingFlags.Public);
RuntimeHelpers.PrepareMethod(methodToReplace.MethodHandle);
RuntimeHelpers.PrepareMethod(methodToInject.MethodHandle);
long* inj = (long*)methodToInject.MethodHandle.Value.ToPointer() + 1;
long* tar = (long*)methodToReplace.MethodHandle.Value.ToPointer() + 1;
@smx-smx
smx-smx / makeproxy.php
Created November 26, 2022 02:48
Generate DLL proxy
<?php
<?php
//$DUMPBIN= "C:/Program Files (x86)/Microsoft Visual Studio/2019/Community/VC/Tools/MSVC/14.29.30037/bin/Hostx64/x64/dumpbin.exe";
$DUMPBIN = 'C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.34.31933\bin\Hostx64\x64\dumpbin.exe';
function genproxy(string $lib_path, $def, $asm){
global $DUMPBIN;
$NUMBER="\d+";
$SPACES="\s+";
$HEX="[0-9a-fA-F]+";