- totekuh
totekuh
/ messagebox-x64.asm
Created
June 9, 2024 21:34
Assembly (ASM) source to invoke a message box on Windows x64
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| BITS 64 | |
| ; Assembly with NASM for 64-bit | |
| ; nasm -f win64 -o messagebox.o messagebox.asm | |
| ; Linking for 64-bit with MinGW | |
| ; x86_64-w64-mingw32-ld -o messagebox.exe messagebox.o -lkernel32 -luser32 | |
| extern MessageBoxA | |
| extern ExitProcess |
totekuh
/ compile-putty-mingw.sh
Created
May 31, 2024 03:00
A Bash script to download, configure, and cross-compile PuTTY for Windows using MinGW on Kali
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # apt install wget tar cmake make mingw-w64 | |
| set -e | |
| # Define variables | |
| PUTTY_VERSION="0.81" | |
| PUTTY_TARBALL="putty-${PUTTY_VERSION}.tar.gz" | |
| PUTTY_URL="https://the.earth.li/~sgtatham/putty/latest/${PUTTY_TARBALL}" |
totekuh
/ messagebox-x86.asm
Last active
June 9, 2024 21:18
Assembly (ASM) source to invoke a message box on Windows x86
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| global _start | |
| extern _ExitProcess@4 | |
| extern _MessageBoxA@16 ; Value after @ is size of args on stack | |
| section .text | |
| ; Assembly with NASM for 32-bit | |
| ; nasm -f win32 -o messagebox.o messagebox.asm | |
| ; Linking for 32-bit explicitly with MinGW 32-bit linker | |
| ; i686-w64-mingw32-ld -o messagebox.exe messagebox.o -luser32 -lkernel32 |
totekuh
/ dns-proxy.py
Last active
April 11, 2024 20:05
A Python DNS Proxy that forwards UDP DNS queries to a TCP DNS server, with support for domain-specific resolver routing.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import socket | |
| import sys | |
| import os | |
| from threading import Thread | |
| # domain resolver file format example: | |
| # *.openai.com=tcp://1.1.1.1:53 | |
| # *=tcp://8.8.8.8:53 |
totekuh
/ rva-to-file-offset.py
Last active
February 8, 2024 11:01
A Python script for converting Relative Virtual Addresses (RVA) to file offsets within specific sections of Portable Executable (PE) files
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import os | |
| import sys | |
| import pefile | |
| import argparse | |
| def rva_to_offset(section, | |
| rva: int): |
totekuh
/ docker-impacket.sh
Created
January 28, 2024 18:32
This Bash script quickly sets up an SMB server using Docker and Impacket, allowing users to share files on a network. It supports custom share names.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Get IP addresses | |
| ip_addresses=$(ip -4 addr show scope global | grep inet | awk '{print $2}' | cut -d '/' -f 1) | |
| echo "The SMB server will be accessible from the following IP addresses:" | |
| for ip in $ip_addresses; do | |
| echo $ip | |
| done |
totekuh
/ rec-bin-search.py
Last active
November 26, 2023 18:01
This script searches for tokens provided in a file within the given binary or list of binaries. It additionally prints the offsets of the strings found and saves results in a segregated manner.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import subprocess | |
| import os | |
| from tqdm import tqdm | |
| from termcolor import colored | |
| def get_arguments(): | |
| from argparse import ArgumentParser |
totekuh
/ hardening-check-with-objdump.sh
Created
November 26, 2023 15:08
hardening-check with custon objdump for disassembling binaries compiled for different architectures
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Define color codes | |
| RED='\033[0;31m' | |
| GREEN='\033[0;32m' | |
| YELLOW='\033[1;33m' | |
| NC='\033[0m' # No Color | |
| # Default objdump path | |
| OBJDUMP_TARGET="/usr/bin/arm-linux-gnueabihf-objdump" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| define search_offset | |
| if $argc < 3 | |
| printf "Usage: search_offset <start_address> <end_address> <offset>\n" | |
| return | |
| end | |
| set $start_addr = $arg0 | |
| set $end_addr = $arg1 | |
| set $target_offset = $arg2 | |
| while $start_addr < $end_addr | |
| if ($start_addr & 0xfff) == $target_offset |
totekuh
/ gdb-xxd.txt
Last active
October 2, 2023 19:41
This GDB script mimics the functionality of the xxd utility, providing a hex dump of memory locations within GDB. It defines three functions: xxd_hex for hexadecimal output, xxd_ascii for ASCII character output, and xxd for a combined hex and ASCII view.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # To show hex values | |
| define xxd_hex | |
| set $addr = $arg0 | |
| set $n = $arg1 | |
| set $end = $addr + ($n * 4) | |
| while $addr < $end | |
| # printf "%08x: ", $addr # Removed this line | |
| x/4wx $addr | |
| set $addr += 16 | |
| end |
NewerOlder