Search for the vftable on stack:
.shell -ci "dpp poi(@$teb+0x8) poi(@$teb+0x4)" FINDSTR /I "<your type name comes here>.*vftable"
Xin Huang xinhuang
xinhuang
/ bastion_trap.sh
Created
March 8, 2023 04:11
Automatically log shell command history and output. Put it into /etc/profile.d, then "mkdir -p /var/log/bastion && chmod a+rw /var/log/bastion/"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Check that the SSH client did not supply a command | |
| if [[ -z $SSH_ORIGINAL_COMMAND ]]; then | |
| # /var/log/bastion/YYYY-MM-DD_HH-MM-SS_user | |
| LOG_FILE="`date --date="today" "+%Y-%m-%d_%H-%M-%S"`_`whoami`" | |
| USER_NAME=`whoami` | |
| LOG_DIR="/var/log/bastion/" | |
| # Print a welcome message | |
| echo "-------------------------------------------------------" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import json | |
| import sys | |
| def getKeys(val, old="$"): | |
| if isinstance(val, dict): | |
| for k in val.keys(): | |
| getKeys(val[k], old + "." + str(k)) | |
| elif isinstance(val, list): | |
| for i, k in enumerate(val): |
xinhuang
/ Linux Capabilities
Last active
September 22, 2021 04:24
taken from https://man7.org/linux/man-pages/man7/capabilities.7.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CAP_AUDIT_CONTROL | |
| CAP_AUDIT_WRITE | |
| CAP_BLOCK_SUSPEND | |
| CAP_BPF | |
| CAP_CHECKPOINT_RESTORE | |
| CAP_CHOWN | |
| CAP_DAC_OVERRIDE | |
| CAP_DAC_READ_SEARCH | |
| CAP_FOWNER | |
| CAP_FSETID |
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
xinhuang
/ secopenchroot.c
Created
July 6, 2020 15:20
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * @author Tim Newsham | |
| * use ptrace to bypass seccomp rule against open_handle_at | |
| * and use open_handle_at to get a handle on the REAL root dir | |
| * and then chroot to it. This escapes privileged lxc container. | |
| * gcc -g -Wall secopenchroot.c -o secopenchroot | |
| * ./secopenchroot /tmp "02 00 00 00 00 00 00 00" | |
| * | |
| * assuming that the real root has file handle "02 00 00 00 00 00 00 00" | |
| */ |
xinhuang
/ programmingexcuses
Last active
May 19, 2017 22:13
— forked from orf/gist:db8eb0aaddeea92dfcab
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Don't worry, that value is only wrong half of the time | |
| The unit test doesn't cover that eventuality | |
| There was too little data to bother with the extra functionality at the time | |
| I thought you signed off on that? | |
| The program has never collected that information | |
| That's interesting, how did you manage to make it do that? | |
| Your browser must be caching the old content | |
| Our internet connection must not be working | |
| I couldn't find any examples of how that can be done anywhere online | |
| I thought I fixed that |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Copyright 2006 Rutger E.W. van Beusekom. | |
| // Distributed under the Boost Software License, Version 1.0. (See | |
| // accompanying file LICENSE_1_0.txt or copy at | |
| // http://www.boost.org/LICENSE_1_0.txt) | |
| #ifndef __YAFFUT_H__ | |
| #define __YAFFUT_H__ | |
| #ifdef __GNUC__ | |
| #include <cxxabi.h> |
xinhuang
/ tbb_merge_node.cpp
Created
July 27, 2015 14:57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #pragma once | |
| #pragma warning(disable : 4503) | |
| #include <cassert> | |
| #include <functional> | |
| #include <algorithm> | |
| #include <tbb/tbb.h> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| param( | |
| [switch]$install | |
| ) | |
| function Try-ImportModule($module, [ScriptBlock]$onError) { | |
| try { | |
| Import-Module $module -ErrorAction Stop | |
| } catch { | |
| & $onError | |
| Import-Module $module |
NewerOlder