source: https://github.com/hugsy/defcon_27_windbg_workshop/blob/master/windbg_cheatsheet.md
Nguyễn Anh Khoa nganhkhoa
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import lldb | |
| import struct | |
| class Header(): | |
| def __init__(self, b): | |
| fmt = "<IIIIIIII" | |
| fields = struct.unpack(fmt, b) | |
| ( self.magic | |
| , self.cputype | |
| , self.cpusubtype |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import binaryninja as bn | |
| def endianness(bv: bn.BinaryView): | |
| if bv.endianness.value == 0: | |
| return "little" | |
| else: | |
| return "big" | |
| def read_pointer(bv: bn.BinaryView, addr): | |
| buffer = bv.read(addr, bv.address_size) |
nganhkhoa
/ z3_sample.py
Created
August 23, 2020 12:54
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from z3 import * | |
| flag = [BitVec(f'flag_{i:02}', 8) for i in range()] | |
| s = Solver() | |
| s.add() | |
| s.check() | |
| m = s.model() |
nganhkhoa
/ windbg_cheatsheet.md
Created
August 23, 2020 12:51
nganhkhoa
/ jni_all.h
Created
July 24, 2020 05:25
— forked from Jinmo/jni_all.h
Useful when reversing JNI on IDA Pro
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * Copyright (c) 1996, 1998, Oracle and/or its affiliates. All rights reserved. | |
| * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. | |
| * | |
| * This code is free software; you can redistribute it and/or modify it | |
| * under the terms of the GNU General Public License version 2 only, as | |
| * published by the Free Software Foundation. Oracle designates this | |
| * particular file as subject to the "Classpath" exception as provided | |
| * by Oracle in the LICENSE file that accompanied this code. | |
| * |
nganhkhoa
/ stop-using-jwts.md
Created
December 3, 2019 15:47
— forked from samsch/stop-using-jwts.md
Stop using JWTs
TLDR: JWTs should not be used for keeping your user logged in. They are not designed for this purpose, they are not secure, and there is a much better tool which is designed for it: regular cookie sessions.
If you've got a bit of time to watch a presentation on it, I highly recommend this talk: https://www.youtube.com/watch?v=pYeekwv3vC4 (Note that other topics are largely skimmed over, such as CSRF protection. You should learn about other topics from other sources. Also note that "valid" usecases for JWTs at the end of the video can also be easily handled by other, better, and more secure tools. Specifically, PASETO.)
A related topic: Don't use localStorage (or sessionStorage) for authentication credentials, including JWT tokens: https://www.rdegges.com/2018/please-stop-using-local-storage/
The reason to avoid JWTs comes down to a couple different points:
- The JWT specification is specifically designed only for very short-live tokens (~5 minute or less). Sessions
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ########################################################################### | |
| # THIS IS A PERSONAL BASHRC AND SHOULD BE SOURCED BY THE ORIGINAL .BASHRC # | |
| ########################################################################### | |
| export PRE_PATH=`echo $PATH` | |
| # Predefiend {{{ | |
| # source $HOME/z.sh # use z.lue instead, see below | |
| export APP_DIR="$HOME/APP" | |
| export SECURITY_DIR="$HOME/SECURITY" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require "bit_array" | |
| IP_table = [ | |
| [58, 50, 42, 34, 26, 18, 10, 2], | |
| [60, 52, 44, 36, 28, 20, 12, 4], | |
| [62, 54, 46, 38, 30, 22, 14, 6], | |
| [64, 56, 48, 40, 32, 24, 16, 8], | |
| [57, 49, 41, 33, 25, 17, 9 , 1], | |
| [59, 51, 43, 35, 27, 19, 11, 3], | |
| [61, 53, 45, 37, 29, 21, 13, 5], |
- Put theme in
data/wordpress/wp-content/themes. - Put plugin in
data/wordpress/wp-content/plugins. - Copy your old
wp-content/uploadstodata/wordpress/wp-content/uploads. - Search every string in
mysql/wordpress.sqlfor the link of the server and replace it with your server. - Change the username and password of database, and database of wordpress, in
docker-compose.yml.
nganhkhoa
/ openssl_commands.md
Created
July 9, 2018 14:00
— forked from p3t3r67x0/openssl_commands.md
Some list of openssl commands for check and verify your keys
NewerOlder