Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/secretsquirrel/shmoocon2016
Materials from presentation
https://github.com/secretsquirrel/shmoocon2016
Last synced: 13 days ago
JSON representation
Materials from presentation
- Host: GitHub
- URL: https://github.com/secretsquirrel/shmoocon2016
- Owner: secretsquirrel
- Created: 2016-01-15T17:39:32.000Z (almost 9 years ago)
- Default Branch: master
- Last Pushed: 2016-01-18T17:25:02.000Z (almost 9 years ago)
- Last Synced: 2024-05-02T04:55:15.636Z (7 months ago)
- Language: C
- Size: 3.29 MB
- Stars: 21
- Watchers: 5
- Forks: 5
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Shmoocon2016
Materials from the presentation
* See PDF for presentation
## Hunchback and parse
Both files look for a magic number and will then load a payload in memory.
hunchback checks itself for the magic number, executes the payload, then truncates itself (and will pass strict signing checks).
parse looks at another file and will load the payload in memory.
### Payload layout
```[---4 bytes magic number---][---4 bytes magic number ---][--2 bytes payload size--][-----payload-----]```
Use append.py for an example of appending data to a file to match this format.
# Lipocram.py
https://github.com/secretsquirrel/LipoCram
# Kyphosis.py
https://github.com/secretsquirrel/kyphosis