https://github.com/secretsquirrel/shmoocon2016

Materials from presentation
https://github.com/secretsquirrel/shmoocon2016

Last synced: about 1 year ago
JSON representation

Materials from presentation

• Host: GitHub
• URL: https://github.com/secretsquirrel/shmoocon2016
• Owner: secretsquirrel
• Created: 2016-01-15T17:39:32.000Z (over 10 years ago)
• Default Branch: master
• Last Pushed: 2016-01-18T17:25:02.000Z (over 10 years ago)
• Last Synced: 2025-04-14T01:09:37.753Z (about 1 year ago)
• Language: C
• Size: 3.29 MB
• Stars: 20
• Watchers: 4
• Forks: 5
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# Shmoocon2016

Materials from the presentation

* See PDF for presentation

## Hunchback and parse

Both files look for a magic number and will then load a payload in memory.

hunchback checks itself for the magic number, executes the payload, then truncates itself (and will pass strict signing checks).

parse looks at another file and will load the payload in memory.

### Payload layout

```[---4 bytes magic number---][---4 bytes magic number ---][--2 bytes payload size--][-----payload-----]```

Use append.py for an example of appending data to a file to match this format.

# Lipocram.py

https://github.com/secretsquirrel/LipoCram

# Kyphosis.py

https://github.com/secretsquirrel/kyphosis