pocorgtfo
binbloom
pocorgtfo | binbloom | |
---|---|---|
7 | 3 | |
1,223 | 454 | |
- | 0.0% | |
5.8 | 10.0 | |
3 months ago | over 1 year ago | |
TeX | C | |
- | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pocorgtfo
-
MIPS Firmware Reverse Engineering - anyone having any success using Ghidra for this?
Your best bet here is to get the base address nailed down (assuming it’s a flat/monolithic image). There are a handful of utilities floating around (binbloom, basefind2) that use various pointer heuristics to try to guess the base address. There’s also a nice trick detailed in PoC||GTFO that you can use pretty reliably.
- Image displays its own MD5 hash
- Gitlab servers are being exploited in DDoS attacks in excess of 1 Tbps
-
smh dumb antivirus software
execute the pdf: https://github.com/angea/pocorgtfo
-
SHA-1 'Fully and Practically Broken' by New Collision
1) People systematically underestimate how easy it is to create collisions that still do something "interesting", like being polyglots. See PoC||GTFO, specifically anything by Ange Albertini, for examples; grep https://github.com/angea/pocorgtfo/blob/master/README.md for "MD5".
1bis) You can use an existing collision to create new collisions. People seem to think you need to generate all the work again from scratch.
1cis) The files do not need to be gigantic.
2) You can do the collision in advance, and publish the malicious version later. What it accomplishes is that the concept of "this Git hash unambiguously specifies a revision" no longer works, and one of them can be malicious.
3) The standard should be "obviously safe beyond a reasonable doubt", not "not obviously unsafe to a non-expert". By the latter standard, pretty much any random encryption construction is fine.
-
Show HN: Redbean: single-file distributable web server
If you want to learn more how these things work I'd highly suggest going through the PoC||GTFO archive (https://github.com/angea/pocorgtfo/blob/master/README.md) and check out entries by Ange Albertini or entries named like "This ZIP is also a PDF".
binbloom
-
small script for quickly finding the base address of a firmware image by matching strings with pointer targets
You can check https://github.com/quarkslab/binbloom which has advanced methods to find base addresses.
-
Short Guide to Loading Legacy U-Boot Images in Ghidra (How to Determine CONFIG_SYS_BASE_ADDR)
Never tried it yet, but heard of it few times, so might worth to give it a try: https://github.com/quarkslab/binbloom
-
MIPS Firmware Reverse Engineering - anyone having any success using Ghidra for this?
Your best bet here is to get the base address nailed down (assuming it’s a flat/monolithic image). There are a handful of utilities floating around (binbloom, basefind2) that use various pointer heuristics to try to guess the base address. There’s also a nice trick detailed in PoC||GTFO that you can use pretty reliably.
What are some alternatives?
gitlab-workhorse
allyourbase - Finds the base address of a firmware by comparing string addresses with target pointer addresses
polyshell - A Bash/Batch/PowerShell polyglot!
BaseAddressDiscoverererer - A python3 script for generating a list of possible base addresses given a raw binary program
exiftool - ExifTool meta information reader/writer
ghidra - Ghidra is a software reverse engineering (SRE) framework
RedBean - ORM layer that creates models, config and database on the fly
rizin - UNIX-like reverse engineering framework and command-line toolset.
Judge0 API - 🔥 The most advanced open-source online code execution system in the world.
basefind2 - A faster firmware base address scanner.
sha1collisiondetection - Library and command line tool to detect SHA-1 collision in a file
Metasploit - Metasploit Framework