Skip to content

Instantly share code, notes, and snippets.

View skywalker365's full-sized avatar

skywalker365

0 followers · 5 following
View GitHub Profile
@skywalker365
skywalker365 / 01-reversing-cisco-ios-raw-binary-firmware-images-with-ghidra.md
Created October 16, 2022 08:53 — forked from nstarke/01-reversing-cisco-ios-raw-binary-firmware-images-with-ghidra.md
Reversing Cisco IOS Raw Binary Firmware Images with Ghidra

Reversing Raw Binary Firmware Files in Ghidra

This brief tutorial will show you how to go about analyzing a raw binary firmware image in Ghidra.

Prep work in Binwalk

I was recently interested in reversing some older Cisco IOS images. Those images come in the form of a single binary blob, without any sort of ELF, Mach-o, or PE header to describe the binary.

While I am using Cisco IOS Images in this example, the same process should apply to other Raw Binary Firmware Images.

@skywalker365
skywalker365 / gdb-trace.py
Created October 13, 2022 12:44 — forked from quark-zju/gdb-trace.py
Trace all function calls using gdb
#!/usr/bin/env python
try:
import gdb
inside_gdb = True
except ImportError:
inside_gdb = False
if inside_gdb:
@skywalker365
skywalker365 / ecdh_eke.py
Created September 28, 2022 15:14 — forked from byt3bl33d3r/ecdh_eke.py
ECDH Encrypted Key Exchange (Python 3.6+)
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes, padding
from cryptography.hazmat.primitives.asymmetric import ec
from cryptography.hazmat.primitives.kdf.hkdf import HKDF
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from secrets import token_bytes
class DiffieHellman:
def __init__(self):
@skywalker365
skywalker365 / mount_qcow2.md
Created September 19, 2022 14:56 — forked from shamil/mount_qcow2.md
How to mount a qcow2 disk image

How to mount a qcow2 disk image

This is a quick guide to mounting a qcow2 disk images on your host server. This is useful to reset passwords, edit files, or recover something without the virtual machine running.

Step 1 - Enable NBD on the Host

modprobe nbd max_part=8