PoC YARA Exploits

3.7.1 32 bit using CVE-2018-12034 and CVE-2018-12035 (write-up).
3.8.1 32 bit using CVE-2018-19974, CVE-2018-19975 and CVE-2018-19976 (write-up)

YARASM Syntax Highlighting for VSCode

Install by copying yarasm-syntax folder to %USERPROFILE%\.vscode\extensions\

Usage

usage: build.py [-h] [-y YARA_ASM] [-v {3.8.1,3.7.1}] [-o OUTPUT]

optional arguments:
  -h, --help            show this help message and exit
  -y YARA_ASM, --yara-asm YARA_ASM
                        yara asm file, defaults to "extracheese.yarasm"
  -v {3.8.1,3.7.1}, --target-version {3.8.1,3.7.1}
                        yara version
  -o OUTPUT, --output OUTPUT
                        defaults to "extracheese.rule"

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
yarasm-syntax		yarasm-syntax
.gitignore		.gitignore
README.md		README.md
assembler.py		assembler.py
build.py		build.py
example.gif		example.gif
example2.gif		example2.gif
extracheese.rule		extracheese.rule
extracheese.yarasm		extracheese.yarasm
gadgets.md		gadgets.md
op_offset_poc.rule		op_offset_poc.rule
op_offset_poc.yarasm		op_offset_poc.yarasm
requirements.txt		requirements.txt
swisscheese.rule		swisscheese.rule
swisscheese.yarasm		swisscheese.yarasm
yara.bt		yara.bt
yara_hash.py		yara_hash.py
yara_types.py		yara_types.py

bnbdr/swisscheese

Folders and files

Latest commit

History

Repository files navigation

PoC YARA Exploits

YARASM Syntax Highlighting for VSCode

Usage

About

Topics

Resources

Stars

Watchers

Forks

Languages