Alexander Pick
Alexander Pick
Forgot to mention the working string refs, precompiled windows bins for testing are available on my github page.
Have you compiled the module for SP3 yourself, I don't get this part and which function did you try to decompile?
Is it just in the main or any other functions too?
Got the same issue and just reseted the sub module yara to another tag. Go into `yara-python/yara/` and do a `git reset --hard d5a7565`. Given you have initialized the sub...
I encountered the same error, it seems to happen if the system has certain mitigations enabled. You can review these by using ` Get-ProcessMitigation -System` which will show you the...
`BottomUp,HighEntropy,ForceRelocateImages` for sure. Not looked more deeply into the effect of the others. It's just the list from the hardening 1x1 commonly seems to be used which I rolled back...
Because I needed the functionality I quickly ported it over: https://github.com/alexander-pick/win_driver_plugin In case you like the changes I can try to send a pull request.
You need to do two things to get it work, select another type of access and check the second box with the URL in this view within the application configuration....
You can get the SHARED_PREF_GET_INSTANCE_OFFSET by looking at libapp.so in IDA Pro. If you open the arm64-v8a version of the sample you will find a function named SharedPreferences.getInstance() at offset...
MTGJson made a structural change which was not yet applied to the tool.