rbmm rbmm

284 followers · 0 following

View GitHub Profile

Recently created

Least recently created

Recently updated

Least recently updated

rbmm / gist:5108df1be88a7c70e734e7121ea86a1f

Created February 11, 2026 07:56

	NTSTATUS GenDHKey(_Out_ BCRYPT_KEY_HANDLE* phKey)
	{
	NTSTATUS status;
	BCRYPT_ALG_HANDLE hAlgorithm;

	if (0 <= (status = BCryptOpenAlgorithmProvider(&hAlgorithm, BCRYPT_DH_ALGORITHM, 0, 0)))
	{
	BCRYPT_KEY_HANDLE hKey;

	status = BCryptGenerateKeyPair(hAlgorithm, &hKey, 0, 0);

rbmm / gist:d7418d854594e2ec71d4464da4f8df07

Created November 28, 2025 08:06

	void TestDllReloc()
	{
	if (HMODULE hmod = GetModuleHandleW(L"kernel32.dll"))
	{
	STARTUPINFOW si = { sizeof(si) };
	PROCESS_INFORMATION pi;
	WCHAR cmd[] = L"notepad.exe";
	if (CreateProcessW(0, cmd, 0, 0, FALSE, CREATE_SUSPENDED, 0, 0, &si, &pi))
	{
	VirtualAllocEx(pi.hProcess, hmod, 1, MEM_RESERVE, PAGE_NOACCESS);

rbmm / gist:40528e3add769160e3964cc121af0aca

Created September 22, 2025 11:57

	struct TPARAMS
	{
	HANDLE hEvent;
	PNT_TIB Tib;
	ULONG_PTR LowLimit, HighLimit;
	};

	ULONG WINAPI TestThread(TPARAMS* param)
	{
	param->Tib = reinterpret_cast<PNT_TIB>(NtCurrentTeb());

rbmm / gist:4c0a51842251904deba3907e4ace6856

Last active August 7, 2025 22:15

	void ght(PCWSTR lpMachineName)
	{
	HKEY hKey, hk;
	if (NOERROR == RegConnectRegistry(lpMachineName, HKEY_USERS, &hKey))
	{
	ULONG i = 0;
	WCHAR name[SECURITY_MAX_SID_STRING_CHARACTERS + 32];
	ULONG cch;
	LONG status;
	while (ERROR_NO_MORE_ITEMS != (status = RegEnumKeyExW(hKey, i++, name, &(cch = SECURITY_MAX_SID_STRING_CHARACTERS), 0, 0, 0, 0)))

rbmm / gist:d586f56d512c732b84712c32125c2cc5

Created July 29, 2025 14:00

	NTSTATUS CreateMountPoint(POBJECT_ATTRIBUTES poa, PCWSTR SubstituteName, PCWSTR PrintName)
	{
	NTSTATUS status = STATUS_INTERNAL_ERROR;
	PREPARSE_DATA_BUFFER prdb = 0;
	int len = 0;
	PWSTR PathBuffer = 0;
	ULONG cb = 0;

	while (0 < (len = _snwprintf(PathBuffer, len, L"%ws%c%ws", SubstituteName, 0, PrintName)))
	{

rbmm / gist:db2f8bfe0b22d768242eef895a399038

Last active July 28, 2025 19:01

	NTSTATUS CreateMountPoint(POBJECT_ATTRIBUTES poa, PCWSTR SubstituteName, PCWSTR PrintName)
	{
	NTSTATUS status = STATUS_INTERNAL_ERROR;
	PREPARSE_DATA_BUFFER prdb = 0;
	int len = 0;
	PWSTR PathBuffer = 0;
	ULONG cb = 0;

	while (0 < (len = _snwprintf(PathBuffer, len, L"%ws%c%ws", SubstituteName, 0, PrintName)))
	{

rbmm / gist:5270762167c5053a00b70f6760f980d6

Created July 28, 2025 18:28

	inline HANDLE fixH(HANDLE hFile)
	{
	return hFile == INVALID_HANDLE_VALUE ? 0 : hFile;
	}

	NTSTATUS CreateMountPoint(PCWSTR pszFileName, PCWSTR SubstituteName, PCWSTR PrintName)
	{
	NTSTATUS status = STATUS_INTERNAL_ERROR;
	PREPARSE_DATA_BUFFER prdb = 0;
	int len = 0;

rbmm / gist:da51ff407c86d3ede348689de0d11725

Created July 28, 2025 16:56

	NTSTATUS CreateReparse(ULONG ReparseTag, PCWSTR pszFileName, PCWSTR SubstituteName, PCWSTR PrintName)
	{
	NTSTATUS status;
	PREPARSE_DATA_BUFFER prdb = 0;
	int len = 0;
	PWSTR PathBuffer = 0;
	ULONG cb = 0;

	UNICODE_STRING ObjectName;

rbmm / gist:b2d053a5b0a226c123951bb43e9a13ff

Created July 25, 2025 07:55

	NTSTATUS CreateReparse(PCWSTR pszFileName, PCWSTR SubstituteName, PCWSTR PrintName)
	{
	NTSTATUS status;
	PREPARSE_DATA_BUFFER prdb = 0;
	int len = 0;
	PWSTR PathBuffer = 0;
	ULONG cb = 0;

	while (0 < (len = _snwprintf(PathBuffer, len, L"%ws%c%ws", SubstituteName, 0, PrintName)))
	{

rbmm / gist:8f49c14f5491438de835a83e75d17e8e

Created July 25, 2025 07:52

	BOOL InternalDeleteFileW(_In_ PCWSTR lpFileName)
	{
	union {
	FILE_ATTRIBUTE_TAG_INFORMATION attr;
	FILE_DISPOSITION_INFORMATION_EX fdi;
	};

	UNICODE_STRING ObjectName;
	NTSTATUS status = RtlDosPathNameToNtPathName_U_WithStatus(lpFileName, &ObjectName, 0, 0);

NewerOlder