Assault Cube Trainer

I recently wanted to explore the world of game hacking, which involves some cool reverse engineering tricks. This is a trainer written in C++.
trainer
Simply uses WriteProcessMemory to write the values into memory of the game.

Download game: https://assault.cubers.net/download.html

Download trainer: https://github.com/OsandaMalith/GameHacking/blob/master/AssaultCube/Hack.7z

Freeze a Computer Using Ruby

When performing illogical ranges in Ruby and converting it to an array it uses 100% memory, disk and CPU which will freeze your computer. I have tested this issue on a Windows 10 64-bit machine. In a 64-bit Ubuntu machine after sometime the process will get killed when the process is out of memory. These types of issues can be caused in most languages, in which it tries to allocate more and more memory. This is a simple example I found in Ruby.

Ruby version:
[code]
ruby 2.3.1p112 (2016-04-26 revision 54768) [x64-mingw32]
[/code]

PoC:
[code language=”ruby”]
(‘malith’..’osanda’).to_a
[/code]

screenshot_3

Fun with SQLite Load_Extension

What is load_extension?

This interface loads an SQLite extension library from the named file.

[code language=”C”]
int sqlite3_load_extension(
sqlite3 *db, /* Load the extension into this database connection */
const char *zFile, /* Name of the shared library containing extension */
const char *zProc, /* Entry point. Derived from zFile if 0 */
char **pzErrMsg /* Put error message here if not 0 */
);
[/code]

More information: https://www.sqlite.org/c3ref/load_extension.html
You can use this function to load a SQLite extension. However by default sqlite3_enable_load_extension() is turned off by default to prevent this in SQL injection attacks. You can read more from here https://www.sqlite.org/c3ref/enable_load_extension.html
The syntax would be
[code language=”sql”]
select load_extension(‘path\dll’, ‘EP’);
[/code]
However this path, const char *zFile can be a SMB share too.
(more…)