Skip to content

Instantly share code, notes, and snippets.

View M31N99's full-sized avatar

M31N99

38 followers · 118 following
View GitHub Profile
@M31N99
M31N99 / eternalblue8_exploit.py
Created May 18, 2017 05:52 — forked from worawit/eternalblue8_exploit.py
Eternalblue exploit for Windows 8/2012
#!/usr/bin/python
from impacket import smb
from struct import pack
import os
import sys
import socket
'''
EternalBlue exploit for Windows 8 and 2012 by sleepya
The exploit might FAIL and CRASH a target system (depended on what is overwritten)
@M31N99
M31N99 / eternalblue7_exploit.py
Created May 18, 2017 05:51 — forked from worawit/eternalblue7_exploit.py
Eternalblue exploit for Windows 7/2008
#!/usr/bin/python
from impacket import smb
from struct import pack
import os
import sys
import socket
'''
EternalBlue exploit for Windows 7/2008 by sleepya
The exploit might FAIL and CRASH a target system (depended on what is overwritten)
@M31N99
M31N99 / ttf2woff2.md
Created February 10, 2017 09:19 — forked from sergejmueller/ttf2woff2.md
WOFF 2.0 – Learn more about the next generation Web Font Format and convert TTF to WOFF2
@M31N99
M31N99 / pps.sh
Created October 24, 2016 08:20 — forked from pavel-odintsov/pps.sh
pps.sh for habrahabr
#!/bin/bash
INTERVAL="1" # update interval in seconds
if [ -z "$1" ]; then
echo
echo usage: $0 [network-interface]
echo
echo e.g. $0 eth0
echo
@M31N99
M31N99 / intercept-https-with-python-mitmproxy.md
Created June 28, 2016 10:31 — forked from dannvix/intercept-https-with-python-mitmproxy.md
Intercept and manipulate HTTPs traffic with Python and mitmproxy

Intercepts HTTPs Traffic with Python & mitmproxy

Warning

This Gist is created in 2014, and it's highliy outdated now, according to one of mitmproxy's manjor contributor (check his comment below). Thanks for letting us know, @mhils!

Introduction

Modern applications usually make use of back-end API servers to provide their services. With a non-transparent HTTPs proxy, which intercepts the communication between clients and servers (aka the man-in-the-middle scheme), you can easily manipulate both API requests and responses.

@M31N99
M31N99 / rtcp.py
Last active August 29, 2015 14:19 — forked from tnt1200/rtcp.py
# -*- coding: utf-8 -*-
'''
filename:rtcp.py
@desc:
利用python的socket端口转发,用于远程维护
如果连接不到远程,会sleep 36s,最多尝试200(即两小时)
@usage:
./rtcp.py stream1 stream2
@M31N99
M31N99 / proxy_s5.py
Last active August 29, 2015 14:19 — forked from yaonie/proxy_s5.py
#!/usr/bin/python
# Filename s5.py
# Python Dynamic Socks5 Proxy
# Usage: python s5.py 1080
# Background Run: nohup python s5.py 1080 &
# Email: ringzero@557.im
import socket, sys, select, SocketServer, struct, time
class ThreadingTCPServer(SocketServer.ThreadingMixIn, SocketServer.TCPServer): pass
@M31N99
M31N99 / newpid.c
Last active August 29, 2015 14:19 — forked from taviso/newpid.c
#define _GNU_SOURCE
#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <fcntl.h>
#include <signal.h>
#include <elf.h>
#include <err.h>
#include <syslog.h>
#include <sched.h>
@M31N99
M31N99 / raceabrt.c
Last active August 29, 2015 14:19 — forked from taviso/raceabrt.c
#include <stdlib.h>
#include <unistd.h>
#include <stdbool.h>
#include <stdio.h>
#include <signal.h>
#include <err.h>
#include <string.h>
#include <alloca.h>
#include <limits.h>
#include <sys/inotify.h>
@M31N99
M31N99 / cve-2015-0240_samba_exploit.py
Last active August 29, 2015 14:19 — forked from worawit/cve-2015-0240_samba_exploit.py
#!/usr/bin/python
"""
Exploit for Samba vulnerabilty (CVE-2015-0240) by sleepya
The exploit only targets vulnerable x86 smbd <3.6.24 which 'creds' is controlled by
ReferentID field of PrimaryName (ServerName). That means '_talloc_zero()'
in libtalloc does not write a value on 'creds' address.
Reference:
- https://securityblog.redhat.com/2015/02/23/samba-vulnerability-cve-2015-0240/