Skip to content

Instantly share code, notes, and snippets.

View MUWASEC's full-sized avatar
🎯
pop mie; ret

muwa00 MUWASEC

🎯
pop mie; ret
View GitHub Profile
@monoxgas
monoxgas / urbandoor.cs
Created April 10, 2023 22:58
Minimal PoC code for Kerberos Unlock LPE (CVE-2023-21817)
using NtApiDotNet;
using NtApiDotNet.Ndr.Marshal;
using NtApiDotNet.Win32;
using NtApiDotNet.Win32.Rpc.Transport;
using NtApiDotNet.Win32.Security.Authentication;
using NtApiDotNet.Win32.Security.Authentication.Kerberos;
using NtApiDotNet.Win32.Security.Authentication.Kerberos.Client;
using NtApiDotNet.Win32.Security.Authentication.Kerberos.Server;
using NtApiDotNet.Win32.Security.Authentication.Logon;
using System;
@mpgn
mpgn / Scrambled vs NetExec .md
Last active December 20, 2023 14:36
Scrambled vs NetExec for fun and profit by @mpgn_x64

Scrambled vs NetExec

Let pwn the box Scrambled from HackTheBox using only NetExec ! For context, I was reading Scrambled writeup from 0xdf_ when I read this:

smbclient won’t work, and I wasn’t able to get crackmapexec to work either.

To be fair, at the time of his writeup it was true, but not anymore and it's pretty simple with NXC, 5 minutes and you get root :)

Note: I will pass the web part where we get one username : ksimpson

#!/bin/bash
# Decompress a .cpio.gz packed file system
rm -rf ./initramfs && mkdir initramfs
pushd . && pushd initramfs
cp ../initramfs.cpio.gz .
gzip -dc initramfs.cpio.gz | cpio -idm &>/dev/null && rm initramfs.cpio.gz
popd
@mate-h
mate-h / python-reverse-engineering.md
Last active March 26, 2023 01:42
Reverse Engineering Python executable

Reverse engineering

Obtained binaries from Discord server. The download link: https://drive.google.com/file/d/1xPP9R2VKmJ9jwNY_1xf1sVVHlxZIsLcg

Basic information about binaries. There are two main versions of the program in question: aimful-kucoin.exe and aimful-binance.exe. They are both Windows executables. From the FAQ section of the discord server, the following information is available:

In what language was this bot written?

  • Python.
@rqu1
rqu1 / aes.bf
Last active January 11, 2023 23:52
AES-128 in Brainfuck
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
@Jiab77
Jiab77 / simple-multi-threaded-php-web-server.md
Last active September 10, 2023 14:26
An easy way to start the embedded PHP web server with the multi-thread option enabled or simulated when necessary.
@ammarfaizi2
ammarfaizi2 / mem.c
Last active April 28, 2021 16:43
Experiment to replace malloc(3)/calloc(3)/realloc(3)/free(3) with custom allocator 32 byte aligned.
// SPDX-License-Identifier: GPL-2.0
/*
* Experiment to replace malloc(3)/calloc(3)/realloc(3)/free(3) with custom
* allocator 32 byte aligned.
*
* @author Ammar Faizi <ammarfaizi2@gmail.com> https://www.facebook.com/ammarfaizi2
* @license GPL-2.0
*
* gcc -Wall -Wextra -O3 -shared -fPIC mem.c -o mem.so
* LD_PRELOAD=$(pwd)/mem.so your_program
@eSkiSo
eSkiSo / install_oci8_ubuntu20_php7.4.md
Created March 12, 2021 16:05
Install OCI8 (Oracle) in Ubuntu 20 with PHP 7.4
@zmb3
zmb3 / static_cgo.md
Created October 5, 2020 15:45
Compile static binaries for Go programs that leverage Cgo.

In order to compile a fully static binary when using Cgo you'll need to link in a C library like musl.

I find it convenient to have a Docker image ready for building these artifacts.

FROM golang
RUN wget https://www.musl-libc.org/releases/musl-1.2.0.tar.gz && \
   tar -zf musl-1.2.0.tar.gz && \
   cd musl-1.2.0 && \
 ./configure --enable-static --disable-shared &amp;&amp; \
@n4sm
n4sm / auto_unpacker.py
Last active March 20, 2023 08:54
Juste a simple auto unpacker for elf binaries which is using qiling: https://kernemporium.github.io/articles/en/auto_unpacking/m.html
#!/usr/bin/python3
# /*
# * ----------------------------------------------------------------------------
# * "THE BEER-WARE LICENSE" (Revision 42):
# * n4sm wrote this file. As long as you retain this notice you
# * can do whatever you want with this stuff. If we meet some day, and you think
# * this stuff is worth it, you can buy me a beer in return Poul-Henning Kamp
# * ----------------------------------------------------------------------------
# * /