SkyBulk SkyBulk

## imapd_10.234.c
char *mail_auth (char *mechanism,authresponse_t resp,int argc,char *argv[]){
	char tmp[MAILTMPLEN];
	AUTHENTICATOR *auth;

	/* make upper case copy of mechanism name */
	ucase (strcpy (tmp,mechanism));
	for (auth = mailauthenticators; auth; auth = auth->next)
		if (auth->server && !strcmp (auth->name,tmp))
			return (*auth->server) (resp,argc,argv);
	return NIL; /* no authenticator found */

## Shellcode-Process-Injector.c
#include <windows.h>
#include <sys/types.h>
#include <unistd.h>


int main(int argc, char **argv){
	//msfvenom -p windows/exec cmd=calc.exe EXITFUNC=thread -f c -v shellcode

## BH19RegChecker.py
#!/usr/bin/python
#Python script that send your phone number a text as soon as Black Hat 2019 training goes live using Twilio
#The script can be coupled with cronjob that runs every hour or whatever you may see fit

from twilio.rest import Client
import requests

account_sid = '<your Twilio account SID>'
auth_token = '<your Twilio authentication token>'
client = Client(account_sid, auth_token)

## CVE-2019-1215.cpp
/*
The exploit works on 19H1.
It was tested with ntoskrnl version 10.0.18362.295
*/

#include <Windows.h>
#include <stdio.h>
#include <string>
#include <ntstatus.h>
#include <processthreadsapi.h>

## index.html
<div class="mhn-switch">

<label for="switch" class="label">My Screen</label>
<input id="switch" type="checkbox" class="toggle"><label for="switch" class="switch">&nbsp;</label>

<div class="social-media-wrap">
	<div class="social-media">
		<div class="social-dot-wrap">
			<span class="social-dot"></span>
			<span class="social-dot"></span>

## syllabus.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                SkyBulk
                / syllabus.md
            
            
              Last active
              June 17, 2020 21:47
            
              
                software security under x86 , x64, zero day Attacks course windows 10 x64
              
          
    This Is Course Is Under Development skybulkctf@gmail.com


[Fundamentals]


[What is a Vulnerability?]
[What is a Poc (Proof of Conecpt)?]
[What is an Exploit?]
[What is a Zero Day Exploit?]


[Intro to Assembly]


[Data Types and Basic Operations]

[Signed and Unsigned Integers]


[How Are Data Stored in Memory?]


## index.html
<div id="full-stars-example">
    <div class="rating-group">
        <input class="rating__input rating__input--none" name="rating" id="rating-none" value="0" type="radio">
        <label aria-label="No rating" class="rating__label" for="rating-none"><i class="rating__icon rating__icon--none fa fa-ban"></i></label>
        <label aria-label="1 star" class="rating__label" for="rating-1"><i class="rating__icon rating__icon--star fa fa-star"></i></label>
        <input class="rating__input" name="rating" id="rating-1" value="1" type="radio">
        <label aria-label="2 stars" class="rating__label" for="rating-2"><i class="rating__icon rating__icon--star fa fa-star"></i></label>
        <input class="rating__input" name="rating" id="rating-2" value="2" type="radio">
        <label aria-label="3 stars" class="rating__label" for="rating-3"><i class="rating__icon rating__icon--star fa fa-star"></i></label>
        <input class="rating__input" name="rating" id="rating-3" value="3" type="radio" checked>

## GandCrab4.0RemoveTool.cpp
// SALSA20.cpp : �������̨Ӧ�ó������ڵ㡣
//
#include<cryptopp/cryptlib.h>
#include<iostream>
#include<cryptopp/secblock.h> //����SecByteBlock�㷨��ͷ�ļ�
#include<cryptopp/hex.h> //����HexEncoder�㷨��ͷ�ļ�
#include<cryptopp/files.h> //����FileSink�㷨��ͷ�ļ�
#include<cryptopp/osrng.h> //����AutoSeededRandomPool�㷨��ͷ�ļ�
#include<cryptopp/salsa.h> //����Salsa20�㷨��ͷ�ļ�
#include <Windows.h>     //CRYPTO����Ʒ

## browser_security

# Introduction to Use After Free
https://www.purehacking.com/blog/lloyd-simon/an-introduction-to-use-after-free-vulnerabilities


# Asan linux , macOS
https://clang.llvm.org/docs/AddressSanitizer.html
https://github.com/google/sanitizers

# LeakSanitizer  linux , macOS

## aproducer.py
# aproducer.py
#
# Async Producer-consumer problem.
# Challenge: How to implement the same functionality, but no threads.

import time
from collections import deque
import heapq

class Scheduler:
	char mail_auth (char mechanism,authresponse_t resp,int argc,char *argv[]){
	char tmp[MAILTMPLEN];
	AUTHENTICATOR *auth;

	/* make upper case copy of mechanism name */
	ucase (strcpy (tmp,mechanism));
	for (auth = mailauthenticators; auth; auth = auth->next)
	if (auth->server && !strcmp (auth->name,tmp))
	return (*auth->server) (resp,argc,argv);
	return NIL; /* no authenticator found */
	#include <windows.h>
	#include <sys/types.h>
	#include <unistd.h>





	int main(int argc, char **argv){
	//msfvenom -p windows/exec cmd=calc.exe EXITFUNC=thread -f c -v shellcode
	#!/usr/bin/python
	#Python script that send your phone number a text as soon as Black Hat 2019 training goes live using Twilio
	#The script can be coupled with cronjob that runs every hour or whatever you may see fit

	from twilio.rest import Client
	import requests

	account_sid = '<your Twilio account SID>'
	auth_token = '<your Twilio authentication token>'
	client = Client(account_sid, auth_token)
	/*
	The exploit works on 19H1.
	It was tested with ntoskrnl version 10.0.18362.295
	*/

	#include <Windows.h>
	#include <stdio.h>
	#include <string>
	#include <ntstatus.h>
	#include <processthreadsapi.h>
	<div class="mhn-switch">

	<label for="switch" class="label">My Screen</label>
	<input id="switch" type="checkbox" class="toggle"><label for="switch" class="switch"> </label>

	<div class="social-media-wrap">
	<div class="social-media">
	<div class="social-dot-wrap">
	<span class="social-dot"></span>
	<span class="social-dot"></span>
	<div id="full-stars-example">
	<div class="rating-group">
	<input class="rating__input rating__input--none" name="rating" id="rating-none" value="0" type="radio">
	<label aria-label="No rating" class="rating__label" for="rating-none"><i class="rating__icon rating__icon--none fa fa-ban"></i></label>
	<label aria-label="1 star" class="rating__label" for="rating-1"><i class="rating__icon rating__icon--star fa fa-star"></i></label>
	<input class="rating__input" name="rating" id="rating-1" value="1" type="radio">
	<label aria-label="2 stars" class="rating__label" for="rating-2"><i class="rating__icon rating__icon--star fa fa-star"></i></label>
	<input class="rating__input" name="rating" id="rating-2" value="2" type="radio">
	<label aria-label="3 stars" class="rating__label" for="rating-3"><i class="rating__icon rating__icon--star fa fa-star"></i></label>
	<input class="rating__input" name="rating" id="rating-3" value="3" type="radio" checked>
	// SALSA20.cpp : ��̨Ӧ�ó��ڵ㡣
	//
	#include<cryptopp/cryptlib.h>
	#include<iostream>
	#include<cryptopp/secblock.h> //��SecByteBlock�㷨��ͷ�ļ�
	#include<cryptopp/hex.h> //��HexEncoder�㷨��ͷ�ļ�
	#include<cryptopp/files.h> //��FileSink�㷨��ͷ�ļ�
	#include<cryptopp/osrng.h> //��AutoSeededRandomPool�㷨��ͷ�ļ�
	#include<cryptopp/salsa.h> //��Salsa20�㷨��ͷ�ļ�
	#include <Windows.h> //CRYPTO��Ʒ

	# Introduction to Use After Free
	https://www.purehacking.com/blog/lloyd-simon/an-introduction-to-use-after-free-vulnerabilities


	# Asan linux , macOS
	https://clang.llvm.org/docs/AddressSanitizer.html
	https://github.com/google/sanitizers

	# LeakSanitizer linux , macOS
	# aproducer.py
	#
	# Async Producer-consumer problem.
	# Challenge: How to implement the same functionality, but no threads.

	import time
	from collections import deque
	import heapq

	class Scheduler: