Skip to content

Instantly share code, notes, and snippets.

View aalex954's full-sized avatar

Alex Fronteddu aalex954

8 followers · 46 following
View GitHub Profile
@thesamesam
thesamesam / xz-backdoor.md
Last active June 18, 2024 23:46
xz-utils backdoor situation (CVE-2024-3094)

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Background

On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that

@tothi
tothi / ms-msdt.MD
Last active April 18, 2024 02:22
The MS-MSDT 0-day Office RCE Proof-of-Concept Payload Building Process

MS-MSDT 0-day Office RCE

MS Office docx files may contain external OLE Object references as HTML files. There is an HTML sceme "ms-msdt:" which invokes the msdt diagnostic tool, what is capable of executing arbitrary code (specified in parameters).

The result is a terrifying attack vector for getting RCE through opening malicious docx files (without using macros).

Here are the steps to build a Proof-of-Concept docx:

  1. Open Word (used up-to-date 2019 Pro, 16.0.10386.20017), create a dummy document, insert an (OLE) object (as a Bitmap Image), save it in docx.
@wulfgarpro
wulfgarpro / jwt_forge.py
Last active January 4, 2024 17:24
HTB "Under Construction" CVE-2015-9235 PoC
"""
CVE-2015-9235 PoC, known as
"JWT HS/RSA key confusion vulnerability".
This PoC was used to solve the HTB challenge
"Under Construction" on HackTheBox (HTB).
USAGE:
==
Token was obtained by logging into the
@totkeks
totkeks / zones-settings.json
Last active March 25, 2024 22:47
FancyZones custom zone sets for ultra wide screen (32:9)
"custom-zone-sets": [
{
"uuid": "{9A822FA5-8F8D-48C3-AC60-6C61B6830AC7}",
"name": "Focus",
"type": "grid",
"info": {
"rows": 1,
"columns": 3,
"rows-percentage": [
10000