Learning Rust
Getting Started + Installation | Cheat Sheet
tothi
/ ms-msdt.MD
Last active
May 10, 2023 12:34
The MS-MSDT 0-day Office RCE Proof-of-Concept Payload Building Process
View ms-msdt.MD
MS-MSDT 0-day Office RCE
MS Office docx files may contain external OLE Object references as HTML files. There is an HTML sceme "ms-msdt:" which invokes the msdt diagnostic tool, what is capable of executing arbitrary code (specified in parameters).
The result is a terrifying attack vector for getting RCE through opening malicious docx files (without using macros).
Here are the steps to build a Proof-of-Concept docx:
- Open Word (used up-to-date 2019 Pro, 16.0.10386.20017), create a dummy document, insert an (OLE) object (as a Bitmap Image), save it in docx.
jinschoi
/ create_sub.py
Last active
May 24, 2023 17:48
Python script to generate Flipper RAW .sub files from OOK bitstreams
View create_sub.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| from typing import Iterable, Union, Any | |
| # freq: frequency in Hz | |
| # zerolen: length of space bit in μs | |
| # onelen: length of mark bit in μs | |
| # repeats: number of times to repeat sequence | |
| # pause: time to wait in μs between sequences | |
| # bits: string of ones and zeros to represent sequence |
jordanwiseman
/ obsidian-web-clipper.js
Last active
February 24, 2023 11:46
— forked from kepano/obsidian-web-clipper.js
Obsidian Web Clipper Bookmarklet to save articles and pages from the web (for Safari, Chrome, Firefox, and mobile browsers)
View obsidian-web-clipper.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| javascript: Promise.all([import('https://unpkg.com/turndown@6.0.0?module'), import('https://unpkg.com/@tehshrike/readability@0.2.0'), ]).then(async ([{ | |
| default: Turndown | |
| }, { | |
| default: Readability | |
| }]) => { | |
| /* Optional vault name */ | |
| const vault = ""; | |
| /* Optional folder name such as "Clippings/" */ |
eshrinivasan
/ Check Angular or React Version from Browser
Last active
August 23, 2022 09:00
View Check Angular or React Version from Browser
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Check angular version from browser | |
| 1. From Browser console: | |
| Newer angular version: | |
| — | |
| >> getAllAngularRootElements()[0].attributes["ng-version"]; | |
View mainc.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Windows.h> | |
| LONG SingleStepEncryptDecrypt(EXCEPTION_POINTERS* ExceptionInfo); | |
| typedef VOID(__stdcall* Shellcode)(); | |
| LPBYTE ShellcodeBuffer; | |
| ULONG_PTR PreviousOffset; | |
| ULONG_PTR CurrentOffset; | |
| ULONGLONG InstructionCount; | |
| DWORD dwOld; |
View rc4_dec.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This script can be used for malware samples that used Base64+RC4. | |
| # python3 rc4_decrypt.py <key> <base64-ciphertext> | |
| import codecs | |
| import base64 | |
| import sys | |
| key = sys.argv[1] | |
| c = base64.b64decode(sys.argv[2]) | |
| def KSA(key): |
xpn
/ dotnet_etw.c
Created
March 16, 2020 19:25
A demo of how to collect information on basic .NET events from ETW.
View dotnet_etw.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #define AssemblyDCStart_V1 155 | |
| #define MethodLoadVerbose_V1 143 | |
| #include <windows.h> | |
| #include <stdio.h> | |
| #include <wbemidl.h> | |
| #include <wmistr.h> | |
| #include <evntrace.h> | |
| #include <Evntcons.h> |
ahhh
/ msfconsole.rc
Created
February 25, 2020 09:02
example msfconsole.rc from red team planning book
View msfconsole.rc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| spool /root/.msf4/spool.log | |
| setg ConsoleLogging true | |
| setg verbose true | |
| setg LogLevel 5 | |
| setg SessionLogging true | |
| setg TimestampOutput true | |
| setg PromptTimeFormat %Y%m%d.%H%M%S%z | |
| setg PROMPT %T S:%S J:%J | |
| setg ExitOnSession false | |
| setg DisableCourtesyShell true |
Peredery
/ Fix_gpg_Mac_OS_error.md
Created
March 22, 2019 12:27
FIX - gpg failed to sign the data fatal: failed to write commit object
View Fix_gpg_Mac_OS_error.md
FIX - gpg failed to sign the data fatal: failed to write commit object
For MacOS | Mojave | High Sierra
Step 1 - Upgrade current gpg
brew upgrade gnupg
Step 2 - Install pinentry-mac
NewerOlder