ablescia
/ CVE-2026-3143-detection.sh
Last active
May 3, 2026 18:05
CVE-2026-31431 - Detection script
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # --- Configuration --- | |
| LOG_FILE="/var/log/kern.log" | |
| TEMP_SUID_LIST="/tmp/suid_binaries.txt" | |
| echo "--- [ CVE-2026-31431 - Copy Fail Detection ] ---" | |
| # 1. Dynamic Search for root SUID binaries | |
| echo "[*] Scanning system for root SUID binaries (Attack Surface)..." |
ablescia
/ motw_doc_macro_block.ps1
Created
September 22, 2023 09:34
Word-Excel block document with macro from internet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| Author: Antonio Blescia @ CYS4 & NoCommentLab (TheThMando) | |
| Date: 2022-07-12 | |
| Description: | |
| This PowerShell script blocks Word documents and Excel files that contain macro and comes from Internet. | |
| The Mark-of-the-Web is a NTFS ADS (Alternate Data Stream) that permits to Windows to detect which file is downloaded. | |
| If you are sure that the author and the source are legit, you can Unblock the file by selecting the "Property" menu from Windows Explorer" | |
| #> | |
| $STRING_OutputFilePath = "$env:TEMP\admintemplates_x64_5287-1000_en-us.exe" | |
| $vSTRING_OfficeApplication = @("word", "excel") |