verb 3
- cipher AES-128-CBC
+ data-ciphers-fallback AES-128-CBC
+ data-ciphers AES-256-CBC:AES-256-CFB:AES-256-CFB1:AES-256-CFB8:AES-256-OFB:AES-256-GCM
+ tls-cipher "DEFAULT:@SECLEVEL=0"
auth SHA256
adityatelange
/ PowerView-3.0-tricks.ps1
Created
March 18, 2023 05:24
— forked from HarmJ0y/PowerView-3.0-tricks.ps1
PowerView-3.0 tips and tricks
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/ | |
| # tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c | |
| # the most up-to-date version of PowerView will always be in the dev branch of PowerSploit: | |
| # https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1 | |
| # New function naming schema: | |
| # Verbs: | |
| # Get : retrieve full raw data sets | |
| # Find : ‘find’ specific data entries in a data set |
adityatelange
/ 12.0.0_r42-to-12.0.0_r43.diff.txt
Created
January 28, 2023 12:45
Contains patch commits for AOSP 12 January 2023 ASB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| project build/make/ | |
| f6d99e9 Version bump to SSV1.210916.052 [core/build_id.mk] | |
| 6f6a416 Version bump to SSV1.210916.051 [core/build_id.mk] | |
| project frameworks/base/ | |
| 4bdc1bb0 Merge cherrypicks of [18589618, 19970204, 19785208, 20123964, 20207735, 20215497, 20218918, 20029947, 20250994, 20241730, 20105848, 20210471, 20256127, 20191680, 20219552] into security-aosp-sc-release. | |
| d7206ac5 Ensure that only SysUI can override pending intent launch flags | |
| 53bf3f19 Fix sharing to another profile where an app has multiple targets | |
| e8ce3813 Add protections against queueing a UsbRequest when the underlying UsbDeviceConnection is closed. | |
| 0004ae99 RESTRICT AUTOMERGE Revoke SYSTEM_ALERT_WINDOW on upgrade past api 23 |
adityatelange
/ fetch_Vercel_Serverless.js
Created
June 29, 2022 13:40
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const fetch = (...args) => import('node-fetch').then(({ default: fetch }) => fetch(...args)); | |
| // The main, exported, function of the endpoint, | |
| // dealing with the request and subsequent response | |
| module.exports = async (req, res) => { | |
| const url = req.query.url || req.body.url; | |
| const res = await fetch(url, { | |
| method: 'GET', | |
| }); | |
| // Store fetched HTML in data |
adityatelange
/ distccd_rce_CVE-2004-2687.py
Last active
May 31, 2022 17:59
— forked from DarkCoderSc/distccd_rce_CVE-2004-2687.py
(CVE-2004-2687) DistCC Daemon - Command Execution (Python)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- coding: utf-8 -*- | |
| ''' | |
| distccd v1 RCE (CVE-2004-2687) | |
| This exploit is ported from a public Metasploit exploit code : | |
| https://www.exploit-db.com/exploits/9915 | |
| The goal of that script is to avoid using Metasploit and to do it manually. (OSCP style) |
adityatelange
/ hackthebox-writeups-download.py
Created
May 31, 2022 03:05
This script helps VIP users download all the write-ups from HTB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests, time | |
| print('Beginning file download with requests') | |
| # get app token here https://app.hackthebox.com/profile/settings | |
| token = '' | |
| def downloadWU(x): | |
| url = 'https://www.hackthebox.com/api/v4/machine/writeup/{}'.format(x) | |
| r = requests.get(url, |
adityatelange
/ bucket-disclose.sh
Created
May 3, 2022 11:01
— forked from fransr/bucket-disclose.sh
Using error messages to decloak an S3 bucket. Uses soap, unicode, post, multipart, streaming and index listing as ways of figure it out. You do need a valid aws-key (never the secret) to properly get the error messages
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Written by Frans Rosén (twitter.com/fransrosen) | |
| _debug="$2" #turn on debug | |
| _timeout="20" | |
| #you need a valid key, since the errors happens after it validates that the key exist. we do not need the secret key, only access key | |
| _aws_key="AKIA..." | |
| H_ACCEPT="accept-language: en-US,en;q=0.9,sv;q=0.8,zh-TW;q=0.7,zh;q=0.6,fi;q=0.5,it;q=0.4,de;q=0.3" | |
| H_AGENT="user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36" |
adityatelange
/ kaybase.md
Created
March 23, 2022 10:24
I hereby claim:
- I am adityatelange on github.
- I am adityatelange (https://keybase.io/adityatelange) on keybase.
- I have a public key ASAPjpx_hEt4hat11Y1WiZdvF0ipW31FMyoQsXqtPTWrOAo
To claim this, I am signing this object:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| url=$(wget -O- -q https://api.github.com/repos/cli/cli/releases/latest | grep browser_download_url | cut -d '"' -f 4 | grep "linux_amd64.deb") | |
| # url=$(wget -O- -q --header="Authorization: token xyzABC" https://api.github.com/repos/cli/cli/releases/latest | grep browser_download_url | cut -d '"' -f 4 | grep "linux_amd64.deb") | |
| version=$(echo $url | cut -d '/' -f 8 | cut -d 'v' -f 2) | |
| name=$(echo $url | cut -d '/' -f 9) | |
| checksums_url="https://github.com/cli/cli/releases/download/v${version}/gh_${version}_checksums.txt" | |
| installed_ver=$(gh version | cut -d " " -f 3 | cut -d "h" -f 1) |
adityatelange
/ Qemu-KVM-shrink+compress.MD
Created
January 23, 2022 10:53
— forked from nimbosa/Qemu-KVM-shrink+compress.MD
shrink + compress virtual disk image in Qemu/KVM
originally from Martin Kopta's blog
In order to shrink virtual disk of your virtual machine (process called disk space reclamation) in Qemu/KVM, you can go with following. In your running virtual machine, fill all remaining empty space with zeroes. Then, shut down virtual machine and convert the disk image from original format to the same format (esentially doing nothing). In the process of conversion, Qemu will skip the zeroes and save you some space. You can even add some compression to save even more space.
root@vm# dd if=/dev/zero of=/file
root@vm# rm /file
NewerOlder