Aiden Mitchell aidenmitchell

## ms-msdt.MD

      
              1 file
            
          
              56 forks
            
          
              24 comments
            
          
              154 stars
            
          
                tothi
                / ms-msdt.MD
            
            
              Last active
              April 18, 2024 02:22
            
              
                The MS-MSDT 0-day Office RCE Proof-of-Concept Payload Building Process
              
          
    MS-MSDT 0-day Office RCE

MS Office docx files may contain external OLE Object references as HTML files. There is an HTML sceme "ms-msdt:" which invokes the msdt diagnostic tool, what is capable of executing arbitrary code (specified in parameters).
The result is a terrifying attack vector for getting RCE through opening malicious docx files (without using macros).
Here are the steps to build a Proof-of-Concept docx:

Open Word (used up-to-date 2019 Pro, 16.0.10386.20017), create a dummy document, insert an (OLE) object (as a Bitmap Image), save it in docx.


## gist:6af5bf3acaf25c00dd938c3bbe722cc1
# YouTube (english) : https://www.youtube.com/watch?v=FtU2_bBfSgM
# YouTube (french) : https://www.youtube.com/watch?v=VjnaVBnERDU

#
# On your laptop, connect to the Mac instance with SSH (similar to Linux instances)
#
ssh -i <your private key.pem> ec2-user@<your public ip address>

#
# On the Mac

## camera.py
import cv2
import imutils
import time

cap = cv2.VideoCapture(0)
ret, frame = cap.read()

def takePicture():
    (grabbed, frame) = cap.read()
    showimg = frame

## discord-webhook.js
// node.js versions pre-v0.18.0 do not support the fetch api and require a polyfill
// const fetch = require('node-fetch');
fetch(
  'https://discordapp.com/api/webhooks/738983040323289120/mzhXrZz0hqOuUaPUjB_RBTE8XJUFLe8fe9mgeJjQCaxjHX14c3SW3ZR199_CDEI-xT56',
  {
    method: 'post',
    headers: {
      'Content-Type': 'application/json',
    },
    body: JSON.stringify({

## how-to-squash-commits-in-git.md

      
              1 file
            
          
              81 forks
            
          
              18 comments
            
          
              383 stars
            
          
                patik
                / how-to-squash-commits-in-git.md
            
            
              Last active
              October 17, 2023 02:19
            
              
                How to squash commits in git
              
          
    Squashing Git Commits

The easy and flexible way

This method avoids merge conflicts if you have periodically pulled master into your branch. It also gives you the opportunity to squash into more than 1 commit, or to re-arrange your code into completely different commits (e.g. if you ended up working on three different features but the commits were not consecutive).
Note: You cannot use this method if you intend to open a pull request to merge your feature branch. This method requires committing directly to master.
Switch to the master branch and make sure you are up to date:
	# YouTube (english) : https://www.youtube.com/watch?v=FtU2_bBfSgM
	# YouTube (french) : https://www.youtube.com/watch?v=VjnaVBnERDU

	#
	# On your laptop, connect to the Mac instance with SSH (similar to Linux instances)
	#
	ssh -i <your private key.pem> ec2-user@<your public ip address>

	#
	# On the Mac
	import cv2
	import imutils
	import time

	cap = cv2.VideoCapture(0)
	ret, frame = cap.read()

	def takePicture():
	(grabbed, frame) = cap.read()
	showimg = frame
	// node.js versions pre-v0.18.0 do not support the fetch api and require a polyfill
	// const fetch = require('node-fetch');
	fetch(
	'https://discordapp.com/api/webhooks/738983040323289120/mzhXrZz0hqOuUaPUjB_RBTE8XJUFLe8fe9mgeJjQCaxjHX14c3SW3ZR199_CDEI-xT56',
	{
	method: 'post',
	headers: {
	'Content-Type': 'application/json',
	},
	body: JSON.stringify({