Brad Antoniewicz brad-anton

## Simple Chrome Manifest Discovery and Parsing
def __process_manifest_json(self, fullpath):
    """The manifest.json files contain less information
    then the Preferences files, so we'll use this menthod
    on if the preferences file is unavaible"""
    extension = fullpath.split(self.os.SLASH)[-3]

    if path.isfile(fullpath):
        with open(fullpath, 'rb') as f:
            manifest = json.load(f)

## Parse Chrome Preferences
def __check_preferences_json(self, preferences):
    """Pulls Extension information out of the preferences file
    """
    extensions = []
    with open(preferences, 'rb') as f:
        prefs_json = json.load(f)

        extensions_json = prefs_json['extensions']['settings']
        for extension in extensions_json.iterkeys():
            name = None

## Query IE11 Extensions with PowerShell
function Make-Extension
{
    Param([string]$clsid, [string]$name, [string]$dll)

    $extension = New-Object PSObject -Prop (@{'CLSID' = $clsid;
                    'Name' = $name;
                    'DLL' = $dll })

    $extension
}

## Lookup CLSID in PowerShell
function Lookup-Clsid
{
    Param([string]$clsid)
    $CLSID_KEY = 'HKLM:\SOFTWARE\Classes\CLSID'

    If ( Test-Path $CLSID_KEY\$clsid) {
        $name = (Get-ItemProperty -Path $CLSID_KEY\$clsid).'(default)'
        $dll = (Get-ItemProperty -Path $CLSID_KEY\$clsid\InProcServer32).'(default)'
    }
    $name, $dll

## gist:0ed1079969dad86079ad35a91122af52
inv = investigate.Investigate('12345678-1234-1234-1234-1234567890ab')
inv.search('searchregex', start=datetime.timedelta(days=1), limit=100, include_category=False)

## gist:f5c190d8d54445d1eecb1f6e2e2ae44d
# Create mappings for every character, for instance:
s=['s','5','z','es','2']
alphabet={ 's':s }

def get_permutations(self, letter):
    try:
        permutations = alphabet[letter]
    except KeyError: # The letter is not in alphabet
        permutations = letter
    regex = '['

## WildFire XOR
"""
Quick binary xor for WildFire
@brad_anton

Bigrmkwhrr.png 645e7f63886d74c5edd149caac1b41cd
Bigrmkwhrr.png.exe (output) ec5921b64581a7c6414680c36d50805c

"""
from itertools import cycle

## gist:bfcbfc9419c0f20a32fb898a87fe7695
	while(list($key, $val) = each($_POST)) {
		$GLOBALS[$key] = $val;

## gist:eafc52da26732f4ae99dc0a093298d49
$DestinationAddress = "contact@website.com";
$Subject = "Contact Form Inquiry";

while(list($key, $val) = each($_POST)) {
		$GLOBALS[$key] = $val;
}
$Header = "From: $name <$email>\r\n";
$Header .= "Reply-To: $name <$email>\r\n";

mail($DestinationAddress, $Subject, $Message, $Header);

## gist:f3311d60bffff4a4bfec0533d6f6283e
$DestinationAddress = "contact@website.com";
$Subject = "Contact Form Inquiry";

while(list($key, $val) = each($_POST)) {
		$GLOBALS[$key] = $val;
}
$Header = "From: $name <$email>\r\n";
$Header .= "Reply-To: $name <$email>\r\n";

mail($DestinationAddress, $Subject, $Message, $Header);
	def __process_manifest_json(self, fullpath):
	"""The manifest.json files contain less information
	then the Preferences files, so we'll use this menthod
	on if the preferences file is unavaible"""
	extension = fullpath.split(self.os.SLASH)[-3]

	if path.isfile(fullpath):
	with open(fullpath, 'rb') as f:
	manifest = json.load(f)
	def __check_preferences_json(self, preferences):
	"""Pulls Extension information out of the preferences file
	"""
	extensions = []
	with open(preferences, 'rb') as f:
	prefs_json = json.load(f)

	extensions_json = prefs_json['extensions']['settings']
	for extension in extensions_json.iterkeys():
	name = None
	function Make-Extension
	{
	Param([string]$clsid, [string]$name, [string]$dll)

	$extension = New-Object PSObject -Prop (@{'CLSID' = $clsid;
	'Name' = $name;
	'DLL' = $dll })

	$extension
	}
	function Lookup-Clsid
	{
	Param([string]$clsid)
	$CLSID_KEY = 'HKLM:\SOFTWARE\Classes\CLSID'

	If ( Test-Path $CLSID_KEY\$clsid) {
	$name = (Get-ItemProperty -Path $CLSID_KEY\$clsid).'(default)'
	$dll = (Get-ItemProperty -Path $CLSID_KEY\$clsid\InProcServer32).'(default)'
	}
	$name, $dll
	inv = investigate.Investigate('12345678-1234-1234-1234-1234567890ab')
	inv.search('searchregex', start=datetime.timedelta(days=1), limit=100, include_category=False)
	# Create mappings for every character, for instance:
	s=['s','5','z','es','2']
	alphabet={ 's':s }

	def get_permutations(self, letter):
	try:
	permutations = alphabet[letter]
	except KeyError: # The letter is not in alphabet
	permutations = letter
	regex = '['
	"""
	Quick binary xor for WildFire
	@brad_anton

	Bigrmkwhrr.png 645e7f63886d74c5edd149caac1b41cd
	Bigrmkwhrr.png.exe (output) ec5921b64581a7c6414680c36d50805c

	"""
	from itertools import cycle
	while(list($key, $val) = each($_POST)) {
	$GLOBALS[$key] = $val;
	$DestinationAddress = "contact@website.com";
	$Subject = "Contact Form Inquiry";

	while(list($key, $val) = each($_POST)) {
	$GLOBALS[$key] = $val;
	}
	$Header = "From: $name <$email>\r\n";
	$Header .= "Reply-To: $name <$email>\r\n";

	mail($DestinationAddress, $Subject, $Message, $Header);