Skip to content

Instantly share code, notes, and snippets.

View galaris's full-sized avatar
:shipit:
403

Dominik Antal galaris

:shipit:
403
View GitHub Profile
@ck3d
ck3d / benchmark.md
Last active August 13, 2024 10:41
llama-bench
@david-a-perez
david-a-perez / fastest_day6_part2.rs
Last active September 17, 2024 14:37
Advent of Code 2023 Day 6 Optimizations
// time: [1.8843 µs 1.8897 µs 1.8955 µs]
pub fn original(input: &[u8]) -> Option<usize> {
let mut idx = 0;
'outer: while idx + 13 < input.len() {
let mut state = 0;
for (next_idx, byte) in input[idx..idx + 14].iter().enumerate().rev() {
let bit_idx = byte % 32;
if state & (1 << bit_idx) != 0 {
idx += next_idx + 1;
continue 'outer;
"""
Transform a binary file into a C header file.
The binary file is splitted into 16 char strings and rebuild at execution time.
The function buildsc() must be called in your main to rebuild the binary file into the sc C variable.
The length is set in the sc_length variable.
Be carefull, try to avoid compiler code optimization as it will remove all these modifications in the final binary.
"""
@tothi
tothi / mitmproxy-jwt-refresh-addon.py
Created August 28, 2022 20:52
mitmproxy addon for handling oauth access and refresh tokens automatically
# run: mitmproxy -k -p 8090 -s mitmproxy-jwt-refresh-addon.py
# set burp upstream proxy to localhost:8090
#
# use case:
# - application authorization is implemented by OAuth 2.0
# - testing is performed using Burp as primary and mitmproxy as upstream proxy
# - mitmproxy takes care of the Authorization tokens using this addon
# - user gets an access_token and a refresh_token during the 1st login (e.g. password login)
# - mitmproxy addon caches access_token and refresh_token
# - mitmproxy addon adds Authorization: Bearer [access_token from cache] header for every request
@tothi
tothi / ms-msdt.MD
Last active September 29, 2024 08:10
The MS-MSDT 0-day Office RCE Proof-of-Concept Payload Building Process

MS-MSDT 0-day Office RCE

MS Office docx files may contain external OLE Object references as HTML files. There is an HTML sceme "ms-msdt:" which invokes the msdt diagnostic tool, what is capable of executing arbitrary code (specified in parameters).

The result is a terrifying attack vector for getting RCE through opening malicious docx files (without using macros).

Here are the steps to build a Proof-of-Concept docx:

  1. Open Word (used up-to-date 2019 Pro, 16.0.10386.20017), create a dummy document, insert an (OLE) object (as a Bitmap Image), save it in docx.
@mgeeky
mgeeky / Various-Macro-Based-RCEs.md
Last active October 4, 2024 16:24
Various Visual Basic Macros-based Remote Code Execution techniques to get your meterpreter invoked on the infected machine.

This is a note for myself describing various Visual Basic macros construction strategies that could be used for remote code execution via malicious Document vector. Nothing new or fancy here, just a list of techniques, tools and scripts collected in one place for a quick glimpse of an eye before setting a payload.

All of the below examples had been generated for using as a remote address: 192.168.56.101.

List:

  1. Page substiution macro for luring user to click Enable Content
  2. The Unicorn Powershell based payload
anonymous
anonymous / gist:d0da355e5c21a122866808d37234cd5d
Created October 23, 2016 00:12
PowerShell malware [posted by @JohnLaTwC]
//sample: 1554e74b935a61d446cb634f80d7d1e200e864bc
//posted by @JohnLaTwC
// Also see research by Sudeep Singh, Yin Hong Chang @ https://www.fireeye.com/blog/threat-research/2016/05/targeted_attacksaga.html
----------------------------------------------- macro ----------------------------------
Private Sub Workbook_Open()
Call doom_Init
Call doom_ShowHideSheets
End Sub

Oh my zsh.

Install with curl

sh -c "$(curl -fsSL https://raw.githubusercontent.com/robbyrussell/oh-my-zsh/master/tools/install.sh)"

Enabling Plugins (zsh-autosuggestions & zsh-syntax-highlighting)

  • Download zsh-autosuggestions by
class AccountObjectSetCheats
{
bool AutoBattle = false;
AccountobjectSetCheats Type;
int8 SlotLockCheat = 0;
};
class AccountObjectGetProfile
{
std::string Filename;
@lolzballs
lolzballs / HelloWorld.java
Created March 22, 2015 00:21
Hello World Enterprise Edition
import java.io.FileDescriptor;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.PrintStream;
public class HelloWorld{
private static HelloWorld instance;
public static void main(String[] args){
instantiateHelloWorldMainClassAndRun();