Skip to content

Instantly share code, notes, and snippets.

Avatar
🥝
I'm a kiwi

Benjamin DELPY gentilkiwi

🥝
I'm a kiwi
View GitHub Profile
View mimikatz.mp3.b64
//NExAAAAANIAUAAAPBBLA9ZvdwNokA6Z/aCAEGFPwDsLhxAP/HAZm5N/+OeVyJrL//5oYFQnGT//0EGqQT///23W6f///+h9D//////7S+6BmsqQLMxK4hAhgucK2GQ//NExFMRiyJYAZSAAcrAAImAQkaEEQyRzjQOMGAp7HPT7WIRCJY40BwF4hgpY4hLAJQiUUVGgeEGIgTc2KZORI5UShKGong3CVk4ujMOYQqKJw1TxgC4WJvDEHg+f//6//NExF8g4x6IAZxoAb0Fp/1akFILTWyjeaLTZf/9r/9Bf//6aq0v+9JTf+s4gYmxoPqfmWuxAUBhm2nmbA+WlQtXkXWMQiQSBmWqFuJcR1/5TQ8s3HfmJKgsz9mRJc0a//NExC4dAu6MAdxoAZDmEwNFHBPRhFsskRhRJhKD5JDyD6FsEoQmJLGr///61K7snqTfrUtNNSSNWtSCDMpa7W///////90HWtSjx9y+cXReozOe/Ccc8xjHMgBEb3vl//NExA0VuQqcAN4ScHDacoPQ8lvvvs0OX5c1DUNz+sN2bVj/+q3t4mYnPpCJduprnSdRBBy7E5apROigmNIhE0Fgi5IMCxhqP66Kf///0igfB8BwQGPTy7+E2hieourd//NExAkUWaqwANKQlCL6Wff9Zm9AXQDCTVRKJOpCY3nNoccvrQ15lVYNEJtB9V+w6v1GKlswqHQUznNFRc+Wk04dVUyi7nxMAzQmKOX////23kKopUrut6m0/Dc2BpBT//NExAoT0cqwANNQlNuISy6mbq9EZwsPUU39a39aH//JGRXlA2CiTyqv+yon7HGO+tA1D99ng5O5JKGv6kiA/sxTl3rOOeA////4iNHAbDY2qqq3vLGaZSYHOLJbc5JK//NExA0UIdKwANHQlNSSKWJ4AJPVR0bk/NL/t9b/kacnbSPCr1xqP++GMXlzg8dylcwLA0P+hocGaRITKL85Qe3xxJhpygns////NlGhY9Fqz+kp4YWHMYpzKxEeAHka
View cve-2019-1388_kiwi_tests.txt
SERVER
======
Windows 2008r2 7601 ** link OPENED AS SYSTEM **
Windows 2012r2 9600 ** link OPENED AS SYSTEM **
Windows 2016 14393 ** link OPENED AS SYSTEM **
Windows 2019 17763 link NOT opened
WORKSTATION
View NCryptCreatePersistedKey_virtual_iso.c
#define NCRYPT_VIRTUAL_ISO_MAYBE 0x10000
#define NCRYPT_VIRTUAL_ISO 0x20000
#define NCRYPT_PER_BOOT_KEY 0x40000
NTSTATUS kuhl_m_standard_test(int argc, wchar_t * argv[])
{
SECURITY_STATUS status;
NCRYPT_PROV_HANDLE hCngProv = 0;
NCRYPT_KEY_HANDLE hCngKey = 0;
DWORD keyLen = 2048;
View petya.pub.txt
Public-Key: (2048 bit)
Modulus:
00:c4:ff:d5:a8:a7:34:c8:b7:bd:26:15:6a:14:c4:
06:c1:42:13:3b:a5:a9:5d:69:ca:48:d4:00:61:3d:
0e:eb:90:ab:f0:f8:c8:40:89:d3:78:79:17:12:37:
ce:da:7d:89:99:44:56:57:fb:87:07:46:6b:95:0f:
f0:71:82:41:c0:b8:50:f4:4a:89:de:20:ea:98:dd:
7d:3a:8e:cd:b7:21:14:99:b6:26:a2:97:2a:f9:82:
c8:05:9c:d0:d9:94:ca:d0:0d:83:b5:7e:06:44:ac:
44:10:52:c2:cb:bb:cf:d7:61:18:38:f5:e4:9d:5c:
View wanacry.pub.txt
Public-Key: (2048 bit)
Modulus:
00:ce:f1:18:be:2e:fe:91:0f:fb:b9:ad:f7:4a:30:
9d:cf:28:3c:46:d5:e2:2b:60:cd:92:69:11:30:9d:
e5:fb:3b:d9:72:a1:de:e5:df:8e:42:27:68:81:17:
e6:41:50:72:71:f8:dc:32:ea:e1:9b:70:88:a6:12:
cb:75:26:f2:38:db:4e:d9:e8:ca:1f:d4:ea:07:0b:
a0:75:d0:d7:0c:03:62:2d:a7:46:20:96:00:28:af:
bd:17:c1:d8:30:2c:f5:65:d2:f5:b5:36:bb:d2:9f:
6e:5b:c6:39:3a:a3:9e:ad:6b:59:ad:7d:a5:94:4d:
View mimicom.idl
import "ms-dtyp.idl";
[
uuid(17FC11E9-C258-4B8D-8D07-2F4125156244),
version(1.0)
]
interface MimiCom
{
typedef [context_handle] void* MIMI_HANDLE;
typedef unsigned int ALG_ID;
View aes_skip.c
#include <windows.h>
#include <stdio.h>
int main(void)
{
BCRYPT_ALG_HANDLE cshHmacShaAlgHandle, cshAesAlgHandle;
BCRYPT_KEY_HANDLE phKey;
UCHAR salt[] = "LAB.LOCALuser1", password[] = "waza1234/u1";
DWORD iterations = 4096, cshAesKeyObjectSize, pcbResult = sizeof(cshAesKeyObjectSize), aesResult, i;
UCHAR aesKey[0x20], foldKerberos[] = {'k', 'e', 'r', 'b', 'e', 'r', 'o', 's', 0x7b, 0x9b, 0x5b, 0x2b, 0x93, 0x13, 0x2b, 0x93}, derivedKey[sizeof(aesKey)], iv[0x10];
You can’t perform that action at this time.