PurpleVibe32

Install VMWare Workstation PRO 17 (Read it right. PRO!)
Also, these keys might also work with VMWare Fusion 13 PRO. Just tested it.

Sub to me on youtube pls - PurpleVibe32
if you want more keys - call my bot on telegram. @purector_bot (THE BOT WONT REPLY ANYMORE) - Or: https://cdn.discordapp.com/attachments/1040615179894935645/1074016373228978277/keys.zip - the password in the zip is 102me.
---
This gist can get off at any time.
PLEASE, DONT COPY THIS. IF YOU FORK IT, DONT EDIT IT.
*If you have a problem comment and people will try to help you!
*No virus

NyaMisty

"""
summary: drawing custom graphs
description:
  Showing custom graphs, using `ida_graph.GraphViewer`. In addition,
  show how to write actions that can be performed on those.
keywords: graph, actions
"""

from __future__ import print_function
# -----------------------------------------------------------------------

tothi

KrbRelay with RBCD Privilege Escalation HOWTO

Short HOWTO about one use case of the work from Cube0x0 (KrbRelay) and others.

TL;DR

No-Fix Local Privilege Escalation from low-priviliged domain user to local system on domain-joined computers.

Prerequisites:

• LDAP signing not required on Domain Controller (default!)

ioncodes

Vagrant.configure("2") do |config|
  config.vm.guest = :windows		# tell Vagrant this is a Windows-based guest
  config.vm.communicator = "winrm"	# use winrm for management instead of ssh
  config.vm.provider 'vmware_workstation' do |p|
    p.linked_clone = false
  end
  config.vm.provider :vmware_desktop do |p|
    p.vmx["ethernet0.pcislotnumber"] = "160"
  end

jackullrich

#include <Windows.h>

LONG SingleStepEncryptDecrypt(EXCEPTION_POINTERS* ExceptionInfo);
typedef VOID(__stdcall* Shellcode)();

LPBYTE ShellcodeBuffer;
ULONG_PTR PreviousOffset;
ULONG_PTR CurrentOffset;
ULONGLONG InstructionCount;
DWORD dwOld;

gladiatx0r

Overview

In the default configuration of Active Directory, it is possible to remotely take over Workstations (Windows 7/10/11) and possibly servers (if Desktop Experience is installed) when their WebClient service is running. This is accomplished in short by;

• Triggering machine authentication over HTTP via either MS-RPRN or MS-EFSRPC (as demonstrated by @tifkin_). This requires a set of credentials for the RPC call.
• Relaying that machine authentication to LDAPS for configuring RBCD
• RBCD takeover

The caveat to this is that the WebClient service does not automatically start at boot. However, if the WebClient service has been triggered to start on a workstation (for example, via some SharePoint interactions), you can remotely take over that system. In addition, there are several ways to coerce the WebClient service to start remotely which I cover in a section below.

mhaskar

#!/usr/bin/python

import requests
import json
import time
import paramiko
from Crypto.PublicKey import RSA
from os import chmod

public_key_name = "test1.key"

barbietunnie

How to download old versions of Chrome

Click here to download old versions of Chrome for Linux, Mac and Windows.

The download_url field of the desired section houses the URL to the download.

Alternatively, for not too old versions, you can get it directly here.

mpgn

# https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers/
# https://twitter.com/richinseattle/status/1354296177743679489

# if true on powershell command or no error on reg query output you are infected !

reg query 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\KernelConfig'
reg query 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\DriverConfig'
reg query 'HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SSL Update'
[System.IO.File]::Exists('C:\Windows\System32\Nwsapagent.sys')
[System.IO.File]::Exists('C:\Windows\System32\helpsvc.sys')

uf0o

#include <Windows.h>
#include <stdio.h>
#include <winternl.h>

#pragma comment(lib, "ntdll")

#define IOCTL_BEEP      CTL_CODE(FILE_DEVICE_BEEP, 0, METHOD_BUFFERED, FILE_ANY_ACCESS)

typedef struct _BEEP_SETTINGS {
    ULONG ulFrequency;