- press Shift+F10 to get cmd, and start
regedit HKEY_LOCAL_MACHINE\SYSTEM\Setup- Create
LabConfigkey HKEY_LOCAL_MACHINE\SYSTEM\Setup\LabConfig- Add following DWORD32 keys with a value of 1:
BypassTPMCheckBypassRAMCheck
- Create
BypassSecureBootCheck
Kiran Bandla kbandla
kbandla
/ noadmin.cmd
Created
June 16, 2023 11:57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| :: https://superuser.com/questions/171917/force-a-program-to-run-without-administrator-privileges-or-uac | |
| :: @kbandla | |
| @echo off | |
| IF "%1%"=="" ( | |
| echo [!] Error: Need full path to the program. Aborting. | |
| ) else ( | |
| echo [*] Copied AppData path to clipboard | |
| echo %LOCALAPPDATA% | clip | |
| cmd /min /C "set __COMPAT_LAYER=RUNASINVOKER && start "" %1" | |
| ) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ! 2022-11-15 https://www.youtube.com | |
| www.youtube.com###contentContainer | |
| www.youtube.com###primary > .ytd-two-column-browse-results-renderer.style-scope | |
| www.youtube.com###secondary | |
| ! 2023-01-28 nytimes.com | |
| www.nytimes.com###gateway-content | |
| www.nytimes.com###app>div>div[class^="css-"]>div[aria-hidden="true"]+div[class^="css-"] | |
| www.nytimes.com###app>div>div[class^="css-"]:style(position:static!important) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| msiexec /a %1 /qb TARGETDIR=%2 |
Was curious why VLC took so long to startup. Launched it in windbg, to find it load about 400 DLLs.
0:014> lm
start end module name
00007ff7`977b0000 00007ff7`978a8000 vlc (export symbols) C:\Users\kbandla\vlc\3.0.16-win64\vlc.exe
00007ffe`203c0000 00007ffe`203d9000 libvisual_plugin (deferred)
00007ffe`203e0000 00007ffe`205b4000 libprojectm_plugin (deferred)
00007ffe`205c0000 00007ffe`2060f000 libgoom_plugin (deferred)
00007ffe`20610000 00007ffe`20625000 libglspectrum_plugin (deferred)
kbandla
/ MksWifi.bin
Created
September 12, 2018 18:18
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (venv) kbandla@ashburn:/tmp$ binwalk MksWifi.bin | |
| DECIMAL HEXADECIMAL DESCRIPTION | |
| -------------------------------------------------------------------------------- | |
| 29640 0x73C8 LZMA compressed data, properties: 0xC0, dictionary size: -1929314304 bytes, uncompressed size: 850403574015 bytes | |
| 94901 0x172B5 LZMA compressed data, properties: 0xC0, dictionary size: 44892160 bytes, uncompressed size: 9097839549 bytes | |
| 276851 0x43973 LZMA compressed data, properties: 0xC0, dictionary size: 553779200 bytes, uncompressed size: 550036902400 bytes | |
| 295640 0x482D8 HTML document footer | |
| 296676 0x486E4 HTML document header | |
| 298088 0x48C68 LZMA compressed data, properties: 0x64, dictionary size: 0 bytes, uncompressed size: 167772160 bytes |
kbandla
/ loadswf.as
Created
February 5, 2018 23:09
CVE-2018-4878 ActionScript for pre-decrypted SWF
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package | |
| { | |
| import flash.display.Loader; | |
| import flash.display.Sprite; | |
| import flash.events.Event; | |
| import flash.events.IOErrorEvent; | |
| import flash.events.SecurityErrorEvent; | |
| import flash.net.URLLoader; | |
| import flash.net.URLRequest; | |
| import flash.system.Capabilities; |
kbandla
/ eternalblue_kshellcode.asm
Created
May 30, 2017 04:19
— forked from worawit/eternalblue_merge_shellcode.py
Windows x64 kernel shellcode for eternalblue exploit
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ; | |
| ; Windows x64 kernel shellcode from ring 0 to ring 3 by sleepya | |
| ; The shellcode is written for eternalblue exploit: | |
| ; - https://gist.github.com/worawit/bd04bad3cd231474763b873df081c09a | |
| ; - https://gist.github.com/worawit/074a27e90a3686506fc586249934a30e | |
| ; | |
| ; | |
| ; Idea for Ring 3 to Ring 0 from Sean Dillon (@zerosum0x0) | |
| ; | |
| ; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import dpkt | |
| from dpkt.ip import IP | |
| from dpkt.ethernet import Ethernet | |
| from dpkt.arp import ARP | |
| from pprint import pprint | |
| import socket | |
| import sys | |
| import csv | |
| from Tkinter import * | |
| import tkMessageBox |
kbandla
/ dpkt_254.py
Created
March 16, 2016 14:45
quick code for issue #254 ( 6244444680ba446da153812333568096 )
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| dpkt issue 254 | |
| ''' | |
| import dpkt | |
| from dpkt.ip import IP | |
| from dpkt.ethernet import Ethernet | |
| from dpkt.arp import ARP | |
| from pprint import pprint | |
| import socket |
NewerOlder