Skip to content

Instantly share code, notes, and snippets.

View maldevel's full-sized avatar
🌴
On vacation

maldevel maldevel

🌴
On vacation
1.2k followers · 2 following
View GitHub Profile
@maldevel
maldevel / decryptWinSCPCreds.cpp
Created August 26, 2018 10:41
PassCat Decrypt WinSCP passwords snippet
//https://github.com/twelvesec/passcat
//GNU General Public License v3.0
//@maldevel
//...
int libwinscp::decrypt_char(char *hash, char **newhash, size_t *size) {
unsigned char hex_flag = 0xA3;
char charset[17] = "0123456789ABCDEF";
int unpack1, unpack2, result = 0;
@maldevel
maldevel / export-linkedin-names.py
Last active January 2, 2024 12:10
Export Full names from organization's linkedin people page.
#!/usr/bin/python3
import re
import sys
if len(sys.argv) < 2:
print("Usage: python3 export-linkedin-name.py <page.html>")
exit(1)
@maldevel
maldevel / dump-wifi-passwords.ps1
Created January 24, 2018 09:58
Dump WiFi passwords on Windows 10
(netsh wlan show profiles) | Select-String "\:(.+)$" | %{$name=$_.Matches.Groups[1].Value.Trim(); $_} | %{(netsh wlan show profile name="$name" key=clear)} | Select-String "Key Content\W+\:(.+)$" | %{$pass=$_.Matches.Groups[1].Value.Trim(); $_} | %{[PSCustomObject]@{ PROFILE_NAME=$name;PASSWORD=$pass }} | Format-Table -AutoSize
@maldevel
maldevel / reversing_secrets_of_reverse_engineering.txt
Last active May 20, 2021 07:48
Notes # Reversing - Secrets of Reverse Engineering
## List All Functions containing GenericTable in their name from NTDLL.DLL
dumpbin /EXPORTS "C:\Windows\SysWOW64\ntdll.dll" | grep GenericTable | grep -E -v "Avl$|AvlEx$" | awk {'print $4'} > NTDLL_GenericTable_Methods.txt
##Print RVA (Relative Virtual Address)
dumpbin /EXPORTS "C:\Windows\SysWOW64\ntdll.dll" | grep GenericTable | grep -E -v "Avl$|AvlEx$" | awk {'print $3 " " $4'} > NTDLL_GenericTable_Methods.txt
##Find image base
dumpbin /HEADERS "C:\Windows\SysWOW64\ntdll.dll" | grep "image base"
@maldevel
maldevel / git.cpp
Created January 18, 2019 14:50
Dexter git over ssh - pull, clone, add, commit and push
//https://github.com/twelvesec/dexter
//GNU General Public License v3.0
//@maldevel
//...
bool libgit::commit(std::string username, std::string password, std::string email, std::string url, std::string folder, std::string PoC_KEYWORD, std::string data) {
git_repository *repo = NULL;
git_remote* remote = NULL;
@maldevel
maldevel / generate_message_id_gmail.cpp
Created November 28, 2018 14:12
Generate message id for gmail.
static std::string _generateMessageID(const char *sender, SIZE_T senderLength) {
GUID pGuiId;
WCHAR sGuiId[64] = { 0 };
WCHAR sTrimId[64] = { 0 };
std::string messageid;
int strFromGuiSize = 0;
char *senderCopy = 0;
int domainSize = 50;
@maldevel
maldevel / libencode.cpp
Last active November 10, 2018 14:32
Dexter URL encoding code snippet
//https://github.com/twelvesec/dexter
//GNU General Public License v3.0
//@maldevel
//...
std::string libencode::url_encode(std::string uri) {
std::string encoded;
DWORD len = (DWORD)uri.length();
char *tmp;
@maldevel
maldevel / libcrypt.cpp
Created November 8, 2018 18:20
Dexter AES 256 CBC mode encryption code snippet
//https://github.com/twelvesec/dexter
//GNU General Public License v3.0
//@maldevel
//...
static bool derive_key_from_password(std::string password, HCRYPTKEY *key, HCRYPTPROV *hCryptProv) {
HCRYPTHASH hHash = 0;
bool success = true;
@maldevel
maldevel / libencode.cpp
Created November 6, 2018 18:14
Dexter base 64 encoding snippet
//https://github.com/twelvesec/dexter
//GNU General Public License v3.0
//@maldevel
//...
std::string libencode::base64_encode(std::string plaintext) {
std::string encodedtext;
DWORD size = 0;
char *dest;
@maldevel
maldevel / libHash.cpp
Created November 2, 2018 12:50
Dexter SHA 256 Hash snippet
//https://github.com/twelvesec/dexter
//GNU General Public License v3.0
//@maldevel
//...
std::string libHash::sha256(std::string input) {
std::string hash;
sha256_context ctx;
BYTE tmp[SHA256_HASH_SIZE];