I hereby claim:
- I am matterpreter on github.
- I am matterpreter (https://keybase.io/matterpreter) on keybase.
- I have a public key ASBpyi7rGq-uzLP9xeGttxt0c2ZnQh1EOkXjKv6lQm3eWgo
To claim this, I am signing this object:
#!/usr/bin/env python3 | |
import sys | |
def usage(): | |
print('HashMash - decrypted password to username matcher') | |
print('') | |
print('$ python3 %s <Hash File> <OCL Hashcat Decrypted File>' % sys.argv[0]) | |
print('') | |
print('User Hash File format is user:hash (or JTR NTLM)') | |
print('OCL Decrypted Pasword File format is, hash:password') |
#!/bin/bash | |
sudo apt install -y libace-6.3.3 libc6 libgcc1 libstdc++6 libtao-2.0.1 liblzo2-2 zlib1g libssl1.0.0 | |
mkdir debs && cd debs | |
#Pull all the required packages from Launchpad for Ubunutu | |
wget -nv http://launchpadlibrarian.net/74750902/libace-6.0.1_6.0.1-3_amd64.deb | |
wget -nv http://launchpadlibrarian.net/74750904/libace-ssl-6.0.1_6.0.1-3_amd64.deb | |
wget -nv http://launchpadlibrarian.net/74750910/libace-htbp-6.0.1_6.0.1-3_amd64.deb | |
wget -nv http://launchpadlibrarian.net/74750917/libacexml-6.0.1_6.0.1-3_amd64.deb | |
wget -nv http://launchpadlibrarian.net/74750919/libkokyu-6.0.1_6.0.1-3_amd64.deb |
I hereby claim:
To claim this, I am signing this object:
public static void CyrillicSwap(string latinString) | |
{ | |
Console.OutputEncoding = Encoding.UTF8; | |
Dictionary<string, string> CyrDict = new Dictionary<string, string>() | |
{ | |
{"a", "а"}, // \u0430 | |
{"c", "с"}, // \u0441 | |
{"e", "е"}, // \u0435 | |
{"o", "о"}, // \u043e | |
{"p", "р"}, // \u0440 |
//Locate RPC procecures inside of server code | |
//@author Matt Hand (@matterpreter) based on original work by Sektor7 Labs (@reenz0h) | |
//@category Functions | |
//@keybinding | |
//@menupath | |
//@toolbar | |
import ghidra.app.script.GhidraScript; | |
import ghidra.program.model.block.*; | |
import ghidra.program.model.symbol.*; |
public static bool IsAdmin() | |
{ | |
WindowsIdentity identity = WindowsIdentity.GetCurrent(); | |
WindowsPrincipal principal = new WindowsPrincipal(identity); | |
if (!principal.IsInRole(WindowsBuiltInRole.Administrator)) | |
{ | |
return false; | |
} | |
else | |
{ |
lkd> dt -b nt!_EPROCESS | |
+0x000 Pcb : _KPROCESS | |
+0x000 Header : _DISPATCHER_HEADER | |
+0x000 Lock : Int4B | |
+0x000 LockNV : Int4B | |
+0x000 Type : UChar | |
+0x001 Signalling : UChar | |
+0x002 Size : UChar | |
+0x003 Reserved1 : UChar | |
+0x000 TimerType : UChar |
0: kd> dt -b nt!_IRP | |
+0x000 Type : Int2B | |
+0x002 Size : Uint2B | |
+0x004 AllocationProcessorNumber : Uint2B | |
+0x006 Reserved : Uint2B | |
+0x008 MdlAddress : Ptr64 | |
+0x010 Flags : Uint4B | |
+0x018 AssociatedIrp : <anonymous-tag> | |
+0x000 MasterIrp : Ptr64 | |
+0x000 IrpCount : Int4B |
using System; | |
using System.Collections.Concurrent; | |
using System.Collections.Generic; | |
using System.Diagnostics; | |
using System.IO; | |
using System.Linq; | |
using System.Threading.Tasks; | |
using PeNet; | |
using PeNet.Header.Pe; |
using System; | |
using System.Diagnostics; | |
using System.Runtime.InteropServices; | |
namespace UnkillableTest | |
{ | |
class Program | |
{ | |
[DllImport("ntdll.dll", SetLastError = true)] | |
private static extern void RtlSetProcessIsCritical(uint bNew, uint pbOld, uint bNeedScb); |