Skip to content

Instantly share code, notes, and snippets.

Avatar
🏠
Working from home

Joe moloch--

🏠
Working from home
  • Hacker / Programmer
  • Earth
  • Twitter @LittleJoeTables
View GitHub Profile
@moloch--
moloch-- / mem-loader.asm
Created Sep 12, 2021 — forked from zznop/mem-loader.asm
Fun little loader shellcode that executes an ELF in-memory using an anonymous file descriptor (inspired by https://x-c3ll.github.io/posts/fileless-memfd_create/)
View mem-loader.asm
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;;
;;; Copyright (C), zznop, brandonkmiller@protonmail.com
;;;
;;; This software may be modified and distributed under the terms
;;; of the MIT license. See the LICENSE file for details.
;;;
;;; DESCRIPTION
;;;
;;; This PoC shellcode is meant to be compiled as a blob and prepended to a ELF
View install-sliver.sh
#!/bin/bash
set -e
if [ -n "$(command -v yum)" ]
then
sudo -S -p '' yum -y install zip unzip curl gcc gcc-c++ make mingw64-gcc
fi
if [ -n "$(command -v apt-get)" ]
then
@moloch--
moloch-- / go.mod
Last active Jul 4, 2020
Bloom Filter Benchmark
View go.mod
module github.com/moloch--/bloom-test
go 1.14
require (
github.com/spaolacci/murmur3 v1.1.0 // indirect
github.com/willf/bitset v1.1.10 // indirect
github.com/willf/bloom v2.0.3+incompatible
)
View Keybase
### Keybase proof
I hereby claim:
* I am moloch-- on github.
* I am moloch (https://keybase.io/moloch) on keybase.
* I have a public key whose fingerprint is 0E59 543B A7BC 269F 3AAE 707E B705 0578 9B38 EEA6
To claim this, I am signing this object:
View ent.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>platform-application</key>
<true/>
<key>com.apple.private.security.no-container</key>
<true/>
<key>com.apple.private.skip-library-validation</key>
<true/>
View collatz.py
#!/usr/bin/env python3
value = 0
while value < 1: value = int(input('Start: '))
while value != 1:
print(value)
if value & 1:
value = (3 * value) + 1
else:
@moloch--
moloch-- / Makefile
Last active Oct 18, 2021
Basic cross-platform reverse shell in Go
View Makefile
EXE = shell
SRC = .
LDFLAGS = -ldflags="-s -w"
windows:
GOOS=windows go build -o $(EXE)_win.exe $(LDFLAGS) $(SRC)
macos:
GOOS=darwin go build -o $(EXE)_macos $(LDFLAGS) $(SRC)
View tea.py
#!/usr/bin/env python
"""
Python implementation of the Tiny Encryption Algorithm (TEA)
By Moloch
TEA has a few weaknesses. Most notably, it suffers from
equivalent keys each key is equivalent to three others,
which means that the effective key size is only 126 bits.
As a result, TEA is especially bad as a cryptographic hash
function. This weakness led to a method for hacking Microsoft's
View compare.ts
private _compareArrays(a: Array<any>, b: Array<any>) {
if (a.length !== b.length) {
return false;
} else {
for (let index = 0; index < a.length; ++index) {
if (a[index] !== b[index]) {
return false;
}
}
}