Keybase proof
I hereby claim:
- I am monoxgas on github.
- I am monoxgas (https://keybase.io/monoxgas) on keybase.
- I have a public key whose fingerprint is 8138 ABBC 8C08 62A4 1E16 A697 5856 495B 4691 8AB1
To claim this, I am signing this object:
using NtApiDotNet; | |
using NtApiDotNet.Ndr.Marshal; | |
using NtApiDotNet.Win32; | |
using NtApiDotNet.Win32.Rpc.Transport; | |
using NtApiDotNet.Win32.Security.Authentication; | |
using NtApiDotNet.Win32.Security.Authentication.Kerberos; | |
using NtApiDotNet.Win32.Security.Authentication.Kerberos.Client; | |
using NtApiDotNet.Win32.Security.Authentication.Kerberos.Server; | |
using NtApiDotNet.Win32.Security.Authentication.Logon; | |
using System; |
'https://answers.microsoft.com/en-us/msoffice/forum/all/removing-text-box-from-word-document-without/a4d02b2f-d168-48dc-960b-4a45cbe79d86 | |
Sub ReplaceTextBoxes() | |
Dim RngDoc As Range, RngShp As Range, i As Long, boundary As String | |
With ActiveDocument | |
For i = .Shapes.Count To 1 Step -1 | |
With .Shapes(i) | |
'If .Type = msoTextBox Then | |
'https://eileenslounge.com/viewtopic.php?p=28255#p28255 | |
If .TextFrame.HasText = True Then | |
I hereby claim:
To claim this, I am signing this object:
use DynaLoader; | |
use Devel::Peek; | |
use Fcntl; | |
use 5.008001; # because 5.6 doesn't have B::PV::object_2svref | |
use Config; | |
use B (); # for B::PV | |
sub mmap { | |
my ($addr, $size, $protect, $flags) = @_; | |
syscall(197, $addr, $size, $protect, $flags, -1, 0); |
// ref: https://opensource.apple.com/source/dyld/[VERSION]/launch-cache/dsc_extractor.cpp.auto.html | |
// > SDKROOT=`xcrun --sdk macosx --show-sdk-path` | |
// > clang++ -o extract extract.cpp | |
// > mkdir libraries | |
// > ./extract /System/Library/dyld/dyld_shared_cache_x86_64 `pwd`/libraries/ | |
#include <stdio.h> | |
#include <stddef.h> | |
#include <dlfcn.h> |
import sys | |
import struct | |
import binascii | |
from itertools import cycle, zip_longest | |
from operator import itemgetter, xor | |
from collections import Counter | |
import re | |
# Some root key constants from the binary |
I hereby claim:
To claim this, I am signing this object:
#include <Windows.h> | |
#include <intrin.h> | |
#include <string> | |
#include <TlHelp32.h> | |
#include <psapi.h> | |
BOOL PatchTheRet(HMODULE realModule) { | |
// Get primary module info |
#include <Windows.h> | |
#include <intrin.h> | |
#include <string> | |
#include <TlHelp32.h> | |
#include <psapi.h> | |
DWORD WINAPI Thread(LPVOID lpParam) { | |
// Insert evil stuff | |
ExitProcess(0); |
' Need to add project references to C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscoree.tlb and mscorlib.tlb | |
Private Declare PtrSafe Function DispCallFunc Lib "oleaut32.dll" (ByVal pv As LongPtr, ByVal ov As LongPtr, ByVal cc As Integer, ByVal vr As Integer, ByVal ca As Long, ByRef pr As Integer, ByRef pg As LongPtr, ByRef par As Variant) As Long | |
Private Declare PtrSafe Sub RtlMoveMemory Lib "kernel32" (Dst As Any, Src As Any, ByVal BLen As LongPtr) | |
Private Declare PtrSafe Function VarPtrArray Lib "VBE7" Alias "VarPtr" (ByRef Var() As Any) As LongPtr | |
#If Win64 Then | |
Const LS As LongPtr = 8& | |
#Else | |
Const LS As LongPtr = 4& |