Enrique Elias Nissim n3k

## c0w.c
/*
* A PTRACE_POKEDATA variant of CVE-2016-5195
* should work on RHEL 5 & 6
*
* (un)comment correct payload (x86 or x64)!
* $ gcc -pthread c0w.c  -o c0w
* $ ./c0w
* DirtyCow root privilege escalation
* Backing up /usr/bin/passwd.. to /tmp/bak
* mmap fa65a000

## setup-theos-linux.sh
# Script is available at https://github.com/supermamon/install-theos
# Or if you trust me run
curl -LO https://git.io/install-theos && bash install-theos

## heartbleed.py
#!/usr/bin/python

# Modified by Travis Lee
# Last Updated: 4/21/14
# Version 1.16
#
# -changed output to display text only instead of hexdump and made it easier to read
# -added option to specify number of times to connect to server (to get more data)
# -added option to send STARTTLS command for use with SMTP/POP/IMAP/FTP/etc...
# -added option to specify an input file of multiple hosts, line delimited, with or without a port specified (host:port)

## enableDCI.txt
Enable DCI debugging on Gigabyte-BKi5HA-7200
--------------------------------------------

The Gigabyte-BKi5HA-7200 (Kabylake i5-7200 processor) can be debugged with only a USB debug cable, a
special cable that crosses only the data signals and has the power signals
removed. You can buy these cables at i.e. https://www.datapro.net/products/usb-3-0-super-speed-a-a-debugging-cable.html
The hurdle you have to overcome  before you can access DCI however is that you
need to set some bits in hardware that first enable DCI and also enable the debug port so that DCI can control the cores.
There are lots of guides in howto patch the BIOS but only these two really describes all the steps using only freely accessible tools:

## all.txt

.
..
........
@
*
*.*
*.*.*
ðŸŽ

## content_discovery_all.txt
`
~/
~
×™×


___
__
_

## copy_in_chunks.py
import os
import sys

g_step = 1024*1024
source_file = sys.argv[1]
source_size = os.path.getsize(source_file)
target_file = sys.argv[2]
skip = int(sys.argv[3])
bytes_remaining = source_size - skip
print("Source Size: %.02f" % (source_size / float(g_step)))

## CPURateControlExample.cpp
#include <iostream>
#include <Windows.h>
int main(int argc, char **argv)
{
    if (argc < 2) {
        printf("Usage: %s <pid>", argv[0]);
        return 0;
    }

    std::cout << "Attempt to control the CPU Rate of target process...\n";

## ThreadPrimes.c
// ThreadPrimes.cpp : This file contains the 'main' function. Program execution begins and ends there.
//

#include <stdio.h>
#include <intrin.h>
#include <math.h>
#include <windows.h>


#define BLOCK 1000

## HookInvokationAndExecuteParentMethod.js
setTimeout(function() {
 Java.perform(function() {

	var className = "com.example.wlclient.auth.XLAuthorizationManagerInternal";
	var instance = Java.use(className);
	instance.invokeTokenRequest.implementation = function (a, b, c) {
		console.log("[*] onEnter invokeTokenRequest...");

		var XLOAuthCertManager = Java.use("com.example.common.security.XLOAuthCertManager");
		var XLCertManager = Java.use("com.example.common.security.XLCertManager");
	/*
	* A PTRACE_POKEDATA variant of CVE-2016-5195
	* should work on RHEL 5 & 6
	*
	* (un)comment correct payload (x86 or x64)!
	* $ gcc -pthread c0w.c -o c0w
	* $ ./c0w
	* DirtyCow root privilege escalation
	* Backing up /usr/bin/passwd.. to /tmp/bak
	* mmap fa65a000
	# Script is available at https://github.com/supermamon/install-theos
	# Or if you trust me run
	curl -LO https://git.io/install-theos && bash install-theos
	#!/usr/bin/python

	# Modified by Travis Lee
	# Last Updated: 4/21/14
	# Version 1.16
	#
	# -changed output to display text only instead of hexdump and made it easier to read
	# -added option to specify number of times to connect to server (to get more data)
	# -added option to send STARTTLS command for use with SMTP/POP/IMAP/FTP/etc...
	# -added option to specify an input file of multiple hosts, line delimited, with or without a port specified (host:port)
	Enable DCI debugging on Gigabyte-BKi5HA-7200
	--------------------------------------------

	The Gigabyte-BKi5HA-7200 (Kabylake i5-7200 processor) can be debugged with only a USB debug cable, a
	special cable that crosses only the data signals and has the power signals
	removed. You can buy these cables at i.e. https://www.datapro.net/products/usb-3-0-super-speed-a-a-debugging-cable.html
	The hurdle you have to overcome before you can access DCI however is that you
	need to set some bits in hardware that first enable DCI and also enable the debug port so that DCI can control the cores.
	There are lots of guides in howto patch the BIOS but only these two really describes all the steps using only freely accessible tools:
	import os
	import sys

	g_step = 1024*1024
	source_file = sys.argv[1]
	source_size = os.path.getsize(source_file)
	target_file = sys.argv[2]
	skip = int(sys.argv[3])
	bytes_remaining = source_size - skip
	print("Source Size: %.02f" % (source_size / float(g_step)))
	#include <iostream>
	#include <Windows.h>
	int main(int argc, char **argv)
	{
	if (argc < 2) {
	printf("Usage: %s <pid>", argv[0]);
	return 0;
	}

	std::cout << "Attempt to control the CPU Rate of target process...\n";
	// ThreadPrimes.cpp : This file contains the 'main' function. Program execution begins and ends there.
	//

	#include <stdio.h>
	#include <intrin.h>
	#include <math.h>
	#include <windows.h>


	#define BLOCK 1000
	setTimeout(function() {
	Java.perform(function() {

	var className = "com.example.wlclient.auth.XLAuthorizationManagerInternal";
	var instance = Java.use(className);
	instance.invokeTokenRequest.implementation = function (a, b, c) {
	console.log("[*] onEnter invokeTokenRequest...");

	var XLOAuthCertManager = Java.use("com.example.common.security.XLOAuthCertManager");
	var XLCertManager = Java.use("com.example.common.security.XLCertManager");