sudo ./restart_cuckoo.sh
cuckoo@labs:~$ CWD="/home/cuckoo/.cuckoo"
cuckoo@labs:~$ /usr/bin/supervisord -c $CWD/supervisord.conf
Unlinking stale socket /home/cuckoo/.cuckoo/supervisord/unix.sock
cuckoo@labs:~$ cd $CWD; /usr/bin/supervisorctl start distributed
distributed: started
cuckoo@labs:~/.cuckoo$ cuckoo distributed server
* Running on http://localhost:9003/ (Press CTRL+C to quit)
// ==UserScript== | |
// @name Hijack RARBG PopUps | |
// @namespace https://github.com/Hacksign/configs/blob/master/firefox/plugins/greasemonkey/rarbg.user.js | |
// @version 0.1 | |
// @description Prevent rarbg from popping up annoying ad pages | |
// @author Hacksign | |
// @match https://*.rarbg.to/* | |
// @include https://*.proxyrarbg.org/* | |
// @include https://*.rarbgway.org/* | |
// @include https://*.rarbgunblocked.org/* |
<# | |
.SYNOPSIS | |
list Installed Applications in windows. | |
.DESCRIPTION | |
Get-InstalledApplication can list all the installed program in windows. make sure use Import-Module | |
.PARAMETER outpath | |
path to output folder, dot (.) for current folder |
#include "stdafx.h" | |
#include "fstream" | |
//#include "ctime" | |
#include "Windows.h" | |
using namespace std; | |
int main(int argc, char *argv[]) { | |
[Unit] | |
Description=Moloch Demo Elasticsearch | |
After=network.target | |
[Service] | |
Type=simple | |
Restart=on-failure | |
StandardOutput=tty | |
Environment=ES_DIR=/data/moloch | |
Environment=ES_NODE_NAME=pins-sbvm |
Install vbox from source (tested on Ubuntu Server 16.04.1 LTS): | |
=============================================================== | |
# Build dependencies can be found at: | |
# https://www.virtualbox.org/wiki/Linux%20build%20instructions | |
# | |
# unfortunatly, they are always outdated (thx Oracle) | |
# here are the missing pkg on Ubuntu Server 16.04.1 LTS: | |
apt-get install subversion build-essential bcc iasl xsltproc uuid-dev \ |
A DLL can be loaded and executed via Excel by initializing the Excel.Application COM object and passing a DLL to the RegisterXLL method. The DLL path does not need to be local, it can also be a UNC path that points to a remote WebDAV server.
When delivering via WebDAV, it should be noted that the DLL is still written to disk but the dropped file is not the one loaded in to the process. This is the case for any file downloaded via WebDAV, and they are stored at: C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\TfsStore\Tfs_DAV\
.
The RegisterXLL function expects an XLL add-in which is essentially a specially crafted DLL with specific exports. More info on XLL's can be found on MSDN
The XLL can also be executed by double-clicking the .xll file, however there is a security warning. @rxwx has more notes on this here inc
<?php | |
error_reporting(0); | |
//Given $y = md5($x.strrev($x).$x*$x^$x.($x%$x)+9*4/$x) | |
//Find $x if $y = 43a87a86ea9aee0255325e2865d6b503 | |
//Thanks to this code http://www.braindisorder.org/2008/10/md5-hacking-with-php/ | |
function getmicrotime() { | |
list($usec, $sec) = explode(" ",microtime()); | |
return ((float)$usec + (float)$sec); | |
} | |