Warchant

FROM ubuntu
# http://www.linux-sxs.org/internet_serving/sendm2.html
ENV SMUSER smmsp
RUN apt-get update && apt-get install -y \
    m4 \
    build-essential \
    wget \
    libsm-dev \
    libdb-dev \
    openssl \

adelmas

; Reflective Loader shellcode loading a DLL
; ===============================================
; Posted on http://adelmas.com/blog/fileless_malwares.php by @ArnaudDlms
;
; Written in x86 ASM with Flat Assembler
; No junk code added so executable might be detected as malicious by AVs
; Host process must be 32-bit
; 
; Inspired by the following C code by Stephen Fewer :
; https://github.com/stephenfewer/ReflectiveDLLInjection/blob/master/dll/src/ReflectiveLoader.c

echristopherson

' From <http://www.cpearson.com/excel/recycle.aspx>
' VBA provides the Kill method, but that bypasses the recycle bin.

''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
' Windows API functions, constants,and types.
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
Private Declare Function SHFileOperation Lib "shell32.dll" Alias _
    "SHFileOperationA" (lpFileOp As SHFILEOPSTRUCT) As Long

Private Declare Function PathIsNetworkPath Lib "shlwapi.dll" _

Antelox

var CryptoJS = CryptoJS || function(u, p) {
    var d = {},
        l = d.lib = {},
        s = function() {},
        t = l.Base = {
            extend: function(a) {
                s.prototype = this;
                var c = new s;
                a && c.mixIn(a);
                c.hasOwnProperty("init") || (c.init = function() {

Asday

from collections import OrderedDict
from ctypes import sizeof
from ctypes.wintypes import (
    DWORD,
    LONG,
    WORD,
    )

import pygame
from win32clipboard import (

subfuzion

Common Options

-#, --progress-bar Make curl display a simple progress bar instead of the more informational standard meter.

-b, --cookie <name=data> Supply cookie with request. If no =, then specifies the cookie file to use (see -c).

-c, --cookie-jar <file name> File to save response cookies to.

jriguera

#!/usr/bin/env python
# -*- coding: utf-8 -*-

# Python 3 and compatibility with Python 2
from __future__ import unicode_literals, print_function	

import os
import sys
import re
import logging

MattKetmo

This list has moved to pwnd.dev

Tools

• Metaspoit: Penetration testing software
• GhostShell: Malware indetectable, with AV bypass techniques, anti-disassembly, etc.
• BeEF: The Browser Exploitation Framework
• PTF: Penetration Testers Framework
• Bettercap: MITM framework
• Nessus: Vulnerability scanner

soderlind

/*
Uploading images is a two step process (from https://github.com/WP-API/WP-API/issues/1768#issuecomment-160540932):

	POST the data to /wp/v2/media - this can either be as the request body, or in multipart format. This will upload the file, and give you a 201 Created response with a Location header. This header points to the post object for the attachment that has just been created.
	PUT the post data to the endpoint returned in the Location header (which will look something like /wp/v2/media/{id}).

I do step 2 (PUT), if POST is a success, in myDropzone.on("success", function(file, response){}
*/

// dropzoneWordpressRestApiForm is the configuration for the element that has an id attribute

ihciah

Pwnable.kr Toddler's Bottle writeup

ihciah@gmail.com

It has been a long time since I finish(nearly) these problems...

1. fd

In linux, 0 is std_input, 1 is std_output, 2 is std_error_output.

We just need to send LETMEWIN to std_input and set fd to 0 which means (our input - 0x1234) == 0.