- Anonymous - Script kiddies. Also see: Slacktivism
- Advanced - More advanced than the products the presenter sells
- APT - "Fancy name for shit you have in your network and didn't notice for a while"
- China - Because why not? Also see: Attribution Dice
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
;SMBDIS.ASM - A COMPREHENSIVE SUPER MARIO BROS. DISASSEMBLY | |
;by doppelganger (doppelheathen@gmail.com) | |
;This file is provided for your own use as-is. It will require the character rom data | |
;and an iNES file header to get it to work. | |
;There are so many people I have to thank for this, that taking all the credit for | |
;myself would be an unforgivable act of arrogance. Without their help this would | |
;probably not be possible. So I thank all the peeps in the nesdev scene whose insight into | |
;the 6502 and the NES helped me learn how it works (you guys know who you are, there's no |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
''' | |
example of consuming insns.xml | |
''' | |
from xml.etree.ElementTree import ElementTree | |
class Instructions: | |
def __init__(s): | |
s.root = ElementTree(file = 'insns.xml') | |
def dump(s): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/*************************************************************************** | |
* Copyright (C) 2013 Cosmin Gorgovan * | |
* cosmin [at] linux-geek [dot] org * | |
* * | |
* This program is free software; you can redistribute it and/or modify * | |
* it under the terms of the GNU General Public License as published by * | |
* the Free Software Foundation; either version 2 of the License, or * | |
* (at your option) any later version. * | |
* * | |
* This program is distributed in the hope that it will be useful, * |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
=begin | |
McAfee ePolicy Orchestrator Authenticated XXE and Credential Disclosure | |
Trial available here: | |
https://secure.mcafee.com/apps/downloads/free-evaluations/survey.aspx?mktg=ESD1172&cid=ESD1172&eval=A0C692FB-8E29-4D47-BBF1-43CAB5F10069®ion=us | |
McAfee ePolicy Orchestrator suffers from an authenticated XXE vulnerability, available to any authenticated user. The Server Task Log option in the upper left menu is where the vulnerability lies. When creating a custom filter, a bit of XML is passed from the client to the server to create the said filter. This parameter is called 'conditionXML' and is vulnerable to an XXE attack. The attack seems a bit limited however, as you can only fit up to 255 characters in the 'value' field. | |
However, a file in the web server installation configuration directory called 'keystore.properties' is less than the size we need, and contains an encrypted passphrase that is set during installation. When installing, an initial admin user is created (with 'admin' as the default userna |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package com.isciurus.oauth_poc; | |
import java.io.IOException; | |
import java.text.DateFormat; | |
import java.util.Date; | |
import com.google.android.gms.auth.GoogleAuthException; | |
import com.google.android.gms.auth.GoogleAuthUtil; | |
import com.google.android.gms.auth.UserRecoverableAuthException; | |
import android.accounts.AccountManager; | |
import android.app.Activity; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dc:14:de:8e:d7:c1:15:43:23:82:25:81:d2:59:e8:c0 | 245272 | |
---|---|---|
32:f9:38:a2:39:d0:c5:f5:ba:bd:b7:75:2b:00:f6:ab | 197846 | |
d0:db:8a:cb:74:c8:37:e4:9e:71:fc:7a:eb:d6:40:81 | 152046 | |
34:47:0f:e9:1a:c2:eb:56:eb:cc:58:59:3a:02:80:b6 | 140777 | |
df:17:d6:57:7a:37:00:7a:87:5e:4e:ed:2f:a3:d5:dd | 91904 | |
81:96:a6:8c:3a:75:f3:be:84:5e:cc:99:a7:ab:3e:d9 | 80499 | |
7c:a8:25:21:13:a2:eb:00:a6:c1:76:ca:6b:48:6e:bf | 78172 | |
1c:1e:29:43:d2:0c:c1:75:40:05:30:03:d4:02:d7:9b | 71851 | |
8b:75:88:08:41:78:11:5b:49:68:11:42:64:12:6d:49 | 70786 | |
c2:77:c8:c5:72:17:e2:5b:4f:a2:4e:e3:04:0c:35:c9 | 68654 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package | |
{ | |
import flash.display.MovieClip; | |
import flash.utils.ByteArray; | |
import flash.net.URLLoader; | |
import flash.utils.Timer; | |
import flash.media.Video; | |
import flash.display.Loader; | |
import flash.net.URLRequest; | |
import flash.events.Event; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Fix clang function prologues | |
# WARNING: this WILL patch bytes in the database | |
# | |
# Copyright (c) 2015 xerub | |
# | |
# This program is free software; you can redistribute it and/or modify | |
# it under the terms of the GNU General Public License as published by | |
# the Free Software Foundation; either version 2 of the License, or | |
# (at your option) any later version. | |
# |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
locate -r '/History$' | fgrep chrom | while read x; do echo select url from urls\; | sqlite3 "$x"; done > hist | |
cut -d/ -f 3 hist | sort -u | xargs -P200 -I{} -n1 -- sh -c ': | openssl s_client -connect {}:443 2> {}.path > {}.handshake' | |
for f in *.path; do if ! fgrep 'verify erro' $f >/dev/null; then grep -m1 '^depth' $f; fi; done | cut -d' ' -f 2- | sort | uniq -c | sort -n | |
for f in *.path; do if ! fgrep 'verify erro' $f >/dev/null; then grep -m1 '^depth' $f; fi; done | cut -d' ' -f 2- | sed 's/.*O = //;s/, OU =.*//;s/, CN = //;s/The //;s/[",.]//g;s/ Inc//' | sort | uniq -c | sort -n |
OlderNewer