Kasper Fabæch Brandt poizan42
poizan42
/ MailSend.cs
Last active
June 14, 2018 16:15
Demonstration of bad heuristics in som AV products, new-style .csproj edition, see https://poizan.dk/blog/2018/06/14/the-dangerous-mailsend-antivirus-heuristics-fail/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class Program | |
| { | |
| public const string pad = | |
| "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" + | |
| "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" + | |
| "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" + | |
| "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" + | |
| "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" + | |
| "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" + | |
| "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" + |
poizan42
/ CloneFrameworkPropertyMetadata.cs
Created
June 14, 2018 11:57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| private static FrameworkPropertyMetadata CloneFrameworkPropertyMetadata(FrameworkPropertyMetadata src) | |
| { | |
| FrameworkPropertyMetadataOptions options = FrameworkPropertyMetadataOptions.None; | |
| if (src.AffectsArrange) | |
| options |= FrameworkPropertyMetadataOptions.AffectsArrange; | |
| if (src.AffectsMeasure) | |
| options |= FrameworkPropertyMetadataOptions.AffectsMeasure; | |
| if (src.AffectsParentArrange) | |
| options |= FrameworkPropertyMetadataOptions.AffectsParentArrange; | |
| if (src.AffectsParentMeasure) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| IdStorageType (byte): | |
| MailboxItemSmtpAddressBased = 0, // Exchange 2007 (EwsLegacyId) | |
| PublicFolder = 1, | |
| PublicFolderItem = 2, | |
| MailboxItemMailboxGuidBased = 3, | |
| ConversationIdMailboxGuidBased = 4, | |
| ActiveDirectoryObject = 5, // Exchange 2013 | |
| MailboxItemMailboxGuidBasedWithFallback = 6 // Exchange 2016 | |
| CompressionId (byte): |
poizan42
/ fix-spinny.py
Last active
January 30, 2018 18:54
Update links to Spinnerette comics to current format
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| from datetime import datetime | |
| import re | |
| import urllib2 | |
| from bs4 import BeautifulSoup | |
| wayback_prefix = 'https://web.archive.org/web/20160824022930/' | |
| newformat_prefix = 'http://www.spinnyverse.com/comic/' | |
| cachef = open('spinny-cache', 'a+') |
poizan42
/ minimal1.pdf
Last active
January 23, 2018 22:33
Adobe Acrobat Pro redaction bug minimal examples, see https://acrobat.uservoice.com/forums/590923-acrobat-for-windows-and-mac/suggestions/32526028-bug-redaction-incorrectly-hides-text-outside-of-r
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
poizan42
/ MoveAnyFile.ps1
Created
November 24, 2017 13:37
PowerShell script for moving / renaming files with otherwise invalid filenames
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| param([String]$existingFilename, [String]$newFilename) | |
| $signature = @' | |
| [DllImport("kernel32.dll", ExactSpelling=true, CharSet=CharSet.Unicode, SetLastError=true)] | |
| public static extern uint MoveFileW( | |
| string lpExistingFileName, string lpNewFileName); | |
| '@ | |
| $type = $null | |
| try |
poizan42
/ DeleteAnyFile.ps1
Last active
November 24, 2017 13:33
PowerShell script for deleting files with otherwise invalid filenames
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| param([String]$filename) | |
| $signature = @' | |
| [DllImport("kernel32.dll", ExactSpelling=true, CharSet=CharSet.Unicode, SetLastError=true)] | |
| public static extern uint DeleteFileW( | |
| string lpFileName); | |
| '@ | |
| $type = $null | |
| try |
poizan42
/ StreamedXmlReader.cs
Created
November 1, 2017 17:27
XmlReader that supports reading a document from a stream with multiple documents
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System.IO; | |
| using System.Xml; | |
| internal class StreamedXmlReader : XmlTextReader | |
| { | |
| private bool eof; | |
| public override bool EOF => base.EOF || eof; | |
| public StreamedXmlReader(TextReader input) : base(input) | |
| { | |
| } |
poizan42
/ get-dncore-stacks.sh
Created
September 19, 2017 20:54
Prints full stack trace of every thread in a dotnet core process out to stdout
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| lldb --attach-name dotnet -o "plugin load libsosplugin.so" -o "eestack" -o "process detach" -o "exit" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| call32test: call32test.o call32.o | |
| gcc -g $^ -o $@ | |
| call32test.o: call32test.c | |
| gcc -g -c $< -o $@ | |
| call32.o: call32.asm | |
| nasm -f elf64 call32.asm -o call32.o |