realdomdom
realdomdom
/ PE compression has been nerfed
Created
May 29, 2022 10:56
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://www.virustotal.com/gui/file/059d997835d4507156bc6ad26de10892dbe7b2353ed18f02ca27b1ec0b67f46f | |
| https://www.virustotal.com/gui/file/688006b7100f49485de349daece4665de58a2ed1092a246f4157af481848d9bf | |
| https://www.virustotal.com/gui/file/f0b2a1f0fccd298d048ef6c92168a8bbf18af019d74da7e3ba6c4e8a1c4949cc | |
| https://www.virustotal.com/gui/file/91915970ec2b97673a351f52628d404b505ced5bab449c67d85c9745f5f04c7d |
realdomdom
/ stuffz
Created
May 21, 2022 12:09
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| u ntdll!ZwReadFile | |
| ntdll!NtReadFile: | |
| 77f761e8 b8b7000000 mov eax,0xb7 | |
| 77f761ed ba0003fe7f mov edx,0x7ffe0300 | |
| 77f761f2 ffd2 call edx | |
| 77f761f4 c22400 ret 0x24 | |
| ln 0x7ffe0300 | |
| (7ffe0300) SharedUserData!SystemCallStub | |
| Exact matches: |
realdomdom
/ google_dns.sh
Created
May 21, 2022 09:17
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| sudo iptables -t nat -a prerouting -p udp -d 8.8.8.8 --dport 53 -j redirect | |
| sudo iptables -t nat -a prerouting -p tcp -d 8.8.8.8 --dport 53 -j redirect |
realdomdom
/ network.ps1
Last active
May 21, 2022 08:41
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Set-NetAdapterRSS -Name "Ethernet 2" -Profile Closest -BaseProcessorNumber 2 -MaxProcessorNumber 5 -NumberOfReceiveQueues 2 | |
| New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Enum\PCI\VEN_8086&DEV_1533&SUBSYS_00028086&REV_03\4&5dc256b&0&0028\Device Parameters\Interrupt Management\Affinity Policy" -Name AssignmentSetOverride -PropertyType Binary -Value 3c | |
| New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Enum\PCI\VEN_8086&DEV_1533&SUBSYS_00028086&REV_03\4&5dc256b&0&0028\Device Parameters\Interrupt Management\Affinity Policy" -Name DevicePolicy -PropertyType DWord -Value 4 | |
| New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Enum\PCI\VEN_8086&DEV_1533&SUBSYS_00028086&REV_03\4&5dc256b&0&0028\Device Parameters\Interrupt Management\Routing Info" -Name StaticVector -PropertyType DWord -Value 46 | |
| <# | |
| NDIS.SYS Set mask 2,3,4,5 (of 0-6) | |
| or via intPolicy_x64.exe | |
| #> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- : | |
| @echo off | |
| if [%1] equ [] (echo Missing file parameter. && echo unzip c:\path\to\file.zip [directory] && exit /b 1) | |
| if %1 not exist (echo File not found. && echo unzip c:\path\to\file.zip [directory] && exit /b 2) | |
| if [%2] not equ [] (if %2 not exist (mkdir %2 && if %errorlevel% not 0 (echo Invalid parameter. && echo unzip c:\path\to\file.zip [directory] && exit /b 3))) | |
| if [%2] equ [] (cscript //nologo "%~f0?.wsf" /ZipFile:%1 /ExtractTo:%~dp0 //job:unzip && exit /b) | |
| cscript //nologo "%~f0?.wsf" /ZipFile:%1 /ExtractTo:%2 //job:unzip | |
| exit /b | |
| ---> | |
| <package> |
realdomdom
/ large_pages.cmd
Last active
May 21, 2022 08:45
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @echo off | |
| if not [%1] equ [] reg add HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\%~nx1 /v UseLargePages /t REG_DWORD /d 1 | |
| where /q ntrights || call :download | |
| ntrights +r SeLockMemoryPrivilege -u "" | |
| :eof | |
| :download | |
| for /f "delims=" %%A in ('hostname.exe') do set "host_name=%%A" | |
| for /f "tokens=3" %%* in ('route.exe print ^|findstr "\<0.0.0.0\>"') do @set "gateway=%%*" | |
| for /f "tokens=3" %%* in ('ipconfig ^|findstr "\<DNS-Suffix\>"') do @set "dns_suffix=%%*" | |
| if [%dns_suffix] equ [] do @set "dns_suffix=WORKGROUP" |
realdomdom
/ win11_tpm_bypass.reg
Created
March 2, 2022 17:55
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Windows Registry Editor Version 5.00 | |
| [HKEY_CURRENT_USER\SOFTWARE\Microsoft\PCHC] | |
| "UpgradeEligibility"=dword:00000001 | |
| [HKEY_LOCAL_MACHINE\SYSTEM\Setup\LabConfig] | |
| "BypassTPMCheck"=dword:00000001 | |
| "BypassSecureBootCheck"=dword:00000001 | |
| "BypassRAMCheck"=dword:00000001 | |
| "BypassStorageCheck"=dword:00000001 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ;========================================================================== | |
| ; === Text based config file for dgVoodoo2 | |
| ; === Use this file if you are a game modder/hacker or an experted user and | |
| ; want to modify some advanced properties not available via the CPL. | |
| ;========================================================================== | |
| Version = 0x275 | |
| ;-------------------------------------------------------------------------- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| chimera_af true | |
| chimera_aim_assist true | |
| chimera_block_loading_screen true | |
| chimera_block_mouse_acceleration true | |
| chimera_diagonals 0.75 | |
| chimera_fov auto | |
| chimera_fov_cinematic auto | |
| chimera_fp_reverb true | |
| chimera_throttle_fps 60 | |
| chimera_uncap_cinematic true |
realdomdom
/ CloudWARP.bat
Last active
June 25, 2022 07:59
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @echo off | |
| SETLOCAL EnableExtensions | |
| set EXE=Cloudflare WARP.exe | |
| FOR /F %%x IN ('tasklist /NH /FI "IMAGENAME eq %EXE%"') DO IF %%x == %EXE% goto STOP | |
| mshta 'vbscript:Execute("CreateObject(""shell.application"").ShellExecute""net"",""start CloudflareWARP"","""",""runas"",1:close")' | |
| timeout /T 10 /nobreak | |
| CD "C:\Program Files\Cloudflare\Cloudflare WARP\" | |
| START "" "C:\Program Files\Cloudflare\Cloudflare WARP\Cloudflare WARP.exe" | |
| exit | |
| :EOF |
NewerOlder