You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228
This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders
sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log
| 0h3I5Lik3P4rtY@v3r | |
| (0n3(t1v1d@d3 | |
| 0p3nbr@v0 | |
| 0r@cl3 | |
| 0r@cl3123 | |
| 0r@cle123 | |
| 0rg@n1z@t10n | |
| 111I5Lik3P4rtY@v3r | |
| 11Fum4tulP0@t3Uc1d^%^&*?122412 | |
| 123@abc123 |
| # DON'T USE THIS VERSION! | |
| # Try https://gist.github.com/wdormann/89ed779933fe205fb52ecf3eacf5ff40 instead | |
| import os | |
| import subprocess | |
| # See: https://blogs.msmvps.com/erikr/2007/09/26/set-permissions-on-a-specific-service-windows/ | |
| svcinfo = {} | |
| FNULL = open(os.devnull, 'w') |
| ' POC to spawn process with PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_ALWAYS_ON mitigation enabled | |
| ' by @_xpn_ | |
| ' | |
| ' Thanks to https://github.com/itm4n/VBA-RunPE and https://github.com/christophetd/spoofing-office-macro | |
| Const EXTENDED_STARTUPINFO_PRESENT = &H80000 | |
| Const HEAP_ZERO_MEMORY = &H8& | |
| Const SW_HIDE = &H0& | |
| Const MAX_PATH = 260 | |
| Const PROC_THREAD_ATTRIBUTE_MITIGATION_POLICY = &H20007 |
| #!/usr/bin/env python | |
| import random | |
| prefix = ["{}2", "{}6", "{}A", "{}E"] | |
| random.shuffle(prefix) | |
| hex_digits = list("0123456789ABCDEF" * 11) | |
| random.shuffle(hex_digits) |
This work is released under a Creative Commons Attribution-NoDerivatives 4.0 International License.
"OpenPGP" refers to the OpenPGP protocol, in much the same way that HTML refers to the protocol that specifies how to write a web page. "GnuPG", "SequoiaPGP", "OpenPGP.js", and others are implementations of the OpenPGP protocol in the same way that Mozilla Firefox, Google Chromium, and Microsoft Edge refer to software packages that process HTML data.
| /* | |
| ================================ Compile as a .Net DLL ============================== | |
| C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe /target:library /out:TestAssembly.dll TestAssembly.cs | |
| */ | |
| using System.Windows.Forms; | |
| namespace TestNamespace |
Homepage: Chocolatey.org
Chocolatey is a machine-level package manager and installer for software packages, built for the Windows NT platform.
It is an execution engine using the NuGet packaging infrastructure and Windows PowerShell to provide an automation tool for installing software on Windows machines, designed to simplify the process from the user perspective.
The name is an extension on a pun of NuGet (from "nougat") "because everyone loves Chocolatey nougat".
Selfhosting is the process of locally hosting and managing applications instead of renting from SaaS providers.
This is a list of Free Software network services and web applications which can be hosted locally. Non-Free software is listed on the Non-Free page.
See Contributing.
| /* base32 */ | |
| /* | |
| Copyright (c) 2011, Chris Umbel | |
| Permission is hereby granted, free of charge, to any person obtaining a copy | |
| of this software and associated documentation files (the "Software"), to deal | |
| in the Software without restriction, including without limitation the rights | |
| to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
| copies of the Software, and to permit persons to whom the Software is | |
| furnished to do so, subject to the following conditions: |
