Skip to content

Instantly share code, notes, and snippets.

View slayerlab's full-sized avatar
🐞

Slayer slayerlab

🐞
View GitHub Profile
@slayerlab
slayerlab / CVE-2017-11779-modified.xml
Last active March 3, 2018 22:56
CVE ID - Example of fix "false negative" ("Windows Server 2012" added) bug on NVD/CVE Feeds: CPE 2.3 based on https://nvd.nist.gov/products/cpe & Platform affected on https://portal.msrc.microsoft.com/en-US/security-guidance
<entry id="CVE-2017-11779">
<vuln:vulnerable-configuration id="http://nvd.nist.gov/">
<cpe-lang:logical-test operator="OR" negate="false">
<cpe-lang:fact-ref name="cpe:/o:microsoft:windows_10:-"/>
<cpe-lang:fact-ref name="cpe:/o:microsoft:windows_10:1511"/>
<cpe-lang:fact-ref name="cpe:/o:microsoft:windows_10:1607"/>
<cpe-lang:fact-ref name="cpe:/o:microsoft:windows_10:1703"/>
<cpe-lang:fact-ref name="cpe:/o:microsoft:windows_8.1"/>
<cpe-lang:fact-ref name="cpe:/o:microsoft:windows_rt_8.1"/>
<cpe-lang:fact-ref name="cpe:/o:microsoft:windows_server_2012"/>
@slayerlab
slayerlab / security-checklist-components.md
Last active August 14, 2018 18:32
Lista de itens utilizados no SCAP e OpenSCAP

Itens mútuos com SCAP e OpenSCAP

  • Open Vulnerability Assessment Language (OVAL) -- SCAP e OpenSCAP
  • Assert Report Format (ARF) -- SCAP e OpenSCAP
  • Extensible Configuration Checklist Description Format (XCCDF) -- SCAP e OpenSCAP
  • Common Vulnerability Exposures (CVE) -- SCAP e OpenSCAP
  • Common Platform Enumeration (CPE) -- SCAP e OpenSCAP
  • Common Weakness Enumeration (CWE) -- SCAP e OpenSCAP
  • DataStream -- OpenSCAP -> Isso foi introduzido no SCAP 1.2. Para que consiga entender o que é o "DataStream" do OpenSCAP: Imagine um arquivo XCCDF que tem ligação com o OVAL e, nele, tem ligações com informações das plataformas vulneráveis (CPE). Esse arquivo interligado pode ser chamado de "DataStream". Ele não faz parte do SCAP, apenas do OpenSCAP.

Abaixo são os itens utilizados apenas no SCAP, NIST.gov:

@slayerlab
slayerlab / simple8bit.asm
Last active January 27, 2018 19:00
8-bits assembly code. It can be simulated for execution in: http://schweigi.github.io/assembler-simulator/index.html
JMP main ; jump to "main" label.
write: ; label "write".
DB "k33p h4ck1ng!" ; DB stands for "define byte" and allocates 1 byte.
DB 0 ; you NEED to declare another DB to put the null terminator \
; into the final string that goes on stdout.
main: ; label "main" - The "main" label is declared to be \
; the entry point
MOV C, write ; copies the buffer assigned in DB from "write" label to C register.
@slayerlab
slayerlab / main.c
Last active December 25, 2017 06:41
1st Windows PoC: Set 0 REG_DWORD value (through RegSetValueEx) into EnableLUA key for UAC definitively disable.
#include <stdio.h>
#include <windows.h>
#if defined(_WIN64)
# define REGKEY_BIT KEY_WOW64_32KEY
#else
# define REGKEY_BIT KEY_WOW64_64KEY
int main(int argc, char *argv[])
{
HKEY hKey;
@slayerlab
slayerlab / .vimrc
Created March 8, 2017 21:53
custom ~/.vimrc
syntax on
colorscheme murphy
set background=dark
set ruler " show the line number on the bar
set more " use more prompt
set autoread " watch for file changes
set number " line numbers
set hidden
set cul " Highlight current line
set noautowrite " don't automagically write on :next
@slayerlab
slayerlab / cvs_system.sh
Last active November 11, 2021 00:06
Check the "Common Vulnerability Scoring System" (CVSS) and "Vector Calculation" through National Vulnerability Database (nvd.nist.gov)
#!/bin/bash
#coded by sl4y3r 0wn3r
#uncomment below for debug
#set -x
# + and this to execute line by line (hit enter)
#trap read debug
# Color bash
RED='\033[1;31m'
GREEN='\033[1;32m'
@slayerlab
slayerlab / parameter_expansion.sh
Last active January 18, 2017 16:26
bash/sh: "parameter expansion" testing
research@blockbit:~/Documents$ set -- jesus te ama
research@blockbit:~/Documents$ echo ${1:2:1}${1:1:1}${1:0:1}${3:0:1}${3:1:1}$' '${3:2:1}${2:0:1}${2:1:1}${1:3:1}${1:4:1}
sejam ateus
@slayerlab
slayerlab / report.S
Last active April 16, 2018 02:37
causing stack corruption in crunch
Title : Crunch Wordlist (Ubuntu) stack corruption
Version : 3.6
Date : 2016-12-27
Vendor : https://sourceforge.net/projects/crunch-wordlist/
Impact : Low/Med
Contact : submit [dot] slayerowner [at] gmail.com
Twitter : @slayer_owner
tested : Ubuntu 16.10 desktop x86_64
Author : SLAYER OWNER
###############################################################################################
@slayerlab
slayerlab / windows-definitions_oval.xml
Last active May 5, 2018 00:35
Detect undocumented system certificate: PinRules{EncodedCtl,LastSyncTime} - Windows 10 x86/x64 https://goo.gl/IoOH9V
<?xml version="1.0" encoding="UTF-8"?>
<oval_definitions
xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-definitions-5
oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#windows
windows-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-common-5
oval-common-schema.xsd"
xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5">
<generator>
@slayerlab
slayerlab / up.sh
Created October 11, 2016 21:50
fix the broken packages
#!/bin/bash
# Fix the broken packages
for package in $(cat broken_pkg | cut -d"'" -f2);
do apt-get install --reinstall "$package" -y;
done