Evan syndrowm

## signoff
#!/usr/bin/env bash

# Abort sign off on any error
set -e

# Start the benchmark timer
SECONDS=0

# Repository introspection
OWNER=$(gh repo view --json owner --jq .owner.login)

## test_dll.c
/**
 *    This DLL is designed for use in conjunction with the Ruler tool for
 *    security testing related to the CVE-2024-21378 vulnerability,
 *    specifically targeting MS Outlook.
 *
 *    It can be used with the following command line syntax:
 *      ruler [auth-params] form add-com [attack-params] --dll ./test.dll
 *    Ruler repository: https://github.com/NetSPI/ruler/tree/com-forms (com-forms branch).
 *
 *    After being loaded into MS Outlook, it sends the PC's hostname and

## linux-setup.sh
# THIS LINUX SETUP SCRIPT HAS MORPHED INTO A WHOLE PROJECT: HTTPS://OMAKUB.ORG
# PLEASE CHECKOUT THAT PROJECT INSTEAD OF THIS OUTDATED SETUP SCRIPT.
#
#

# Libraries and infrastructure
sudo apt update -y
sudo apt install -y \
	docker.io docker-buildx \
	build-essential pkg-config autoconf bison rustc cargo clang \

## attack_range.yml
general:
  cloud_provider: aws
  attack_range_password: AW^@#^%&^#@##
  use_prebuilt_images_with_packer: '0'
  key_name: yourkey-001423
  ip_whitelist: 8.8.8.8 #your public ip address
  attack_range_name: test-range
aws:
  private_key_path: /Users/your/key-001423.key
  region: us-west-2

## DynamicAssemblyLoader.cs
// DynamicAssemblyLoader: A DotNet Assembly Loader using a Dynamic Method and Emitted MSIL Instructions
// Author: @bohops
//
// "Normal" Implementation:
/*
 Assembly assembly = Assembly.Load(assemblyBytes);
 assembly.EntryPoint.Invoke(obj, objArr);
*/

// Original author is @bohops

## coalmine.py
#!/usr/bin/python3
import re
import zipfile
import argparse
from urllib.parse import urlparse

from colorama import Fore
from colorama import Style
from colorama import init

## proc_mem.py
import re, subprocess, idaapi, ida_segment, ida_kernwin

# To install this, simply put it in your ida_install/loaders folder and open
# a `/proc/<pid>/mem` file!
#
# You might need to set `echo 0 > /proc/sys/kernel/yama/ptrace_scope` if you
# want to be able to dump processes depending on your system configuration.

# Check if the file is supported by our loader
def accept_file(li, filename):

## socat_caesar_dpi.md

      
              1 file
            
          
              8 forks
            
          
              3 comments
            
          
              92 stars
            
          
                gmurdocca
                / socat_caesar_dpi.md
            
            
              Last active
              June 28, 2024 15:53
            
              
                Circumventing Deep Packet Inspection with Socat and rot13
              
          
    Circumventing Deep Packet Inspection with Socat and rot13

I have a Linux virtual machine inside a customer's private network. For security, this VM is reachable only via VPN + Citrix + Windows + a Windows SSH client (eg PuTTY). I am tasked to ensure this Citrix design is secure, and users can not access their Linux VM's or other resources on the internal private network in any way outside of using Citrix.
The VM can access the internet. This task should be easy. The VM's internet gateway allows it to connect anywhere on the internet to TCP ports 80, 443, and 8090 only. Connecting to an internet bastion box on one of these ports works and I can send and receive clear text data using netcat. I plan to use good old SSH, listening on tcp/8090 on the bastion, with a reverse port forward configured to expose sshd on the VM to the public, to show their Citrix gateway can be circumvented.
Rejected by Deep Packet Inspection

I hit an immediate snag. The moment I try to establish an SSH or SSL connection over o

  
## Active_Infosec_Discords.md

      
              1 file
            
          
              1 fork
            
          
              0 comments
            
          
              15 stars
            
          
                johnnyxmas
                / Active_Infosec_Discords.md
            
            
              Last active
              January 8, 2024 04:49
            
          
    Infosec Discords with Useful Activity:

The CyberSec Lounge: https://disboard.org/server/join/509544906335715349
Infosec Community: https://discord.gg/bw8DzNn
Whitehat Hacking: https://discord.gg/dCu7n6J
HackTheBox: https://discord.gg/2NJt27j

  
## CVE-2021-44142.py
# CVE-2021-44142 PoC Samba 4.15.0 OOB Read/Write
# (C) 2022 - 0xSha.io -  @0xSha
# This PoC is un-weaponized and for educational purposes only .
# To learn how to use the PoC please read the writeup :
# https://0xsha.io/blog/a-samba-horror-story-cve-2021-44142
# requires samba4-python

# Refrences :
# https://www.thezdi.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin
# Patch : https://attachments.samba.org/attachment.cgi?id=17092
	#!/usr/bin/env bash

	# Abort sign off on any error
	set -e

	# Start the benchmark timer
	SECONDS=0

	# Repository introspection
	OWNER=$(gh repo view --json owner --jq .owner.login)
	/**
	* This DLL is designed for use in conjunction with the Ruler tool for
	* security testing related to the CVE-2024-21378 vulnerability,
	* specifically targeting MS Outlook.
	*
	* It can be used with the following command line syntax:
	* ruler [auth-params] form add-com [attack-params] --dll ./test.dll
	* Ruler repository: https://github.com/NetSPI/ruler/tree/com-forms (com-forms branch).
	*
	* After being loaded into MS Outlook, it sends the PC's hostname and
	# THIS LINUX SETUP SCRIPT HAS MORPHED INTO A WHOLE PROJECT: HTTPS://OMAKUB.ORG
	# PLEASE CHECKOUT THAT PROJECT INSTEAD OF THIS OUTDATED SETUP SCRIPT.
	#
	#

	# Libraries and infrastructure
	sudo apt update -y
	sudo apt install -y \
	docker.io docker-buildx \
	build-essential pkg-config autoconf bison rustc cargo clang \
	general:
	cloud_provider: aws
	attack_range_password: AW^@#^%&^#@##
	use_prebuilt_images_with_packer: '0'
	key_name: yourkey-001423
	ip_whitelist: 8.8.8.8 #your public ip address
	attack_range_name: test-range
	aws:
	private_key_path: /Users/your/key-001423.key
	region: us-west-2
	// DynamicAssemblyLoader: A DotNet Assembly Loader using a Dynamic Method and Emitted MSIL Instructions
	// Author: @bohops
	//
	// "Normal" Implementation:
	/*
	Assembly assembly = Assembly.Load(assemblyBytes);
	assembly.EntryPoint.Invoke(obj, objArr);
	*/

	// Original author is @bohops
	#!/usr/bin/python3
	import re
	import zipfile
	import argparse
	from urllib.parse import urlparse

	from colorama import Fore
	from colorama import Style
	from colorama import init
	import re, subprocess, idaapi, ida_segment, ida_kernwin

	# To install this, simply put it in your ida_install/loaders folder and open
	# a `/proc/<pid>/mem` file!
	#
	# You might need to set `echo 0 > /proc/sys/kernel/yama/ptrace_scope` if you
	# want to be able to dump processes depending on your system configuration.

	# Check if the file is supported by our loader
	def accept_file(li, filename):
	# CVE-2021-44142 PoC Samba 4.15.0 OOB Read/Write
	# (C) 2022 - 0xSha.io - @0xSha
	# This PoC is un-weaponized and for educational purposes only .
	# To learn how to use the PoC please read the writeup :
	# https://0xsha.io/blog/a-samba-horror-story-cve-2021-44142
	# requires samba4-python

	# Refrences :
	# https://www.thezdi.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin
	# Patch : https://attachments.samba.org/attachment.cgi?id=17092