Teddy Reed theopolis
theopolis
/ unset_passwords.sql
Created Nov 29, 2017
Find enabled accounts on macOS with unset passwords
View unset_passwords.sql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| select os_version.version, case when from_base64(p2.value) like '%passwordLastSet%' then 1 else 0 end as password_set, case when p1.value = '*' then 0 else 1 end as account_enabled, u.shell, u.username as account_username from plist p1, plist p2, os_version, (select * from users where directory != '/var/empty') u where (p1.path = '/var/db/dslocal/nodes/Default/users/' || username || '.plist' and p1.key = 'passwd') and (p2.path = '/var/db/dslocal/nodes/Default/users/' || username || '.plist' and p2.key = 'accountPolicyData'); |
theopolis
/ gist:580bcc94084831f331a0b83c5fef40ca
Created Oct 1, 2016
View gist:580bcc94084831f331a0b83c5fef40ca
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/osquery/core/windows/wmi.cpp b/osquery/core/windows/wmi.cpp | |
| index 43e8d1f..d336118 100644 | |
| --- a/osquery/core/windows/wmi.cpp | |
| +++ b/osquery/core/windows/wmi.cpp | |
| @@ -197,8 +197,6 @@ WmiRequest::WmiRequest(const std::string& query, BSTR nspace) { | |
| std::wstring wql = stringToWstring(query); | |
| HRESULT hr = E_FAIL; | |
| - | |
| - hr = ::CoInitializeEx(0, COINIT_MULTITHREADED); |
View rpm-4.13.0-rc1-lite.diff
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/Makefile.am b/Makefile.am | |
| index 4b5d1d8..a225237 100644 | |
| --- a/Makefile.am | |
| +++ b/Makefile.am | |
| @@ -18,7 +18,7 @@ endif | |
| if WITH_LUA | |
| SUBDIRS += luaext | |
| endif | |
| -SUBDIRS += rpmio lib sign build scripts fileattrs doc . | |
| +SUBDIRS += rpmio lib . |
theopolis
/ keychain_leaks.cpp
Created Feb 25, 2015
Small program to demo SecCertificateCopyValues leaks
View keychain_leaks.cpp
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // This is a leaky program! | |
| // Line 40 will leak a few bytes in the SecurityFramework | |
| // %I in xcode, profile. | |
| #include <CoreFoundation/CoreFoundation.h> | |
| #include <CoreFoundation/CFData.h> | |
| #include <Security/Security.h> | |
| void CreateAuthorities() { | |
| CFMutableDictionaryRef query; |
View registry_tests.cpp
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * Copyright (c) 2014, Facebook, Inc. | |
| * All rights reserved. | |
| * | |
| * This source code is licensed under the BSD-style license found in the | |
| * LICENSE file in the root directory of this source tree. An additional grant | |
| * of patent rights can be found in the PATENTS file in the same directory. | |
| * | |
| */ | |
theopolis
/ crtp_bind.cpp
Last active Aug 29, 2015
C++ Non-static member binding and pseudo CRTP idioms
View crtp_bind.cpp
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <string> | |
| #include <typeinfo> | |
| #include <memory> | |
| #include <functional> | |
| using std::placeholders::_1; | |
| typedef std::function<int(int)> CallbackFunc; | |
| // Helper stdout callback usage. |
theopolis
/ ssltest.py
Created Apr 9, 2014
— forked from ixs/ssltest.py
View ssltest.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org) | |
| # The author disclaims copyright to this source code. | |
| # | |
| # Modified slightly by Andreas Thienemann <athienemann@schubergphilis.com> for clearer exploit code | |
| # and 64k reads | |
| # | |
| # This version of the exploit does write received data to a file called "dump" in the local directory | |
| # for analysis. |