Skip to content

Instantly share code, notes, and snippets.

View thesp0nge's full-sized avatar
🏡
Working from home

Paolo Perego thesp0nge

🏡
Working from home
View GitHub Profile
@mgeeky
mgeeky / msfvenom-reverse-tcp-WaitForSingleObject.md
Last active November 14, 2023 19:45
(OSCE/CTP, Module #3: Backdooring PE Files) Document explaining how to locate WaitForSingleObject(..., INFINITE) within msfvenom's (4.12.23-dev) generated payload and how to fix the payload's glitches.

Looking for WaitForSingleObject call within modern msfvenom generated payload.


Abstract

This is a document explaining how to locate WaitForSingleObject(..., INFINITE) within msfvenom's (4.12.23-dev) generated payload and how to fix the payload's glitches. It goes through the analysis of a windows/shell_reverse_tcp payload, touching issues like stack alignment, WaitForSingleObject locating & patching. It has been written when I realised there are many topics on the Offensive-Security OSCE/CTP forums touching problem of finding this particular Windows API. Since RE is one of my stronger FU's I decided to write down my explanation of the subject.

Contents:

@DinisCruz
DinisCruz / JavapHelper.java
Last active September 5, 2016 13:55
javap helper to quickly extract list of methods called from method
package ....appsec.utils;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
public class JavapHelper {
@tunelko
tunelko / weird_encodings.py
Last active January 10, 2020 21:35
weird_encodings
import base64
import sys
pt = sys.argv[1]
type_encoding = sys.argv[2]
atom128 = "/128GhIoPQROSTeUbADfgHijKLM+n0pFWXY456xyzB7=39VaqrstJklmNuZvwcdEC"
megan35 = "3GHIJKLMNOPQRSTUb=cdefghijklmnopWXYZ/12+406789VaqrstuvwxyzABCDEF5"
zong22 = "ZKj9n+yf0wDVX1s/5YbdxSo=ILaUpPBCHg8uvNO4klm6iJGhQ7eFrWczAMEq3RTt2"
hazz15 = "HNO4klm6ij9n+J2hyf0gzA8uvwDEq3X1Q7ZKeFrWcVTts/MRGYbdxSo=ILaUpPBC5"
@emad-elsaid
emad-elsaid / share-screen.rb
Created February 22, 2014 10:30
share your screen on the local network
require 'socket'
require 'base64'
Refresh = 1 # seconds to refresh image on server
screen_capture_command = 'screencapture -C -x tmp.png'
image = ''
latest = Time.now
server = TCPServer.new 3000
loop do
@klange
klange / _.md
Last active December 2, 2023 20:36
It's a résumé, as a readable and compilable C source file. Since Hacker News got here, this has been updated to be most of my actual résumé. This isn't a serious document, just a concept to annoy people who talk about recruiting and the formats they accept résumés in. It's also relatively representative of my coding style.

Since this is on Hacker News and reddit...

  • No, I don't distribute my résumé like this. A friend of mine made a joke about me being the kind of person who would do this, so I did (the link on that page was added later). My actual résumé is a good bit crazier.
  • I apologize for the use of _t in my types. I spend a lot of time at a level where I can do that; "reserved for system libraries? I am the system libraries".
  • Since people kept complaining, I've fixed the assignments of string literals to non-const char *s.
  • My use of type * name, however, is entirely intentional.
  • If you're using an older compiler, you might have trouble with the anonymous unions and the designated initializers - I think gcc 4.4 requires some extra braces to get them working together. Anything reasonably recent should work fine. Clang and gcc (newer than 4.4, at le
@brandonb927
brandonb927 / osx-for-hackers.sh
Last active March 27, 2024 06:33
OSX for Hackers: Yosemite/El Capitan Edition. This script tries not to be *too* opinionated and any major changes to your system require a prompt. You've been warned.
#!/bin/sh
###
# SOME COMMANDS WILL NOT WORK ON macOS (Sierra or newer)
# For Sierra or newer, see https://github.com/mathiasbynens/dotfiles/blob/master/.macos
###
# Alot of these configs have been taken from the various places
# on the web, most from here
# https://github.com/mathiasbynens/dotfiles/blob/5b3c8418ed42d93af2e647dc9d122f25cc034871/.osx
@jamieowen
jamieowen / youtube.rb
Created March 17, 2012 18:14
Octopress Youtube plugin...
module Jekyll
class Youtube < Liquid::Tag
@width = 640
@height = 390
def initialize(name, id, tokens)
super
@id = id
end
@kamermans
kamermans / fail2ban-allstatus.sh
Created July 11, 2011 17:06
Show status of all fail2ban jails at once
#!/bin/bash
JAILS=`fail2ban-client status | grep "Jail list" | sed -E 's/^[^:]+:[ \t]+//' | sed 's/,//g'`
for JAIL in $JAILS
do
fail2ban-client status $JAIL
done