0trace 1.5 A hop enumeration tool http://jon.oberheide.org/0trace/ | |
3proxy 0.7.1.1 Tiny free proxy server. http://3proxy.ru/ | |
3proxy-win32 0.7.1.1 Tiny free proxy server. http://3proxy.ru/ | |
42zip 42 Recursive Zip archive bomb. http://blog.fefe.de/?ts=b6cea88d | |
acccheck 0.2.1 A password dictionary attack tool that targets windows authentication via the SMB protocol. http://labs.portcullis.co.uk/tools/acccheck/ | |
ace 1.10 Automated Corporate Enumerator. A simple yet powerful VoIP Corporate Directory enumeration tool that mimics the behavior of an IP Phone in order to download the name and extension entries that a given phone can display on its screen interface http://ucsniff.sourceforge.net/ace.html | |
admid-pack 0.1 ADM DNS spoofing tools - Uses a variety of active and passive methods to spoof DNS packets. Very powerful. http://packetstormsecurity.com/files/10080/ADMid-pkg.tgz.html | |
adminpagefinder 0.1 This python script looks for a large amount of possible administrative interfaces on a given site. http://packetstormse |
https://github.com/pentestmonkey/windows-privesc-check | |
https://github.com/inquisb/keimpx | |
https://github.com/Spiderlabs/Responder | |
https://github.com/infobyte/faraday | |
https://github.com/koto/xsschef | |
https://github.com/darkoperator/Meterpreter-Scripts | |
https://github.com/mubix/Not-In-Pentesting-Class | |
https://github.com/scoopex/scriptreplay_ng | |
https://github.com/irsdl/updated-SWFIntruder | |
https://github.com/pentestgeek/smbexec |
Your phone should have a locked bootloader, as it ensures the integrity of the software running on the device. This is especially relevant for Xiaomi phones, which are often loaded with all sorts of crapware by shady merchants. These vendor ROM's are a serious security risk. You really don't want to run that shit, so do your research very carefully when importing a Xiaomi device to ensure it hasn't been tampered with.
So, Xiaomi makes these nice phones and those vendors just ruin it all. They do the logical thing and start locking devices. But even today, vendor ROM's are still a thing! Even the brand new edgeless Mi Mix isn't safe.
How is this possible?
Through a wide open back door called EDL mode. To flash anything you want, all you need is a "deep flash cable" from [Aliexpress](https://www.aliexpress.com/wholesale?catId=0&SearchText=xiaomi+deep+fl
@ECHO OFF | |
SETLOCAL | |
ECHO ASLR Enable / Diable Batch Script - Please run as admin | |
set /p Choice=Want to Enable or Disable ASLR? (e or d):%=% | |
if "%Choice%"=="e" goto :ENABLE | |
if "%Choice%"=="d" goto :DISABLE | |
:ENABLE |
appendlist([], X, X). | |
appendlist([T|H], X, [T|L]) :- appendlist(H, X, L). | |
permutation([], []). | |
permutation([X], [X]) :-!. | |
permutation([T|H], X) :- permutation(H, H1), appendlist(L1, L2, H1), appendlist(L1, [T], X1), appendlist(X1, L2, X). |
The file install-vmware-tools is from REMnux v6 scripts: https://launchpad.net/~remnux/+archive/ubuntu/stable/+files/remnux-scripts_0.1.50.tar.gz | |
install-vmware-tools_TrietPTM is my patch for the "install-vmware-tools" script that’s present on REMnux v6 to fix a compatibility issue between VMware Tools and the Linux kernel included in Ubuntu, which prevents shared folders from working. | |
Other Ways You Can Help With REMnux: https://zeltser.com/remnux-v6-release-for-malware-analysis/ |
#!/usr/bin/env python | |
# allows print() behavior as in python3 | |
from __future__ import print_function | |
# required for assembly | |
from keystone import * | |
# required for emulation | |
from unicorn import * | |
from unicorn.x86_const import * |
IGGG Advent Calender 2015のために書いた記事です。
常設CTFで遊んでたらPwnable系の問題を解いてるうちにいろいろと勉強になったのでまとめます。
PwnableとはCTFのジャンルの1つで、プログラムの脆弱性をつき、本来アクセスできないメモリ領域にアクセスして操作し、フラグを取得する感じの問題です。
別名としてExploit
があります。