tsondt

The following reserved device names cannot be used as the name of a file: CON, PRN, AUX, CLOCK$, NUL, COM1, COM2, COM3, COM4, COM5, COM6, COM7, COM8, COM9, LPT1, LPT2, LPT3, LPT4, LPT5, LPT6, LPT7, LPT8, and LPT9. In addition, any combinations of these with extensions are not allowed.

(source: https://msdn.microsoft.com/en-us/library/aa578688.aspx)

tsondt

from lxml import etree

ifile = open('capec_v2.6.xml', 'r')

for ev, el in etree.iterparse(ifile,events=('start',), tag='{http://capec.mitre.org/capec-2}Category'):
    for i in el.iter():
        if 'Name' in i.attrib:
            if i.get('Status') == 'Draft':
                if 'WASC' not in i.get('Name'):
                    print 'CAPEC-' + i.get('ID') + '-' + i.get('Name')

tsondt

require 'jose'

class User
  attr_accessor :email, :puid, :ec_key

  def initialize(email, puid, ec_key = ECKey.new)
    @email = email
    @puid = puid
    @ec_key = ec_key
  end

tsondt

• Export the CA certificate: Proxy -> Options -> Import / Export CA certificate -> Export certificate in DER format
• Prepare the certificate in the correct format:

openssl x509 -in cacert.der -inform DER -outform PEM >> "$(openssl x509 -inform DER -in cacert.der -subject_hash | head -1).0"
openssl x509 -in cacert.der -inform DER -text -noout >> "$(openssl x509 -inform DER -in cacert.der -subject_hash | head -1).0"

• Copy the certificate into /etc/security/cacerts:
  • On the machine shell:

adb push xxxxxxxx.0 /sdcard/

tsondt

Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam.1.00]
@="AtomicRedTeam"
[HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam.1.00\CLSID]
@="{00000001-0000-0000-0000-0000FEEDACDC}"
[HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam]
@="AtomicRedTeam"
[HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam\CLSID]
@="{00000001-0000-0000-0000-0000FEEDACDC}"
[HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{00000001-0000-0000-0000-0000FEEDACDC}]

tsondt

Change default shell

Editing /etc/passwd won't work in iOS, so in order to change default shell in iOS you need to edit /etc/master.passwd. You can change root's default shell to bash like this -- root:/smx7MYTQIi2M:0:0::0:0:System Administrator:/var/root:/bin/bash.

Reference

• changing default shell on iPhone
• /etc/master.passwd

tsondt

#!/usr/bin/sudo sh

## ruby_revealer.sh -- decrypt obfuscated GHE .rb files. 2.0.0 to 2.3.1+.

## From `strings ruby_concealer.so`:
##
## > This obfuscation is intended to discourage GitHub Enterprise customers
## > from making modifications to the VM.
##
## Well, good, as long as its not intended to discourage *me* from doing this!

tsondt

{-------- ROBOX Ver 1.5 ---------}
{-- Written by Dinh Tran Thai Son and Nguyen Tan Thai Hung --}
program Robox;
uses crt;
var i,j,left1,left2,up1,up2,menu,c,l:byte;
    keypress:char;
    b:array [1..23,1..15] of byte;
    die1,die2,quit:boolean;
    name1,name2:string;
const

tsondt

#!/bin/bash
# https://support.zoom.us/hc/en-us/articles/201362983-How-to-uninstall-Zoom-on-a-Mac-

rm -rf ~/.zoomus/
rm -rf ~/Applications/zoom.us.app/
rm -rf ~/Library/Application\ Support/zoom.us/

rm -rf /Applications/zoom.us.app/
rm -f /System/Library/Extensions/ZoomAudioDevice.kext

tsondt

FWIW: I'm not the author of the content presented here (which is an outline from Edmond Lau's book). I've just copy-pasted it from somewhere over the Internet, but I cannot remember what exactly the original source is. I was also not able to find the author's name, so I cannot give him/her the proper credits.

---

Effective Engineer - Notes

• By Edmond Lau
• Highly Recommended 👍
• http://www.theeffectiveengineer.com/

What's an Effective Engineer?