Skip to content

Instantly share code, notes, and snippets.

Avatar
💼
Extremely busy

typcn

💼
Extremely busy
View GitHub Profile
@typcn
typcn / SampleHide.cpp
Created Oct 6, 2018
A sample code to hide process window with HyperPlatform. https://github.com/tandasat/HyperPlatform
View SampleHide.cpp
// Copyright (c) 2015-2016, tandasat. All rights reserved.
// Use of this source code is governed by a MIT-style license that can be
// found in the LICENSE file.
/// @file
/// Implements DdiMon functions.
#include "ddi_mon.h"
#include <ntimage.h>
#define NTSTRSAFE_NO_CB_FUNCTIONS
@typcn
typcn / honeypot.js
Created Mar 2, 2018
Memcached honeypot
View honeypot.js
const dgram = require('dgram');
const net = require('net');
const server = dgram.createSocket('udp4');
const fs = require('fs')
let udp_logger = fs.createWriteStream('udp_log.txt', {
flags: 'a'
});
let tcp_logger = fs.createWriteStream('tcp_log.txt', {
flags: 'a'
View gist:9cb8da3fc97cabb1692f1938e777d8f3
const fs = require('fs');
let text = fs.readFileSync('listcachefile.txt').toString();
let a = text.split(' TTL:');
for(let i = 0;i < a.length;i++){
let t = a[i].split('\n');
let file = t[0].replace('file:','');
let url = t[1].split('http://cache-i/');
if(file.indexOf('EXPIRE') > -1){
@typcn
typcn / drvhider.c
Last active May 27, 2019
Hide Driver from ARK tools ( win7 -- win10 x64, patchguard safe )
View drvhider.c
VOID DrvObjHide(_In_ PVOID Context) {
// Wait the driver fully loaded
NTSTATUS status = STATUS_SUCCESS;
INT64 interval = 1000 * -10000i64;
status = KeDelayExecutionThread(KernelMode,FALSE,(PLARGE_INTEGER)&interval);
PDRIVER_OBJECT driver_object = (PDRIVER_OBJECT)Context;
tMiProcessLoaderEntry fun = (tMiProcessLoaderEntry)FindMiProcessLoaderEntry();
// MiProcessLoaderEntry will remove your driver from PsLoadedModuleList, and the patchguard moniting context.
// So it won't trigger a BSOD
@typcn
typcn / railgun-arch-install.zsh
Last active May 5, 2019
Install cloudflare railgun on ArchLinux
View railgun-arch-install.zsh
#!/usr/bin/zsh
mkdir rg-install
cd rg-install
wget http://pkg.cloudflare.com/dists/xenial/railgun/binary-amd64/Packages.gz
gunzip Packages.gz
wget "http://pkg.cloudflare.com/${$(cat Packages | grep Filename:)//Filename: }"
ar -x *.deb
tar xvf data.tar.xz
rm -rf /usr/local/railgun
mkdir -p /usr/local/railgun
@typcn
typcn / gist:0b10dbb140faa296cabc988ac80f718e
Last active Apr 29, 2018
Fix macOS ping spike ( openwrt / lede )
View gist:0b10dbb140faa296cabc988ac80f718e
Don't use 2.4Ghz
list ht_capab 'SHORT-GI-40'
list ht_capab 'DSSS_CCK-40'
list ht_capab 'TX-STBC'
list ht_capab 'RX-STBC1'
option frag '2304'
option rts '2304'
option beacon_int '75'
@typcn
typcn / umetrip_1s.js
Last active Jul 19, 2017
Umetrip OneSecond Activity Cheat Source
View umetrip_1s.js
// Open: http://www.umetrip.com/activity/second/second.html?userId=YourUserId&issue=9
// Use packet capture to get UserID And Token
function doStart() {
$.ajax({
url: storeUrl + "/UmeStore/OneSecond/oneSecondStart.do?userId=YourUserID&token=YourToken&issue=9",
contentType: "application/x-www-form-urlencoded",
dataType: "json",
cache: !1,
timeout: 5e4,
@typcn
typcn / gist:9db39342334d1d2ba02b971ed0482435
Last active Feb 15, 2020
A old overwatch hack crack... maybe work if you found the latest DLL....
View gist:9db39342334d1d2ba02b971ed0482435
// olprk.cpp : Defines the entry point for the console application.
//
#include "stdafx.h"
#include <Windows.h>
#include <stdio.h>
#include <stdlib.h>
#include <signal.h>
#include <stdint.h>
#include <tchar.h>
@typcn
typcn / run.js
Last active Feb 1, 2017
umetrip_auto_sign
View run.js
const tpush = require('typcnpush-sdk');
const http = require('http');
tpush.useInternalMode();
setInterval(function(){
let options = {
host: 'ume1.umetrip.com',
port: 80,
path: '/UmeAd/everyday/luck.do?sid=YOUR_SESSION_ID',
method: 'GET'
@typcn
typcn / 302.js
Last active May 1, 2016
GCTF Opabina Regalis
View 302.js
var fs = require("fs");
var p = require("node-protobuf");
var pb = new p(fs.readFileSync("out.desc"));
var tls = require('tls');
var crypto = require('crypto');
var http = require("http");
var conn = tls.connect(13001, 'ssl-added-and-removed-here.ctfcompetition.com', (socket) => {
console.log('Connected');
You can’t perform that action at this time.