Skip to content

Instantly share code, notes, and snippets.

xpn xpn

View GitHub Profile
View keybase.md

Keybase proof

I hereby claim:

  • I am xpn on github.
  • I am xpn (https://keybase.io/xpn) on keybase.
  • I have a public key whose fingerprint is 6822 0B71 BB92 8ABC 8171 4C0F 6B0B E64F 9AF4 238C

To claim this, I am signing this object:

@xpn
xpn / gist:8640962
Created Jan 26, 2014
Metasploit capture/mssql .Net Client
View gist:8640962
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Data;
using System.Data.SqlClient;
namespace metasploit_sql_test
{
@xpn
xpn / libusb_xb_test.c
Created Mar 21, 2016
LibUSB test with XBOX One controller
View libusb_xb_test.c
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <libusb-1.0/libusb.h>
void printdev(libusb_device *dev) {
struct libusb_device_descriptor desc;
struct libusb_config_descriptor *config;
struct libusb_interface_descriptor *interdesc;
View fuzzme.c
#include <stdio.h>
#include <fcntl.h>
#include <unistd.h>
#include <string.h>
void print_success(void *input) {
if (*(char *)(input+1) == 'Y') {
printf("GOT: %s\n", input);
return;
}
@xpn
xpn / invoke-shellcode.ps1
Created Nov 15, 2015
Calls invoke-shellcode.ps1 upon load with a reverse meterpreter shell, and connects to meterpreter.local on port 443
View invoke-shellcode.ps1
function Invoke-Shellcode
{
<#
.SYNOPSIS
Inject shellcode into the process ID of your choosing or within the context of the running PowerShell process.
PowerSploit Function: Invoke-Shellcode
Author: Matthew Graeber (@mattifestation)
License: BSD 3-Clause
View bsidessf_ctf_dnscat2.py
from scapy.all import *
from scapy.utils import rdpcap
import sys
import struct
from pwn import *
MESSAGE_TYPE_SYN = 0x00
MESSAGE_TYPE_MSG = 0x1
MESSAGE_TYPE_PING = 0xFF
View bigpicture-exploit.py
from pwn import *
import struct
WIDTH = 1
HEIGHT = 1000000
LOCAL = False
if LOCAL:
FREE_HOOK_OFFSET = -1230952
@xpn
xpn / wannacry_file_extensions.txt
Created May 12, 2017
A list of file extensions searched and encrypted by the WannaCry ransomware
View wannacry_file_extensions.txt
.der
.pfx
.key
.crt
.csr
.p12
.pem
.odt
.ott
.sxw
@xpn
xpn / apt33_dropshot_decoder.py
Created Sep 20, 2017
IDAPython encrypted string decoder for DROPSHOT - APT33
View apt33_dropshot_decoder.py
import idc
import idaapi
from idautils import *
decryptTable = 0x41BA3C
decryptTableEnd = 0x41BA77
decryptFunction = 0x4012A0
# Get the translation table
bytes = idaapi.get_many_bytes(decryptTable, decryptTable-decryptTableEnd)
You can’t perform that action at this time.