Skip to content

Instantly share code, notes, and snippets.


Deniz Adrian zined

View GitHub Profile
zined /
Created Jan 16, 2020 — forked from SwitHak/
BlueTeam CheatSheet * CVE-2020-0601 * crypt32.dll | Last updated: 2020-01-16 1758 UTC

CVE-2020-0601 AKA ChainOfFools


  • Microsoft disclosed a vulnerability in their monthly Patch Tuesday referenced under CVE-2020-0601.
  • The vulnerability was discovered by the U.S. National Security Agency, anounced today (2020-01-14) in their press conference, followed by a blog post and an official security advisory.
  • The flaw is located in the "CRYPT32.DLL" file under the C:\Windows\System32\ directory.

Vulnerability explanation

  • NSA description:
  • NSA has discovered a critical vulnerability (CVE-2020-0601) affecting Microsoft Windows® cryptographic functionality.
zined /
Created Jan 7, 2019 — forked from j00ru/
Insomni'hack Teaser 2017 "winworld" exploit by Mateusz "j00ru" Jurczyk
# Insomni'hack Teaser 2017 "winworld" task exploit
# Author: Mateusz "j00ru" Jurczyk
# Date: 21 January 2017
import os
import random
import string
import sys
import struct
zined / get-public-keys-for-users-in-group
Created Jun 22, 2018
View get-public-keys-for-users-in-group
#!/usr/bin/env bash
set -eu
USERS="$( aws iam get-group --group-name ssh --query 'Users[].UserName' --output text )"
for USER in $USERS; do
PUBLIC_KEY_IDS="$( aws iam list-ssh-public-keys --user-name $USER --query 'SSHPublicKeys[].SSHPublicKeyId' --output text )"
PUBLIC_KEY=$( aws iam get-ssh-public-key --user-name $USER --ssh-public-key-id $PUBLIC_KEY_ID --encoding SSH --query 'SSHPublicKey.SSHPublicKeyBody' --output text )
zined /
Created Jan 3, 2018
dump mongodb collections for database in json
usage() {
echo "usage: ${0} database target_directory"
exit 127
if [ -z "${database}" ]; then

Enforce CloudTrail in Child Accounts via Cloudformation Cross-Account StackSets

Prepare StackSet IAM Roles


View RHEL7.3 works like a charm, out of the box.
[ ~]$ kdestroy -A
[ ~]$ klist
klist: Credentials cache keyring 'persistent:818801110:krb_ccache_eHUMT0r' not found
[ ~]$
[ ~]$ ssh $( hostname -f )'s password:
[ ~]$
[ ~]$ kinit dadrian@PLATZHALTER.GMBH
Password for dadrian@PLATZHALTER.GMBH:
View .k5login debugging
[ ~]$ klist
Ticket cache: KEYRING:persistent:818801110:krb_ccache_hPVo69Y
Default principal: dadrian@PLATZHALTER.GMBH
Valid starting Expires Service principal
07/22/2017 13:02:14 07/23/2017 13:02:14 krbtgt/PLATZHALTER.GMBH@PLATZHALTER.GMBH
renew until 07/29/2017 13:02:14
[ ~]$ ssh $( hostname -f )'s password:
zined /
Created May 6, 2017 — forked from lantrix/
How to request SAML assertion from ADFS for Amazon Web Services using curl
curl --data @aws_saml_request.xml -H "Content-Type: application/soap+xml" --verbose -o "saml.xml"
zined / aws_saml_request.xml
Created May 6, 2017 — forked from lantrix/aws_saml_request.xml
SOAP request for a SAML token for Amazon Web Services from an ADFS SOAP endpoint
View aws_saml_request.xml
<s:Envelope xmlns:s=""
<a:Action s:mustUnderstand="1"></a:Action>
<a:To s:mustUnderstand="1"></a:To>
<o:Security s:mustUnderstand="1" xmlns:o="">
<o:UsernameToken u:Id="uuid-6a13a244-dac6-42c1-84c5-cbb345b0c4c4-1">
View docker-btrfs.patch
--- docker/daemon/graphdriver/btrfs/btrfs.go 2016-03-09 12:13:24.000000000 -0800
+++ docker/daemon/graphdriver/btrfs/btrfs.go 2016-04-17 04:34:27.188376720 -0700
@@ -7,6 +7,10 @@ package btrfs
#include <dirent.h>
#include <btrfs/ioctl.h>
#include <btrfs/ctree.h>
+static void set_name_btrfs_ioctl_vol_args_v2(struct btrfs_ioctl_vol_args_v2* btrfs_struct, const char* value) {
+ snprintf(btrfs_struct->name, BTRFS_SUBVOL_NAME_MAX, "%s", value);
You can’t perform that action at this time.