| // array utils | |
| // ================================================================================================= | |
| const combine = (...arrays) => [].concat(...arrays); | |
| const compact = arr => arr.filter(Boolean); | |
| const contains = (() => Array.prototype.includes | |
| ? (arr, value) => arr.includes(value) | |
| : (arr, value) => arr.some(el => el === value) |
| #region Win10IoT Audit Code | |
| $CimSession = New-CimSession -ComputerName Win10IoT -Credential Administrator -Authentication Negotiate | |
| Get-CimInstance -ClassName Win32_OperatingSystem -CimSession $CimSession | |
| Get-CimInstance -ClassName Win32_Service -Filter 'Name = "InputService"' -CimSession $CimSession | Format-List * | |
| # Run the service audit function in CimSweep | |
| $ServicePermissions = Get-CSVulnerableServicePermission -CimSession $CimSession | |
| $ServicePermissions | Where-Object { $_.GroupName -eq 'NT AUTHORITY\Authenticated Users' } | |
| # The fact that Authenticated Users can change the service configuration means that |
This tutorial is based on the Computerphile video, made by Dr. Mike Pound
https://www.youtube.com/watch?v=1S0aBV-Waeo
The tutorial will show you how to trigger and exploit a buffer overflow attack against a custom C program, using Kali Linux 32-bit PAE 2016.1.
Torrent Link: https://images.offensive-security.com/virtual-images/Kali-Linux-2016.1-vbox-i686.torrent
$ curl -s -H "X-Something: yeah" localhost:8000 > /dev/null
$ python serv.py
ERROR:root:User-Agent: curl/7.37.1
Host: localhost:8000
Accept: */*
X-Something: yeah
| /* | |
| * Quick example to test dlsym() | |
| * build: gcc -W -Wall -Werror -o test-dlsym test-dlsym.c | |
| * Usage: ./test-dlsym openldap | |
| */ | |
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <string.h> | |
| #include <dlfcn.h> |
| ''' | |
| A hack based on this http://mikepultz.com/2011/03/accessing-google-speech-api-chrome-11/. While with smaller voice samples google speech to text works really good, as length increases quality decreases. So here using audiolab and numPy we are breaking audio sample, in smaller chunks, and removing blank/empty spaces from audio signal and then pushing them to google for processing. | |
| It takes wav file format as input but can be changed to other formats too. | |
| ''' | |
| from scikits.audiolab import wavread, play, flacwrite | |
| from numpy import average, array, hstack | |
| import os | |
| import sys |
| # build wine Docker image | |
| pushd wine; docker build -t wine .; popd | |
| # build x11 Docker image for IDA | |
| pushd ida; docker build -t wine/ida .; popd | |
| # demonstrate x11 forwarding works | |
| docker run -ti --rm -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix wine/ida xclock | |
| # interactive shell in container |
If you're looking at this in 2016 and beyond, I strongly recommend investigating real headless Chrome: https://chromium.googlesource.com/chromium/src/+/lkgr/headless/README.md
Windows and Mac users might find using Justin Ribeiro's Docker setup useful here while full support for these platforms is being worked out.
You can use chrome --headless on Linux as of M57 but note you'll need to build the binaries yourself for now.
The metabug for adding headless mode to Chromium is over here.
| /* eslint-env node */ | |
| const path = require('path'); | |
| const webpack = require('webpack'); | |
| const MemoryFileSystem = require('memory-fs'); | |
| const EnhancedResolve = require('enhanced-resolve'); | |
| const transform = require('transform-jest-deps'); | |
| const babel = require('babel-jest'); | |
| const createConfig = require('../build/utils/createWebpackConfig'); |