Frank Spierings FrankSpierings

socat -dd TCP-LISTEN:4444,reuseaddr,fork TCP-LISTEN:1234,reuseaddr

Once WPF connected to port 4444, you can talk to 127.0.0.1:1234 as if it where the remote host.

POST-ing a body containing _SESSION[secret]=1 will log you in, but only through the second extract.

cd /tmp
git clone https://github.com/deviantony/docker-elk

	from requests import Session, urllib3
	import re
	urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

	# Need data here
	cookies = {
	'rtFa': '',
	'FedAuth': ''
	}

	<?php
	$host = "ifconfig.co";
	$port = 80;
	$msg = "GET / HTTP/1.1\r\nHost: $host\r\n\r\n";

	$sock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
	socket_connect($sock, $host, $port);
	socket_send($sock, $msg, strlen($msg), 0);
	$result = socket_read($sock, 4096);
	echo $result;

	<?xml version="1.0"?>
	<!DOCTYPE dt [
	<!ENTITY sample "KqsdwTrqAisGYNNu5XMhkUV4gTxm8ed8">
	]>
	<root>&sample;</root>

	from lxml import etree
	from signxml import XMLSigner, XMLVerifier


	self_key_path = 'self.key'
	cloned_cert_path ='self.pem'
	# Remove signatures using SAML Raider
	unsigned_saml_path = 'unsigned_1.xml'

	self_key = open(self_key_path).read()

	from pyclibrary import CParser
	import re


	hook_template = '''
	(function() {
	var name = '__NAME__';
	var address = Module.findExportByName(null, name);
	if (address != null) {
	console.log('[!] Hooking: ' + name + ' @ 0x' + address.toString(16));