Graph-X

from Microsoft.Win32 import Registry
from time import sleep	
rkey = Registry.CurrentUser.CreateSubKey("SOFTWARE\\aatest")
rkey.SetValue(u'\x00 this is a test',u'\x00look at me!')
rkey.Close()
rkey = Registry.CurrentUser.CreateSubKey("SOFTWARE\\aatest")
values = rkey.GetValueNames()
print("We have {0} values.".format(str(len(values))))
print("The value names returned are: {0}.".format(values[0]))
value = rkey.GetValue(u'\x00 this is a test')

Graph-X

<html>
	<head>
		<title>This is the attacker page</title>
	</head>
	<body>
		<p> This is the attacker's page</p>
		<!-- This button is only here for the POC.  You can just execute the script without further interaction from the end user by just calling the function. --!>
		<button type="button" onclick="csrf()">I double dare you</button>
		<br>
		<textarea id='demo'></textarea>

Graph-X

<?php
session_start(['cookie_secure' => true, 'cookie_path' => '/', 'cookie_httponly' => true]);

if ($_SERVER['HTTP_REQUEST'] === "POST"){
	if (isset($_POST['user']) && isset($_POST['pass'])){
		//for this POC we assume successful login and regenerate the session id 
		session_regenerate_id();
		$_SESSION['user'] = $_POST['user'];
		$_SESSION['authorized'] = true;
		echo("Session is now authorized");

Graph-X

#!/usr/bin/python
#######################################################################
#			  Philips Hue Automation Script	              #
#   Uses DHCP log forwarding from DHCP server to figure out if the    #
# device is on network (home) or off (away). Also uses a hold down    #
# timer to pervent the lights being triggered every fucking time      #
# the phone gets a new DHCP lease.  Like always, I'm putting this     #
#	shit code out there for public consumption and ridicule under #
# the YPL.  Maybe you'll find it useful or maybe not.  no matter.     # 
#				  	zero fux given	  	      #

Graph-X

Keybase proof

I hereby claim:

• I am graph-x on github.
• I am graphx (https://keybase.io/graphx) on keybase.
• I have a public key ASDjDEWpDUf7b91K4LK5bHcthokRT6MiuEANveNHLh0rhQo

To claim this, I am signing this object:

Graph-X

#!/usr/bin/python

from string import maketrans
import urllib
import binascii
import re
import base64
lpp = dict()

Graph-X

#############################################################
# Advisory Title: Teleopti WFM (Multiple Vulnerabilities)
# Date: 	2/4/2017
# Researcher: Graph-X ((email: [email protected]))
# Vendor Homepage: http://www.teleopti.com
# Version: <= 7.1.0
# CVE: is dead
#############################################################
                             Disclosure Timeline
############################################################################################

Graph-X

#!/usr/bin/env python
import binascii
from struct import *
import os, sys
#import ctypes
import zlib
import struct
import array
import argparse
#################################################################

Graph-X

#Pivotbox changes:
openvpn --mktun --dev tun0
ifconfig tun0 1.1.1.2 netmask 255.255.255.252 up
#IP Forwarding and PermitTunnel yes only need to be done once
echo 1 > /proc/sys/net/ipv4/ip_forward
echo "PermitTunnel yes" >> /etc/ssh/sshd_config 
service sshd reload
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Graph-X

#!/bin/bash
#       Name: SearchSploit - Exploit-DB's CLI search tool
#    Version: 3.3  (Release date: 2016-04-02)
# Written by: Offensive Security, Unix-Ninja & g0tmi1k
#   Homepage: https://github.com/offensive-security/exploit-database
#
## NOTE:
#   Exit code '0' means finished normally
#   Exit code '1' means something went wrong
#   Exit code '2' means finished help screen