I hereby claim:
- I am green-m on github.
- I am green_m (https://keybase.io/green_m) on keybase.
- I have a public key ASCS2mpr4Ikn-GP1Xvvsb-__lh2rfsYVAUbrgHO4hGPD6go
To claim this, I am signing this object:
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # from https://gist.github.com/stek29/8a7ac0e673818917525ec4031d77a713 | |
| import sqlite3 | |
| import io | |
| import struct | |
| import enum | |
| import mmh3 | |
| import pprint | |
| import datetime |
Green-m
/ tg_parse_encryptkey.py
Last active
April 17, 2025 21:28
Telegram for macos parse tempkeyEncrypted
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # install pycryptodome or pycryptodomex | |
| # pip install mmh3 pycryptodome pycryptodomex | |
| # From https://gist.github.com/stek29/8a7ac0e673818917525ec4031d77a713 | |
| import os | |
| import sqlite3 | |
| import io | |
| import struct | |
| import enum | |
| import mmh3 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Dim objResult | |
| Set objShell = WScript.CreateObject("WScript.Shell") | |
| Do While True | |
| objResult = objShell.sendkeys("{NUMLOCK}{NUMLOCK}") | |
| Wscript.Sleep (6000) | |
| Loop |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| list = ("a".."z").to_a + ("A".."Z").to_a | |
| chars = "'!@#$%&*()+{}|:\">?<[]\\\';,.`~'," | |
| def xor(a, b) | |
| (a.ord ^ b.ord).chr | |
| end | |
| list.each do |l| | |
| chars.chars.each do |i| |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 12345678 | |
| 123456789 | |
| 1234567890 | |
| 88888888 | |
| 87654321 | |
| 11111111 | |
| 00000000 | |
| 987654321 | |
| 11223344 | |
| 66668888 |
Green-m
/ shadowsocks_lib.sh
Last active
May 24, 2019 02:15
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin | |
| export PATH | |
| #===================================================================# | |
| # System Required: Debian or Ubuntu # | |
| # Description: Install Shadowsocks-libev server for Debian/Ubuntu # | |
| # Author: Teddysun <[email protected]> # | |
| # Thanks: @madeye <https://github.com/madeye> # | |
| # Intro: https://teddysun.com/358.html # | |
| #===================================================================# |
Green-m
/ CorruptCLRGlobal.ps1
Created
December 11, 2018 08:00
— forked from mattifestation/CorruptCLRGlobal.ps1
A PoC function to corrupt the g_amsiContext global variable in clr.dll in .NET Framework Early Access build 3694
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Subvert-CLRAntiMalware { | |
| <# | |
| .SYNOPSIS | |
| A proof-of-concept demonstrating overwriting a global variable that stores a pointer to an antimalware scan interface context structure. This PoC was only built to work with .NET Framework Early Access build 3694. | |
| .DESCRIPTION | |
| clr.dll in .NET Framework Early Access build 3694 has a global variable that stores a pointer to an antimalware scan interface context structure. By reading the pointer at that offset and then overwriting the forst DWORD, the context structure will become corrupted and subsequent scanning calls will fail open. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdlib.h> | |
| #include <stdio.h> | |
| #include <string.h> | |
| #include <windows.h> | |
| #define SERVICE_NAME "DhcXrk" | |
| #define DISPLAY_NAME "QyucjlZIin" | |
| #define RETRY_TIME 5 | |
Green-m
/ No Baidu
Created
September 7, 2018 06:09
— forked from nerdroychan/No Baidu
A hosts file to block all .baidu.com domains.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # Block Baidu | |
| ## | |
| 127.0.0.1 baidu.com | |
| 127.0.0.1 www.baidu.com | |
| 127.0.0.1 pan.baidu.com | |
| 127.0.0.1 post-js.baidu.com | |
| 127.0.0.1 bbs.baidu.com | |
| 127.0.0.1 tieba.baidu.com | |
| 127.0.0.1 wapp.baidu.com |
Green-m
/ keybase.md
Last active
April 1, 2020 03:38
NewerOlder