I hereby claim:
- I am vvx7 on github.
- I am vvx7 (https://keybase.io/vvx7) on keybase.
- I have a public key ASDFQ_JJFkrrCPnLjMKCMnynHj9zH5TOIh8kAv20aLh_-wo
To claim this, I am signing this object:
Octavia Hexe VVX7
VVX7
/ keybase.md
Created
February 1, 2020 03:07
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "type": "bundle", | |
| "id": "bundle--fbfc482f-0a2c-47c5-a02a-d9d415168da6", | |
| "spec_version": "2.0", | |
| "objects": [ | |
| { | |
| "id": "report--041ded1e-864e-4fad-b6de-ac5a478f3084", | |
| "type": "report", | |
| "name": "Double Deceit", | |
| "labels": [ |
VVX7
/ NetWkstaGetInfo.nim
Created
November 10, 2021 21:18
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #[ | |
| Author: Roger Johnston, Twitter: @VV_X_7 | |
| License: Apache 2.0 | |
| Use `NetWkstaGetInfo` to get info about a workstation config. | |
| References: | |
| - https://docs.microsoft.com/en-ca/windows/win32/api/lmwksta/nf-lmwksta-netwkstagetinfo | |
| - https://docs.microsoft.com/en-us/windows/win32/api/lmwksta/ns-lmwksta-wksta_info_102 | |
| ]# |
VVX7
/ ptrmath.nim
Created
November 12, 2021 01:56
— forked from oltolm/ptrmath.nim
Nim pointer arithmetic
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # from https://forum.nim-lang.org/t/1188#7366 by Jehan | |
| # most of the time only the dereference operator is needed, import it like this: | |
| # from ptrmath import `[]` | |
| template `+`*[T](p: ptr T, off: int): ptr T = | |
| cast[ptr type(p[])](cast[ByteAddress](p) +% off * sizeof(p[])) | |
| template `+=`*[T](p: ptr T, off: int) = | |
| p = p + off |
VVX7
/ dllExports.nim
Created
December 3, 2021 02:21
Example of reading exported functions from a DLL using Ward's winim/memlib library.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import winim, strformat | |
| proc `[]`[T](x: T, U: typedesc): U = | |
| cast[U](x) | |
| proc `{}`[T](x: T, U: typedesc): U = | |
| when sizeof(x) == 1: x[uint8][U] | |
| elif sizeof(x) == 2: x[uint16][U] | |
| elif sizeof(x) == 4: x[uint32][U] | |
| elif sizeof(x) == 8: x[uint64][U] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * blasty-vs-pkexec.c -- by blasty <[email protected]> | |
| * ------------------------------------------------ | |
| * PoC for CVE-2021-4034, shout out to Qualys | |
| * | |
| * ctf quality exploit | |
| * | |
| * bla bla irresponsible disclosure | |
| * | |
| * -- blasty // 2022-01-25 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Filetype: Flipper NFC device | |
| Version: 2 | |
| # Nfc device type can be UID, Mifare Ultralight, Mifare Classic, Bank card | |
| Device type: NTAG215 | |
| # UID, ATQA and SAK are common for all formats | |
| UID: 04 C1 8A 01 27 40 03 | |
| ATQA: 44 00 | |
| SAK: 00 | |
| # Mifare Ultralight specific data | |
| Data format version: 1 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Filetype: IR signals file | |
| Version: 1 | |
| # | |
| name: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #./dump-memory.sh <PID> | |
| #https://book.hacktricks.xyz/linux-hardening/privilege-escalation#os-info | |
| grep rw-p /proc/$1/maps \ | |
| | sed -n 's/^\([0-9a-f]*\)-\([0-9a-f]*\) .*$/\1 \2/p' \ | |
| | while read start stop; do \ | |
| gdb --batch --pid $1 -ex \ | |
| "dump memory $1-$start-$stop.dump 0x$start 0x$stop"; \ | |
| done |