Skip to content

Instantly share code, notes, and snippets.

View av-gantimurov's full-sized avatar

av-gantimurov

View GitHub Profile
@kepano
kepano / obsidian-web-clipper.js
Last active April 6, 2025 19:24
Obsidian Web Clipper Bookmarklet to save articles and pages from the web (for Safari, Chrome, Firefox, and mobile browsers)
javascript: Promise.all([import('https://unpkg.com/[email protected]?module'), import('https://unpkg.com/@tehshrike/[email protected]'), ]).then(async ([{
default: Turndown
}, {
default: Readability
}]) => {
/* Optional vault name */
const vault = "";
/* Optional folder name such as "Clippings/" */
@tothi
tothi / ms-msdt.MD
Last active February 7, 2025 12:01
The MS-MSDT 0-day Office RCE Proof-of-Concept Payload Building Process

MS-MSDT 0-day Office RCE

MS Office docx files may contain external OLE Object references as HTML files. There is an HTML sceme "ms-msdt:" which invokes the msdt diagnostic tool, what is capable of executing arbitrary code (specified in parameters).

The result is a terrifying attack vector for getting RCE through opening malicious docx files (without using macros).

Here are the steps to build a Proof-of-Concept docx:

  1. Open Word (used up-to-date 2019 Pro, 16.0.10386.20017), create a dummy document, insert an (OLE) object (as a Bitmap Image), save it in docx.
@herrcore
herrcore / pemulator.py
Last active March 21, 2025 18:58
Simple class for loading a PE file in Unicorn
from typing import List
from capstone import *
from capstone.x86 import *
from unicorn import *
from unicorn.x86_const import *
from pefile import PE
class Emulator():