0xsha

package main


/*
CVE-2020-8515: DrayTek pre-auth remote root RCE

Mon Mar 30 2020 -  0xsha.io


Affected:

stvemillertime

rule Methodology_LNK_Win_DefaultHostnames_Bleepboop
{
    meta:
        author = "smiller"
        date = "09/04/2018"
        description = "Signature to detect LNK files or OLE objects with embedded LNK files with default and generic hostnames"
    strings:
        $a01 = /WIN-[0-9a-z]]{11}/ ascii nocase wide
        $a02 = /DESKTOP-[a-z0-9]{7}/ ascii nocase wide
        $a03 = /[a-z0-9]{1,10]-PC/ ascii nocase wide

farzinenddo

#include <metahost.h>

#pragma comment(lib, "mscoree.lib")

int main(int argc, wchar_t* argv[])
{
	HRESULT hr;
	ICLRMetaHost *pMetaHost = NULL;
	ICLRRuntimeInfo *pRuntimeInfo = NULL;
	ICLRRuntimeHost *pClrRuntimeHost = NULL;

psykidellic

go get stash.mycompany.com/project/repo
go: downloading stash.mycompany.com/project/repo v0.0.9
go get stash.mycompany.com/project/repo: stash.mycompany.com/project/[email protected]: verifying module: stash.mycompany.com/project/[email protected]: reading https://sum.golang.org/lookup/stash.mycompany.com/projecty/[email protected]: 410 Gone
	server response: not found: stash.mycompany.com/project/[email protected]: unrecognized import path "stash.mycompany.com/project/repo": https fetch: Get "https://stash.mycompany.com/project/repo?go-get=1": dial tcp: lookup stash.mycompany.com on [2001:4860:4860::8888]:53: server misbehaving

payloadartist

# ------Instructions---------
# Install (and configure) subfinder, assetfinder, and httprobe
# go get -v github.com/projectdiscovery/subfinder/cmd/subfinder && go get -v github.com/tomnomnom/httprobe && go get -v github.com/tomnomnom/assetfinder
# cat firefox.sh >> ~/.bashrc 
# source ~/.bashrc 
# Usage - subf_ff target.tld
#         asset_ff target.tld

subf_ff () {
subfinder -d $1 -silent -t 100 | httprobe -c 50 | sort -u | while read line; do firefox $line; sleep 10; done

Areizen

const simulated_latitude  = 48.8534
const simulated_longitude = 2.3488

Java.perform(function(){

    const Location = Java.use('android.location.Location')
    
    var location = Location.$new("gps")
    location.setLatitude(simulated_latitude)
    location.setLongitude(simulated_longitude)

russjones

#!/bin/bash

set -euo pipefail

RELEASE="teleport-v4.2.3-linux-amd64-bin.tar.gz"
if [[ $EUID -ne 0 ]]; then
   echo "--> Please run this script as root or sudo." 
   exit 1
fi

Demonslay335

Sample:
fe52d906fa596e7ae16633074ff7178b3ac40e26a93f0009f1b33d5cbf219e91

Strings and config encrypted with static AES-256 key:
08 02 00 00 10 66 00 00 20 00 00 00 5D 1D E0 32 A9 6D E4 05 A5 5B 12 E1 1F B9 03 A1 CF 2D F8 5A 29 87 78 4D EC 28 61 C1 13 96 FA 15

Decrypted RSA-1024 public key:
06 02 00 00 00 A4 00 00 52 53 41 31 00 04 00 00 01 00 01 00 F1 D1 12 AA DF 72 34 19 DC A4 6E 18 07 15 67 9F F2 6F 4F 03 A7 61 5B 97 C5 6C 20 13 21 A7 40 24 48 91 8D 47 32 81 9B 14 D4 82 0F AF 8A F8 EC 66 8E 87 26 CD 15 37 FC 03 8D 10 BB 90 6D 1D D0 A6 41 A4 B2 60 5F 60 46 45 4C 70 44 20 54 90 C0 D9 4D F6 B2 90 33 BF 78 51 AC E5 76 F6 EB 9C CF 83 A3 21 DD F8 B9 46 67 8B 7A 04 71 54 FD D7 1B 17 DE 39 7A 70 D6 04 AE AD AF 38 B8 1C B8 73 5D A6

Targeted extensions:

dwisiswant0

#!/bin/bash

#####
#
# St8out - Extra one-liner for reconnaissance
#
# Usage: ./st8out.sh target.com
#
# Resources:
# - https://github.com/j3ssie/metabigor

homjxi0e

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Classes\Scripting.FileSystemObject]
@=""

[HKEY_CURRENT_USER\Software\Classes\Scripting.FileSystemObject\CLSID]
@="{00000001-0000-0000-0000-0000FEEDACDC}"