| # Powershell script to bypass UAC on Vista+ assuming | |
| # there exists one elevated process on the same desktop. | |
| # Technical details in: | |
| # https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-1.html | |
| # https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-2.html | |
| # https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-3.html | |
| # You need to Install-Module NtObjectManager for this to run. | |
| Import-Module NtObjectManager |
| #include <windows.h> | |
| #include <stdint.h> | |
| #include <stdbool.h> | |
| #include <stdio.h> | |
| #include <sal.h> | |
| #include <assert.h> | |
| #ifdef _X86_ | |
| #error "This snippet only build in 64-bit due to heavy use of uintptr arithmetics." | |
| #endif |
| // | |
| // Ref = src | |
| // https://www.blackhat.com/docs/eu-17/materials/eu-17-Liberman-Lost-In-Transaction-Process-Doppelganging.pdf | |
| // | |
| // Credits: | |
| // Vyacheslav Rusakov @swwwolf | |
| // Tom Bonner @thomas_bonner | |
| // | |
| #include <Windows.h> |
We did it! We broke gist.github.com ;) So head over to the new home! Thank you all!
2021.10.20: https://github.com/AveYo/MediaCreationTool.bat now open for interaction
Not just an Universal MediaCreationTool wrapper script with ingenious support for business editions,
A powerful yet simple windows 10 / 11 deployment automation tool as well!
In progress documentation on hooks for plugins.
This documentation may not be up to date. Please see https://git.tt-rss.org/fox/tt-rss/wiki/Plugins for the most recent plugin documentation, or https://git.tt-rss.org/fox/tt-rss/src/master/classes/pluginhost.php#L21 to see the latest list of hooks.
These hooks run in the background when feed data is fetched.
| /* Another universal ssl certificate pinning bypass script for Android | |
| by Maurizio Siddu | |
| Run with: | |
| frida -U -f [APP_ID] -l frida_universal_pinning_bypasser.js --no-pause | |
| */ | |
| setTimeout(function() { | |
| Java.perform(function() { | |
| console.log(''); |
| /* Android ssl certificate pinning bypass script for various methods | |
| by Maurizio Siddu | |
| Run with: | |
| frida -U -f <APP_ID> -l frida_multiple_unpinning.js [--no-pause] | |
| */ | |
| setTimeout(function() { | |
| Java.perform(function() { | |
| console.log(''); |
| @echo off | |
| set app="C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXInstaller.exe" | |
| for /r %%f in (*.vsix) do ( | |
| call :setup "%%f" | |
| ) | |
| goto end | |
| :setup |
| /* Utilities */ | |
| var RANDOM = function() {}; | |
| function _randomInt(min, max) { | |
| return Math.floor(Math.random() * (max - min + 1)) + min; | |
| } | |
| function _randomHex(len) { | |
| var hex = '0123456789abcdef'; |
| /* | |
| * m1cat: a proof of concept for the M1RACLES vulnerability in the Apple M1. | |
| * | |
| * This program implements a covert channel that can be used to transmit data | |
| * between two processes when run on the Apple Silicon "M1" CPUs. | |
| * | |
| * The channel is slightly lossy due to (presumably) the scheduler sometimes | |
| * scheduling us on the wrong CPU cluster, so this PoC sends every byte twice | |
| * together with some metadata/framing bits, which is usually good enough. | |
| * A better approach would be to use proper FEC or something like that. |
