spnow
/ pickle-payload.py
Created
August 9, 2017 14:04
— forked from mgeeky/pickle-payload.py
Python's Pickle Remote Code Execution payload template.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # | |
| # Pickle deserialization RCE payload. | |
| # To be invoked with command to execute at it's first parameter. | |
| # Otherwise, the default one will be used. | |
| # | |
| import cPickle | |
| import os | |
| import sys |
spnow
/ md5.py
Created
August 1, 2017 23:16
— forked from evernick/md5.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- coding: utf-8 -*- | |
| import hashlib | |
| if __name__ == "__main__": | |
| m = hashlib.md5("hello".encode("UTF-8")) | |
| data = (m.hexdigest()) | |
| print data |
spnow
/ captcha.py
Created
August 1, 2017 23:15
— forked from evernick/captcha.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- coding: utf-8 -*- | |
| from pytesser import * | |
| if __name__ == "__main__": | |
| print image_file_to_string("fonts_test.png") |
spnow
/ IsDebuggerPresent.cpp
Created
August 1, 2017 23:14
— forked from evernick/IsDebuggerPresent.cpp
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #define _WIN32_WINNT 0x0501 | |
| #include <windows.h> | |
| #include <stdio.h> | |
| BOOL anti_debug() | |
| { | |
| return IsDebuggerPresent(); | |
| } |
spnow
/ CheckRemoteDebuggerPresent.cpp
Created
August 1, 2017 23:14
— forked from evernick/CheckRemoteDebuggerPresent.cpp
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #define _WIN32_WINNT 0x0501 | |
| #include <windows.h> | |
| #include <stdio.h> | |
| BOOL anti_debug() | |
| { | |
| BOOL result; | |
| CheckRemoteDebuggerPresent(GetCurrentProcess(), &result); | |
| return result; | |
| } |
spnow
/ FindWindow.cpp
Created
August 1, 2017 23:14
— forked from evernick/FindWindow.cpp
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <stdio.h> | |
| BOOL anti_debug() | |
| { | |
| BOOL result = FALSE; | |
| if(FindWindow("OLLYDBG", 0) || FindWindow("WinDbgFrameClass", 0)) | |
| result = TRUE; | |
| return result; | |
| } |
spnow
/ OutputDebugString.cpp
Created
August 1, 2017 23:13
— forked from evernick/OutputDebugString.cpp
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <stdio.h> | |
| BOOL anti_debug() | |
| { | |
| DWORD Val = 123; | |
| SetLastError(Val); | |
| OutputDebugString(L"random"); | |
| if(GetLastError() == Val) { | |
| return 1; |
spnow
/ Registry.cpp
Created
August 1, 2017 23:13
— forked from evernick/Registry.cpp
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <stdio.h> | |
| BOOL anti_debug() | |
| { | |
| BOOL result = FALSE; | |
| HKEY hKey; | |
| char lpData[256]; | |
| DWORD lpSize = sizeof(lpData); |
spnow
/ OllyDbgFilenameFormatString.cpp
Created
August 1, 2017 23:13
— forked from evernick/OllyDbgFilenameFormatString.cpp
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <stdio.h> | |
| BOOL anti_debug() | |
| { | |
| TCHAR pathname[512]; | |
| TCHAR * filename; | |
| GetModuleFileName(0, pathname, 512); | |
| filename = wcsrchr(pathname, L'\\'); | |
| if (wcsncmp(filename, L"\\%s%s.exe", 10) == 0) { |
spnow
/ OllyDbgOutputDebugStringBug.cpp
Created
August 1, 2017 23:13
— forked from evernick/OllyDbgOutputDebugStringBug.cpp
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <stdio.h> | |
| BOOL anti_debug() | |
| { | |
| DWORD Val = 123; | |
| SetLastError(Val); | |
| OutputDebugString(L"%s%s%s%s%s%s%s%s"); | |
| if(GetLastError() == Val) { | |
| return 1; |