YK yamakadi
kfosaaen
/ AppRegRoleFinder.ps1
Created
March 8, 2023 22:57
PowerShell 3-liner to find roles attached to your current user
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Get a token and split out the payload | |
| $token = ((Get-AzAccessToken).Token).Split(".")[1].Replace('-', '+').Replace('_', '/') | |
| # Add padding, if needed | |
| while ($token.Length % 4) {$token += "="} | |
| # Base64 Decode, convert from json, extract OID, pass into filter for Get-AzRoleAssignment to find current roles | |
| Get-AzRoleAssignment | where ObjectId -EQ ([System.Text.Encoding]::ASCII.GetString([System.Convert]::FromBase64String($token)) | ConvertFrom-Json).oid |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Windows.h> | |
| #include <winternl.h> | |
| #include <stdio.h> | |
| #define WORKER_FACTORY_FULL_ACCESS 0xf00ff | |
| // https://github.com/winsiderss/systeminformer/blob/17fb2e0048f062a04394c4ccd615b611e6ffd45d/phnt/include/ntexapi.h#LL1096C1-L1115C52 | |
| typedef enum _WORKERFACTORYINFOCLASS | |
| { | |
| WorkerFactoryTimeout, // LARGE_INTEGER |
odzhan
/ proc_env_exit.cpp
Last active
June 12, 2024 05:01
Resolve dynamic address of Process.Environment.Exit in CLR host process using C++
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // Resolve dynamic address of Process.Environment.Exit in CLR host process using C++ | |
| // | |
| // Based on : | |
| // https://www.mdsec.co.uk/2020/08/massaging-your-clr-preventing-environment-exit-in-in-process-net-assemblies/ | |
| // https://github.com/yamakadi/clroxide/blob/214222d578bf62b4c7fc860125268f4eecb9f331/examples/patch_exit.rs | |
| // https://github.com/kyleavery/inject-assembly/blob/8db977c0fd1da039df920f9dd4840d4a3ec2aa2c/src/scmain.c | |
| // https://github.com/TheWover/donut/blob/master/loader/test/rdt.cpp ;) |
OlderNewer