| using System; | |
| using System.IO; | |
| using System.Security.Cryptography; | |
| using System.Runtime.Serialization.Formatters.Binary; | |
| namespace hawktracewsus | |
| { | |
| class Program | |
| { | |
| static void Main() |
| import random | |
| import argparse | |
| import tempfile | |
| import ipaddress | |
| from time import sleep | |
| from shlex import split | |
| from os import path, remove | |
| from scapy.all import sniff | |
| from threading import Thread | |
| from subprocess import Popen, PIPE |
| #include <windows.h> | |
| #include <stdio.h> | |
| #define BOOT_KEY_SIZE 16 | |
| #pragma warning(disable: 4996) | |
| void getRegistryClassValue(HKEY rootKey, const char* subKey, char* classValue, DWORD classValueSize) { | |
| HKEY hKey; | |
| LONG result = RegOpenKeyExA(rootKey, subKey, 0, KEY_READ, &hKey); | |
| if (result != ERROR_SUCCESS) { | |
| fprintf(stderr, "Error opening registry key: %ld\n", result); |
| # in addition to the profile, a stage0 loader is also required (default generated payloads are caught by signatures) | |
| # as stage0, remote injecting a thread into a suspended process works | |
| set host_stage "false"; | |
| set useragent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36 Edg/96.0.1054.62"; | |
| set sleeptime "10000"; | |
| stage { | |
| set allocator "MapViewOfFile"; | |
| set name "notevil.dll"; |
There was a reddit post about installing Arch on NTFS3 partition. Since Windows and Linux doesn't have directories with same names under the /(C:\), I thought it's possible, and turned out it was actually possible.
If you are not familiar to Linux, for example you've searched on Google "how to dualboot Linux and Windos" or brbrbr... you mustn't try this. This is not practical.
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | |
| >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> |
| function sleep( sleepDuration ){ | |
| var now = new Date().getTime(); | |
| while(new Date().getTime() < now + sleepDuration){ /* do nothing */ } | |
| } | |
| function gc() { | |
| for (let i = 0; i < 0x10; i++) { | |
| new ArrayBuffer(0x1000000); | |
| } | |
| } | |
| let data_view = new DataView(new ArrayBuffer(8)); |
| #!/usr/bin/env python | |
| # docucolor.cgi -- CGI script to interpret Xerox DocuColor forensic dot pattern | |
| # Copyright (C) 2005 Electronic Frontier Foundation | |
| # | |
| # This program is free software; you can redistribute it and/or | |
| # modify it under the terms of the GNU General Public License | |
| # as published by the Free Software Foundation; either version 2 | |
| # of the License, or (at your option) any later version. | |
| # |
