wg135
/ deobfuscate_string_format.py
Last active
March 11, 2019 13:25
— forked from DissectMalware/deobfuscate_string_format.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import re | |
| import argparse | |
| def deobfuscate(input_str): | |
| regex_str = r"[\(\{]\s*\"(?P<format>[^\)]*?)\"\s*\-f\s*(?P<params>.*?)[\)\}]" | |
| regex = re.compile(regex_str, re.MULTILINE | re.IGNORECASE) | |
| for match in reversed(list(regex.finditer(input_str))): | |
| format_str = match.group('format') |
wg135
/ AdWindDecryptor.py
Created
February 22, 2019 22:16
— forked from herrcore/AdWindDecryptor.py
Python decryptor for newer AdWind config file - replicated from this Java version https://github.com/mhelwig/adwind-decryptor
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/local/bin/env python | |
| ######################################################################################################## | |
| ## | |
| ## Decrypts the AdWind configiration files! | |
| ## ** May also work for other files ** | |
| ## | |
| ## | |
| ## All credit to Michael Helwig for the original Java implementation: | |
| ## https://github.com/mhelwig/adwind-decryptor |
wg135
/ rails_rce.rb
Created
September 22, 2016 19:42
— forked from postmodern/rails_rce.rb
Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0156)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| # | |
| # Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0156) | |
| # | |
| # ## Advisory | |
| # | |
| # https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion | |
| # | |
| # ## Caveats | |
| # |