marcostolosa

<#

DynWin32-ShellcodeProcessHollowing.ps1 performs shellcode based process hollowing using
dynamically looked up Win32 API calls. The script obtains the methods GetModuleHandle,
GetProcAddress and CreateProcess by using reflection. Afterwards it utilizes GetModuleHandle
and GetProcAddress to obtain the addresses of the other required Win32 API calls.

When all required Win32 API calls are looked up, it starts svchost.exe in a suspended state
and overwrites the entrypoint with the specified shellcode. Afterwards, the thread is resumed
and the shellcode is executed enveloped within the trusted svchost.exe process.

marcostolosa

' ********************************************************************************************************
'
' VBA reverse shell that uses Win32 API calls. Most of the code was copied from the following resources:
'
'   * https://stackoverflow.com/questions/8670391
'   * https://stackoverflow.com/questions/43197814
'   * https://renenyffenegger.ch/notes/development/languages/VBA/Win-API/examples/
'
' The code demonstrates more complex usage example for calling Win32 API from VBA and should be used
' for educational purpose only. During development I was mainly interested whether the WSAData or the

marcostolosa

#!/usr/bin/env python3

import re
import sys
import argparse


class Xor:
    '''
    Helper class for performing xor operations.

marcostolosa

#flag -lws2_32
#include "winsock2.h"

struct WSADATA {
mut:
	w_version        u16
	w_high_version   u16
	i_max_sockets    u16
	i_max_udp_dg     u16
	lp_vendor_info   &string = 0

marcostolosa

• An Introduction to the Linux Terminal - Digital Ocean
• Bash Pitfalls
• Canivete Suíço do Shell - Aurélio Jargas
• Dá pra fazer em SHELL? - Julio Neves
• ExplainShell
• LinuxZoo
• One-Liners to Rule Them All
• OverTheWire - Bandit
• THC's Tips, Tricks & Hacks

marcostolosa

// Revision 1 - originally developed by chatGPT for @irsdl
// Revision 2 - improved by ChatGPT to be more efficient using Burp APIs!
// Automatically updates the Cookie header in Burp Repeater requests using Set-Cookie values from responses. This Bambda CustomAction preserves all existing cookies and only updates or adds values when necessary — ensuring session continuity without overwriting unrelated cookies.

// 1. Grab the request & response
var request  = requestResponse.request();
var response = requestResponse.response();

// 2. Pull any Set-Cookie cookies from the response
var responseCookies = response.cookies();

marcostolosa

#!/usr/bin/env python3

import os
import sys
import click
import subprocess
import tempfile
import itertools as IT
import select
from time import sleep

marcostolosa

.text

	.globl inicio
	
	inicio:
		jal le_inteiro_do_teclado  # chama função para ler
		la  $t7, 0($v0)		   # carrega o inteiro lido em $t7
		jal imprime_inteiro	   # manda imprimir o numero lido
		j   fim			   # encerra o programa
	

marcostolosa

# ~/.bashrc: executed by bash(1) for non-login shells.
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
# for examples

# If not running interactively, don't do anything
[ -z "$PS1" ] && return

# don't put duplicate lines in the history. See bash(1) for more options
# ... or force ignoredups and ignorespace
HISTCONTROL=ignoredups:ignorespace

marcostolosa

# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.
deb http://us.archive.ubuntu.com/ubuntu/ bionic main restricted
# deb-src http://us.archive.ubuntu.com/ubuntu/ bionic main restricted

## Major bug fix updates produced after the final release of the
## distribution.
deb http://us.archive.ubuntu.com/ubuntu/ bionic-updates main restricted
# deb-src http://us.archive.ubuntu.com/ubuntu/ bionic-updates main restricted