tijldeneut

#!/usr/bin/env python3
# -*- coding: utf-8 -*- 
r'''

    	Copyright 2024 Photubias(c)

        This program is free software: you can redistribute it and/or modify
        it under the terms of the GNU General Public License as published by
        the Free Software Foundation, either version 3 of the License, or
        (at your option) any later version.

tijldeneut

#!/usr/bin/python3
# -*- coding: utf-8 -*-
#
# Copyright 2024, Photubias(c) <[email protected]>
#
## C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\CloudAPCache\MicrosoftAccount\<id>\Cache
##  Relation between ID and account: HKLM\SOFTWARE\Microsoft\IdentityStore\LogonCache\D7F9888F-E3FC-49b0-9EA6-A85B5F392A4F\Name2Sid
##  #> This ID is a 32byte (64 char) cloud key: it is the same on each machine, maybe this is the unique MS Live ID? 
##  #> Also the DPAPI user key is probably derived from the cleartext password because the DPAPI key is the same on multiple machines until password changes
#

tijldeneut

#include <sys/types.h>
#include <unistd.h>
int main(void){
 setreuid(geteuid(),-1);
 setregid(getegid(),-1);
 char *args[] = {"/bin/bash",0};
 execve(args[0],args,0);
 return 0;
}
/* gcc uidswap.c -o uidswap && ./uidswap */

tijldeneut

tijldeneut

#+-------------------------------------------------------------------+  
#| = : = : = : = : = : = : = : = : = : = : = : = : = : = : = : = : = |  
#|{>/-------------------------------------------------------------\<}|           
#|: | Author:  Aman Dhally                                                   
#| :| Email:   [email protected]
#| :| Web:	www.amandhally.net/blog
#| :| blog: http://newdelhipowershellusergroup.blogspot.com/
#| :|
#|: | Purpose: 													   
#| :|       Clean lapopt using removing un-wantede files 

tijldeneut

#!/usr/bin/python3
# -*- coding: utf-8 -*-
#
# Copyright 2020, Photubias <[email protected]>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0

tijldeneut

#!/usr/bin/python3
# -*- coding: utf-8 -*-
#
# Copyright 2020, Photubias <[email protected]>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0

tijldeneut

#!/usr/bin/env python3

# Created by Korey McKinley, Senior Security Consulant at LMG Security
# https://lmgsecurity.com

# July 12, 2019

# Converted to Python3 by Tijl Deneut
# August 8, 2021

tijldeneut

## Written by Photubias, based on https://dirkjanm.io/abusing-azure-ad-sso-with-the-primary-refresh-token/
## Example: powershell -ep bypass .\RequestPRTToken.ps1
[CmdletBinding()]
Param (
    [Parameter(Mandatory=$True,Position=1)]$Nonce
)
## Example of a nonce: AQABAAAAAABeStGSRwwnTq2vHplZ9KL4zgnsAt1Vyqx2sMVQVwgmP4MYzWWJfjDXR9L2Jhc2lMCpYpyuFvqYQfHUwEMbVpk1woEIESAbkX-EdIr2ZpDtWiAA
#$nonce = 'AQABAAAAAABeStGSRwwnTq2vHplZ9KL4zgnsAt1Vyqx2sMVQVwgmP4MYzWWJfjDXR9L2Jhc2lMCpYpyuFvqYQfHUwEMbVpk1woEIESAbkX-EdIr2ZpDtWiAA'
#$query = '{"method": "GetCookies", "sender": "https://login.microsoftonline.com", "uri": "https://login.microsoftonline.com/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&response_mode=form_post&response_type=code+id_token&scope=openid+profile&state=OpenIdConnect.AuthenticationProperties%3dhiUgyLP6LnqNTRRyNpT0W1WGjOO_9hNAUjayiM5WJb0wwdAK0fwF635Dw5XStDKDP9EV_AeGIuWqN_rtyrl8m9t6pUGiXHhG3GMSSpW-AWcpfxW9D6bmWECYrN36_9zw&nonce=636957966885511040.YmI2MDIxNmItZDA0Yy00MjZlLThlYjAtYjNk

tijldeneut

#!/usr/bin/env bash

# My bash Script to convert mp4 to mp3
# By NerdJK23 & Photubias
# web: www.computingforgeeks.com
# email: [email protected]

# Requires
# ffmpeg installed
# lame installed