Skip to content

Instantly share code, notes, and snippets.

View billchenchina's full-sized avatar
🐱
touching @piggynl

billchenchina billchenchina

🐱
touching @piggynl
406 followers · 370 following
View GitHub Profile
@tothi
tothi / ms-msdt.MD
Last active February 7, 2025 12:01
The MS-MSDT 0-day Office RCE Proof-of-Concept Payload Building Process

MS-MSDT 0-day Office RCE

MS Office docx files may contain external OLE Object references as HTML files. There is an HTML sceme "ms-msdt:" which invokes the msdt diagnostic tool, what is capable of executing arbitrary code (specified in parameters).

The result is a terrifying attack vector for getting RCE through opening malicious docx files (without using macros).

Here are the steps to build a Proof-of-Concept docx:

  1. Open Word (used up-to-date 2019 Pro, 16.0.10386.20017), create a dummy document, insert an (OLE) object (as a Bitmap Image), save it in docx.
@chenshaoju
chenshaoju / SERVER.crt
Created March 26, 2020 07:31
github.io fake cert
-----BEGIN CERTIFICATE-----
MIIB4TCCAYcCFDjGwZUOfrr1+SWHR5GxJ/rwXsHZMAoGCCqGSM49BAMCMHExCzAJ
BgNVBAYTAkNOMQswCQYDVQQIDAJHRDELMAkGA1UEBwwCU1oxDDAKBgNVBAoMA0NP
TTEMMAoGA1UECwwDTlNQMQswCQYDVQQDDAJDQTEfMB0GCSqGSIb3DQEJARYQMzQ2
NjA4NDUzQHFxLmNvbTAeFw0xOTA5MjYwOTMzMTNaFw0yOTA5MjMwOTMzMTNaMHUx
CzAJBgNVBAYTAkNOMQswCQYDVQQIDAJHRDELMAkGA1UEBwwCU1oxDDAKBgNVBAoM
A0NPTTEMMAoGA1UECwwDTlNQMQ8wDQYDVQQDDAZTRVJWRVIxHzAdBgkqhkiG9w0B
CQEWEDM0NjYwODQ1M0BxcS5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASJ
27aMaVclvmdT8m6l98K999FM4dYTg4ag0627S2bxbLYHyLdQ0jqay5kA9KCF9Ucw
uzcqtTrNERlLIsxDGkLjMAoGCCqGSM49BAMCA0gAMEUCIH1+jEiQTVA+siP2g9kw
@1a57danc3
1a57danc3 / GFW_PARTNER
Created May 29, 2018 01:47
GFW_PARTNER
中華人民共和國工業和信息化部 www.mii.gov.cn
國家計算機網絡與信息安全管理中心 www.ict.ac.cn
中國科學院軟件研究所信息安全實驗室 home.is.ac.cn
中國科學院計算技術研究所 www.ict.ac.cn
哈工大計算機網絡與信息安全技術研究中心 pact518.hit.edu.cn
@dutchLuck
dutchLuck / rawScktPing.py
Last active January 21, 2021 20:15
Python code to test non privileged access to raw sockets with use of (IP4) ICMP Echo.
#! /usr/bin/python
#
# R A W S C K T P I N G . P Y
#
# Code to test python non-priveleged access to raw socket ICMP Echo (Ping).
#
#
# Usage (assumes python version 2):
# python rawScktPing [-d][-D][-h][-v] [targetComputer ..[targetComputerN]]
@zfz
zfz / re_zh.py
Last active June 2, 2018 10:55
过滤非中(简繁)日英字符
#!/usr/bin/env python
#-*- coding:utf-8 -*-
import re
regexp = ur"[\u2E80-\u9FFFa-zA-Z0-9]+"
assert re.match(regexp, u"愛美國愛臺灣") != None
assert re.match(regexp, u"打倒土共") != None
assert re.match(regexp, u"fuck GFW 打倒方校长!") != None
@PurpleBooth
PurpleBooth / README-Template.md
Last active May 5, 2025 01:35
A template to make good README.md

Project Title

One Paragraph of project description goes here

Getting Started

These instructions will get you a copy of the project up and running on your local machine for development and testing purposes. See deployment for notes on how to deploy the project on a live system.

Prerequisites

@Akagi201
Akagi201 / locale.md
Created June 1, 2015 19:31

常用语言标签表示法的国际标准是RFC 4646

zh-Hans 简体中文 zh-Hans-CN 大陆地区使用的简体中文 zh-Hans-HK 香港地区使用的简体中文 zh-Hans-MO 澳门使用的简体中文 zh-Hans-SG 新加坡使用的简体中文 zh-Hans-TW 台湾使用的简体中文 zh-Hant 繁体中文 zh-Hant-CN 大陆地区使用的繁体中文

@laispace
laispace / git 设置和取消代理
Last active May 6, 2025 13:43
git config --global https.proxy http://127.0.0.1:1080
git config --global https.proxy https://127.0.0.1:1080
git config --global --unset http.proxy
git config --global --unset https.proxy
npm config delete proxy
@Akagi201
Akagi201 / qq-protocol.md
Created April 16, 2014 09:17
title description date categories slug
QQ协议分析
QQ协议分析
2014-04-16
protocol
qq-protocol

一. 文字聊天协议族(TCPF, Text Chatting Protocol Family)

@lynus
lynus / github_on_ssh_tunnel
Created May 1, 2013 16:13
Using github through ssh tunnel
repo所在的机器A不能访问外网,可以通过中间机器B使用github(clone,push,pull)
1.建立A到B的ssh 隧道。
2.分别修改~/.ssh/config 与 repo下面的 .git/config 文件
参考http://www.ibm.com/developerworks/cn/linux/l-cn-sshforward/ 这篇文档。
使用文档中图4的‘多主机转发应用‘ 方法。建立 A到B的通道:
ssh -g -L 7001:github.com:22 middle-host