Skip to content

Instantly share code, notes, and snippets.

View sunnyc7's full-sized avatar

Sunny Chakraborty sunnyc7

49 followers · 188 following
  • NJ
View GitHub Profile
@sunnyc7
sunnyc7 / research.md
Created January 21, 2025 17:40 — forked from hackermondev/research.md
Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

@sunnyc7
sunnyc7 / zed-docs-pdf-gen.md
Created August 4, 2024 21:29
Convert Zed Docs to PDF

Context

Issue

  • Zed PDF docs doesn't exist / couldn't find after 10mins of searching.

Solution

  • Run the following in cmd.exe
@sunnyc7
sunnyc7 / ChatGPT-Dan-Jailbreak.md
Created July 15, 2024 01:53 — forked from coolaj86/ChatGPT-Dan-Jailbreak.md
@sunnyc7
sunnyc7 / AuditPolicy.ps1
Created May 13, 2024 18:03
Basic AuditPolicy config for WFP event generation
<#
Machine Name Policy Target Subcategory Subcategory GUID Inclusion Setting
DESKTOP02 System IPsec Driver {0CCE9213-69AE-11D9-BED3-505054503030} No Auditing
DESKTOP02 System Removable Storage {0CCE9245-69AE-11D9-BED3-505054503030} No Auditing
DESKTOP02 System Other Object Access Events {0CCE9227-69AE-11D9-BED3-505054503030} No Auditing
DESKTOP02 System Filtering Platform Connection {0CCE9226-69AE-11D9-BED3-505054503030} No Auditing
DESKTOP02 System Filtering Platform Packet Drop {0CCE9225-69AE-11D9-BED3-505054503030} No Auditing
DESKTOP02 System Certification Services {0CCE9221-69AE-11D9-BED3-505054503030} No Auditing
DESKTOP02 System SAM {0CCE9220-69AE-11D9-BED3-505054503030} No Auditing
@sunnyc7
sunnyc7 / jqwerty.c
Created February 21, 2024 19:01 — forked from odzhan/jqwerty.c
Jacky Qwerty/29A Compression Algorithm
//
// Jacky Qwerty/29A compression algorithm, by Matt Mahoney
// modified by odzhan
// 2019-12-07
//
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#include <time.h>
@sunnyc7
sunnyc7 / WmiEventConsumerClassDerivation.ps1
Created November 15, 2023 18:21 — forked from mattifestation/WmiEventConsumerClassDerivation.ps1
function New-ActiveScriptEventConsumerClass {
<#
.SYNOPSIS
Creates an ActiveScriptEventConsumer WMI class in the namespace of your choosing.
.DESCRIPTION
New-ActiveScriptEventConsumerClass creates a clone of the ActiveScriptEventConsumer WMI event consumer class using the class name and namespace name of your choosing.
@sunnyc7
sunnyc7 / SysmonEventGUIDParser.ps1
Created November 15, 2023 18:19 — forked from mattifestation/SysmonEventGUIDParser.ps1
Extracts fields from sysmon process and logon GUIDs
# Author: Matthew Graeber (@mattifestation)
$Epoch = Get-Date '01/01/1970'
# Conversion trick taken from https://blogs.technet.microsoft.com/heyscriptingguy/2017/02/01/powertip-convert-from-utc-to-my-local-time-zone/
$StrCurrentTimeZone = (Get-WmiObject Win32_timezone).StandardName
$TZ = [TimeZoneInfo]::FindSystemTimeZoneById($StrCurrentTimeZone)
# Parse out all the LogonGUID fields for sysmon ProcessCreate events
Get-WinEvent -FilterHashtable @{ LogName = 'Microsoft-Windows-Sysmon/Operational'; Id = 1 } | ForEach-Object {
@sunnyc7
sunnyc7 / NTInsiderDownloader.ps1
Created November 3, 2023 20:38
If you like NTInsider from OSR Systems, but don't like clicking things
# If you like reading NT Insider but don't like clicking.
$savePDFTo = "$env:TEMP\NTInsider"
$uri = "https://www.google.com/search?q=site:insider.osr.com+filetype:pdf+inurl:pdf&sca_esv=579237292&rlz=1C1CHBF_enUS1055US1055&sxsrf=AM9HkKlzAaBYLDpNc_IsOEqzno14_5ICyw:1699043261820&filter=0&biw=2327&bih=1210&dpr=1.1"
$res = Invoke-WebRequest -UseBasicParsing -Uri $uri
$pdf = $res.Links | where {$_ -match "PDF" -and $_ -match "insider.osr.com"}
foreach ($f in $pdf) {
$filtered = $f.href | where {$_ -match 'http://insider.osr.com/'}
$pdfURL = (($filtered -split '&')[0] -split '=')[1]
@sunnyc7
sunnyc7 / DumpHex.c
Created July 13, 2023 18:06 — forked from ccbrown/DumpHex.c
Compact C Hex Dump Function w/ASCII
#include <stdio.h>
void DumpHex(const void* data, size_t size) {
char ascii[17];
size_t i, j;
ascii[16] = '\0';
for (i = 0; i < size; ++i) {
printf("%02X ", ((unsigned char*)data)[i]);
if (((unsigned char*)data)[i] >= ' ' && ((unsigned char*)data)[i] <= '~') {
ascii[i % 16] = ((unsigned char*)data)[i];
@sunnyc7
sunnyc7 / env_var_spoofing_poc.cpp
Created February 25, 2023 02:19 — forked from xpn/env_var_spoofing_poc.cpp
A very rough x64 POC for spoofing environment variables (similar to argument spoofing) with a focus on setting the COMPlus_ETWEnabled=0 var used to disable ETW in .NET
// A very rough x64 POC for spoofing environment variables similar to argument spoofing with a focus on
// setting the COMPlus_ETWEnabled=0 var for disabling ETW in .NET.
//
// Works by launching the target process suspended, reading PEB, updates the ptr used to store environment variables,
// and then resuming the process.
//
// (https://blog.xpnsec.com/hiding-your-dotnet-complus-etwenabled/)
#define INJECT_PARAM L"COMPlus_ETWEnabled=0\0\0\0"
#define INJECT_PARAM_LEN 43