💻 Developer Nexus: didnt
kpcyrd/i-probably-didnt-backdoor-this
A practical experiment on supply-chain security using reproducible builds
⭐ 160 | 🍴 100x09AL/CVE-2017-11882-metasploit
This is a Metasploit module which exploits CVE-2017-11882 using the POC released here : https://embedi.com/blog/skeleton-closet-ms-office-vulnerability-you-didnt-know-about.
⭐ 97 | 🍴 53klieret/everything-you-didnt-now-you-needed
Tips & Tricks for python, the command line, and more.
⭐ 51 | 🍴 10OG-Frogger/Toad_-3-Blooket
javascript:(function()%7Bfunction start() %7B%0A loadGUI()%3B%0A addUtils()%3B%0A%7D%0A%0Afunction wait(time) %7B%0A return new Promise(resolve %3D> setTimeout(resolve%2C time))%3B%0A%7D%0A%0Avar getValues %3D () %3D> new Promise((e%2C t) %3D> %7B%0A try %7B%0A let n %3D window.webpackJsonp.map(e %3D> Object.keys(e%5B1%5D).map(t %3D> e%5B1%5D%5Bt%5D)).reduce((e%2C t) %3D> %5B...e%2C ...t%5D%2C %5B%5D).find(e %3D> %2F%5Cw%7B8%7D-%5Cw%7B4%7D-%5Cw%7B4%7D-%5Cw%7B4%7D-%5Cw%7B12%7D%2F.test(e.toString()) %26%26 %2F%5C(new TextEncoder%5C)%5C.encode%5C(%5C"(.%2B%3F)%5C"%5C)%2F.test(e.toString())).toString()%3B%0A e(%7B%0A blooketBuild%3A n.match(%2F%5Cw%7B8%7D-%5Cw%7B4%7D-%5Cw%7B4%7D-%5Cw%7B4%7D-%5Cw%7B12%7D%2F)%5B0%5D%2C%0A secret%3A n.match(%2F%5C(new TextEncoder%5C)%5C.encode%5C(%5C"(.%2B%3F)%5C"%5C)%2F)%5B1%5D%0A %7D)%0A %7D catch %7B%0A t("Could not fetch auth details")%0A %7D%0A%7D)%3B%0Avar encodeValues %3D async (e%2C t) %3D> %7B%0A let d %3D window.crypto.getRandomValues(new Uint8Array(12))%3B%0A return window.btoa(Array.from(d).map(e %3D> String.fromCharCode(e)).join("") %2B Array.from(new Uint8Array(await window.crypto.subtle.encrypt(%7B%0A name%3A "AES-GCM"%2C%0A iv%3A d%0A %7D%2C await window.crypto.subtle.importKey("raw"%2C await window.crypto.subtle.digest("SHA-256"%2C (new TextEncoder).encode(t))%2C %7B%0A name%3A "AES-GCM"%0A %7D%2C !1%2C %5B"encrypt"%5D)%2C (new TextEncoder).encode(JSON.stringify(e))))).map(e %3D> String.fromCharCode(e)).join(""))%0A%7D%3B%0A%0A%0Afunction loadGUI() %7B%0A var frame %3D document.createElement("iframe")%3B%0A frame.id %3D "blooo"%0A frame.style.display %3D "none"%3B%0A frame.style.width %3D "1px"%3B%0A frame.style.height %3D "1px"%0A document.body.appendChild(frame)%3B%0A%0A window.alert %3D frame.contentWindow.alert%3B%0A window.prompt %3D frame.contentWindow.prompt%3B%0A window.confirm %3D frame.contentWindow.confirm%3B%0A%0A%0A let element %3D document.createElement('div')%3B%0A element.innerHTML %3D %60