Skip to content

Instantly share code, notes, and snippets.

View Xenov-X's full-sized avatar

Xenov Xenov-X

38 followers · 32 following
View GitHub Profile
@Xenov-X
Xenov-X / getAllContacts.js
Created August 9, 2022 08:22 — forked from fkasler/getAllContacts.js
o365 Contact Miner
//paste this in the web console and copy out the results when it's done to a file like "allcontacts.json"
function getCookie(name) {
var value = "; " + document.cookie;
var parts = value.split("; " + name + "=");
if (parts.length == 2) return parts.pop().split(";").shift();
}
var gal = []
var contacts = []
function collectPersonas(){
@Xenov-X
Xenov-X / ms-msdt.MD
Created May 30, 2022 22:12 — forked from tothi/ms-msdt.MD
The MS-MSDT 0-day Office RCE Proof-of-Concept Payload Building Process

MS-MSDT 0-day Office RCE

MS Office docx files may contain external OLE Object references as HTML files. There is an HTML sceme "ms-msdt:" which invokes the msdt diagnostic tool, what is capable of executing arbitrary code (specified in parameters).

The result is a terrifying attack vector for getting RCE through opening malicious docx files (without using macros).

Here are the steps to build a Proof-of-Concept docx:

  1. Open Word (used up-to-date 2019 Pro, 16.0.10386.20017), create a dummy document, insert an (OLE) object (as a Bitmap Image), save it in docx.
@Xenov-X
Xenov-X / poc.html
Created April 28, 2021 11:13 — forked from knavesec/poc.html
External Email Warning Bypass
<!DOCTYPE html>
<html>
<head>
<title></title>
<style type="text/css">
body {
display: none !important;
background:#FFFFFF !important;
}