Robleh Esa robleh
robleh
/ ClosureImporter.cpp
Last active
November 18, 2022 15:33
Import functions from default Windows DLLs without redeclaration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Windows.h> | |
| #include <assert.h> | |
| #define IMPORT(function) function, #function | |
| auto create_importer(const wchar_t* module_name) { | |
| HMODULE module = ::GetModuleHandleW(module_name); | |
| assert(nullptr != module); | |
| return[=]<typename T>(T declaration, const char* symbol) -> T { |
robleh
/ stealnspoof.cpp
Last active
July 24, 2021 21:02
Failed PoC attempt to spoof a parent PID and impersonate a process token.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <iostream> | |
| #include <Windows.h> | |
| int wmain(int argc, PWSTR argv[]) { | |
| auto winlogon = ::OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_CREATE_PROCESS, FALSE, 636); // replace pid | |
| if (INVALID_HANDLE_VALUE == winlogon) { | |
| std::wcout << L"Failed to acquire winlogon handle: " << GetLastError(); | |
| return 1; | |
| } | |
| else { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| subButtons = document.getElementsByClassName("style-scope ytd-subscribe-button-renderer") | |
| for (i = 0; i < subButtons.length; i++) { | |
| if (subButtons[i].tagName == "TP-YT-PAPER-BUTTON") { | |
| if (subButtons[i].getAttribute("aria-label").startsWith("Unsubscribe")) { | |
| subButtons[i].click(); | |
| document.getElementsByClassName("style-scope yt-button-renderer style-blue-text size-default")[0].click(); | |
| } | |
| } | |
| } |
robleh
/ youtube-recommendations.filter
Last active
December 7, 2025 18:17
uBlock Origin filter to remove YouTube homepage, endscreen and sidebar recommendations
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ! Homepage | |
| www.youtube.com##.grid-disabled.grid.ytd-browse.style-scope > .ytd-two-column-browse-results-renderer.style-scope | |
| ! Sidebar recommendations | |
| www.youtube.com##ytd-watch-next-secondary-results-renderer.ytd-watch-flexy.style-scope | |
| ! End screen tiles | |
| www.youtube.com##.ytp-endscreen-content |
robleh
/ tcpshell.go
Last active
June 6, 2022 08:15
Simple Golang TCP Reverse Shell Implant and Server
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "flag" | |
| "io" | |
| "log" | |
| "net" | |
| "os" | |
| "os/exec" | |
| ) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| '''This is a Python based socket server which runs on localhost port 4000. | |
| Use /set?somekey=somekeyvalue to store a key pair. Use /get?key=somekey to | |
| retrieve a key's value.''' | |
| import socket | |
| import sys | |
| HOST = "" | |
| PORT = 4000 | |
| key_pairs = {} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| /*I'm learning C and I thought this would be a fun chance to practice. | |
| I aimed to make a Crackle Pop program which could take any pair of integers as input. | |
| My strategy was to process number pairs containing a factor and a multiple | |
| differently than those which didn't. Thanks for taking the time to check it out!*/ | |
| int numbers_not_related(int crackle, int pop); | |
| int numbers_related(int larger_abs, int smaller_abs, char const *crackle_or_pop); |