https://gist.github.com/inaz2/5fa3ca02f4e8204a7dd4d4b50fd0c13f
Shell32.dll {6DA736C9-DCDE-4651-82A8-56E4EF1D8DD7} CLSID_ScfFileExecute
Any class that extends the following methods render the classes ICON file (arbitrary file = potentially an SMB connection/hash relay)
| Write-Host "Hello World, via powershell cradle" |
| # There's no simple built-in equivalent of the powershell Get-AzAccessToken to dump the active Auth/Bearer/token | |
| # from the session initiated with Connect-ExchangeOnline | |
| # This dumps all active sessions in current PoSH context | |
| [Microsoft.Exchange.Management.ExoPowershellSnapin.ConnectionContextFactory]::GetAllConnectionContexts() | ConvertTo-JSON | |
| [Microsoft.Exchange.Management.ExoPowershellSnapin.ConnectionContextFactory]::GetAllConnectionContexts() | select PowerShellTokenInfo | ConvertTo-JSON | |
| [Microsoft.Exchange.Management.ExoPowershellSnapin.ConnectionContextFactory]::GetAllConnectionContexts() | Where-Object {-not [System.String]::IsNullOrEmpty($_.PowerShellCredentials)} | select PowerShellTokenInfo | ConvertTo-JSON |
November 2016
Security oriented linux command cheatsheets
| #!/bin/bash | |
| if [ "x$1" = "x" ]; | |
| then echo "You need to specify an input file containing domain names to iterate over!";echo "Usage: $0 list_of_domain_names.txt" | |
| exit; | |
| fi | |
| if ! [ -x "$(command -v psql)" ]; then | |
| echo 'Error: psql is not installed.' >&2 | |
| echo 'Try installing it: sudo apt install postgresql-client' >&2 |
| Write-Host EXPLOITED |
| <?php phpinfo() ?> |
| import glob | |
| #AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\*" | |
| logfiles = glob.glob("*.ldb") | |
| logfiles.extend(glob.glob("*.log")) | |
| for fname in logfiles: | |
| with open(fname,'rb') as fd: | |
| ldbfile = fd.read() | |
| downloads=[] | |
| for entry in ldbfile.split(b'21_download,')[1:]: |