- Change password (default password: default_admin_passwords)
- Change user (default user: esonhugh)
- Change ingress host name to your team server
- Deploy it!
kubectl apply -f deployment-service.yaml -f ingress.yaml -f configmap.yaml # -n <change namespace you deploy>- use
pipx install git+https://github.com/exploide/bloodhound-cli.git
Esonhugh Skyworship Esonhugh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # automatically set the AWS environment variables from the json output of `aws sts assume-role` | |
| aws_sts_env () { | |
| if [[ -n "$1" ]] | |
| then | |
| local cred=$1 | |
| fi | |
| if [[ -z "$cred" ]] | |
| then | |
| echo "Usage: $0 \`json\`" | |
| echo "Example: export cred=\`aws sts assume-role --role-arn xxxx --role-session-name xxxx|jq ".Credentials"\`" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #$1 : URL to download .git from (http://target.com/.git/) | |
| #$2 : Folder where the .git-directory will be created | |
| function init_header() { | |
| cat <<EOF | |
| ########### | |
| # GitDumper is part of https://github.com/internetwache/GitTools | |
| # | |
| # Developed and maintained by @gehaxelt from @internetwache |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| SOURCE_FILE="merged_cloudtrail_logs.json" | |
| ''' | |
| Sample Event | |
| { | |
| "eventVersion": "1.08", | |
| "userIdentity": { | |
| "type": "Root", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "version": "2.0.0", | |
| "tasks": [ | |
| { | |
| "label": "msfvenom payload creating", | |
| "type": "shell", | |
| "detail": "msfvenom payload creating task", | |
| "problemMatcher": [], | |
| "command": [ | |
| "msfvenom", |
When Kubernetes CRD controller which is responsible to analyzing a specific CR is vulnerable, attackers may control certain custom resources and inject malicious payloads, which could trigger malicious behaviors when the controller parses, processes, stores the CRs, or generates other related resources.
Injections can be classified via 3 different way.
Esonhugh
/ maltrail-command-injection.nuclei.yaml
Created
July 10, 2023 17:28
Maltrail <= v0.54 is vulnerable to unauthenticated OS command injection during the login process.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: maltrail-os-command-injection | |
| info: | |
| author: Esonhugh | |
| name: Unauthenticated OS Command Injection in stamparm/maltrail | |
| severity: critical | |
| description: | | |
| Maltrail <= v0.54 is vulnerable to unauthenticated OS command injection during the login process. | |
| reference: | |
| - "https://huntr.dev/bounties/be3c5204-fbd9-448d-b97c-96a8d2941e87/" |
Esonhugh
/ docker_cme.sh
Created
June 7, 2023 07:09
using docker crackmapexec and make command alias
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function docker_cme() { | |
| if [[ -z "$1" ]] | |
| then | |
| if [[ -n `sudo docker ps -a|grep crackmapexec` ]] | |
| then | |
| sudo docker start crackmapexec | |
| sudo docker exec -it crackmapexec sh | |
| else | |
| sudo docker run -it --entrypoint=/bin/bash --name crackmapexec byt3bl33d3r/crackmapexec | |
| fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: Ruoyi-default-password | |
| info: | |
| name: Ruoyi default password admin/admin123 | |
| author: Esonhugh-self-maintained | |
| severity: critical | |
| description: | | |
| Ruoyi default password admin admin123 | |
| tags: password,default,ruoyi | |
| stop-at-first-match: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env $SHELL | |
| # Author: Esonhugh | |
| # Date: 2023/04/05 21:01 | |
| function kube() { | |
| if [[ "$1" == "help" ]] | |
| then | |
| echo "============================================ KubeHack ============================================" | |
| echo "version\t\tkubectl hack plugin version." | |
| echo "server\t\tset env var.value is the kube api server endpoint. Example: https://127.0.0.1:6443" |
NewerOlder