scrapped from @x0rz,@etlow,@Dinosn,@hackerfantastic,@highmeh,@cyb3rops and others
- A quick analysis of the latest Shadow Brokers dump https://labs.nettitude.com/blog/a-quick-analysis-of-the-latest-shadow-brokers-dump/
- Timestamps
Giuseppe Bonfa Evilcry
Evilcry
/ get-elevated-com.ps1
Last active
December 16, 2019 04:08
Eumerate COM objects with elevation ON
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $path = "REGISTRY::HKEY_CLASSES_ROOT\CLSID\" | |
| Get-ChildItem -Path $path -Recurse | foreach { | |
| $CurrentKey = Get-ItemProperty -Path $_.PsPath | |
| if ($CurrentKey.PSChildName -match "Elevation") { | |
| $details = Get-ItemProperty -Path $CurrentKey.PSParentPath | |
| Out-File -FilePath ".\elevation.txt" -InputObject $details -Append | |
| } | |
| } |
Evilcry
/ resources.md
Created
May 20, 2017 16:35
— forked from iam1980/resources.md
Shadow Brokers EQGRP Lost in Translation resources
Evilcry
/ scada_password_recovery_list.csv
Last active
March 21, 2024 14:59
SCADA Password Recovery List
We can make this file beautiful and searchable if this error is corrected: It looks like row 8 should actually have 1 column, instead of 8. in line 7.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Yokogawa;CENTUM CS 3000 DCS;CENTUM:CENTUM | |
| Yokogawa;EJX910A Multivariable Transmitter HART Communication Type;YOKOGAWA. (to release the Write Protect mode) | |
| Yokogawa;WT 3000 Driver;anonymous:blank (Ethernet access) | |
| Yokogawa;DX1000/DX1000N/DX2000 Advanced;Administrator 1:Admin1 etc./ User 1:User01 etc. | |
| Yokogawa;YFGW410 gateway;admin:!admin | |
| Wonderware;System Platform/Archestra;administrator:blank | |
| Wonderware;Intouch;Administrator:Wonderware | |
| Wonderware;Historian;SQL Server Login: aadbo:pwddbo, wwdbo:pwddbo, aaAdmin:pwAdmin, wwAdmin:wwAdmin, aaPower:pwPower, wwPower:wwPower, aaUser:pwUser, wwUser:wwUser | |
| Westermo;TDW 33;no password, just return, Hardcoded password: n3Y9kA6otYZu8, (?? TD-36) | |
| Westermo;MRD-305-DIN/MRD-310/MRD-315/MRD-330/MRD-355/MRD-350/MRD-455;admin:westermo |
NewerOlder