Start Chrome with the following flags:
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
--remote-debugging-port=9222
--remote-debugging-address=0.0.0.0
Tim McGuffin NotMedic
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #From: https://www.dsinternals.com/en/retrieving-cleartext-gmsa-passwords-from-active-directory/ | |
| #Install the DSInterals Powershell Module | |
| Install-Module -Name DSInternals -Force | |
| #Import it. | |
| Import-Module DSInternals | |
| #Identify which users can recover the GMSA Account's Password. Compromise one of those Principals. | |
| Get-ADServiceAccount -Identity GMSAccount -Properties PrincipalsAllowedToRetrieveManagedPassword |
NotMedic
/ Instructions.md
Created
November 7, 2019 20:10
Headless Remote Chrome Debugging - Ichabod Chrome :)
NotMedic
/ TestAssembly.cs
Last active
July 23, 2020 15:39
— forked from Arno0x/TestAssembly.cs
This code shows how to load a CLR in an unmanaged process, then load an assembly from memory (not from a file) and execute a method
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| ================================ Compile as a .Net DLL ============================== | |
| C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe /target:library /out:TestAssembly.dll TestAssembly.cs | |
| */ | |
| using System.Windows.Forms; | |
| namespace TestNamespace |
NotMedic
/ gcp-gpu-vm-hashcat.md
Created
May 3, 2019 15:26
— forked from koenrh/gcp-gpu-vm-hashcat.md
Running Hashcat on Google Cloud's new GPU-based VMs
In February 2017, Google announced the availability GPU-based VMs. I spun up a few of these instances, and ran some benchmarks. Along the way, I wrote down the steps taken to provision these VM instances, and install relevant drivers.
Update April 2019: Updated instructions to use instances with the Tesla T4 GPUs.
NotMedic
/ markvulnerable.py
Last active
July 11, 2019 02:11
Script to mark hosts as vulnerable in Bloodhound.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import sys, json, urllib, urllib2 | |
| #Define the Bloodhound Database | |
| url = 'http://bloodhound-server:7474/db/data/cypher/' | |
| #Define the Bloodhound Credentials | |
| #echo neo4j:bloodhound | base64 | |
| base64auth = 'bmVvNGo6Ymxvb2Rob3VuZA==' | |
| request = urllib2.Request(url) |
NotMedic
/ Instructions.txt
Created
December 2, 2018 02:29
Siri -> HomeBridge -> HomeBridge-ssh -> iptables
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| This is a pretty simple setup: | |
| Siri is used to control Homebridge using the HomeKit protocol. | |
| Homebridge has a module named Homebridge-ssh that allows you to run commands over ssh. | |
| There is a shell script on an OpenWrt box to enable, disable, and check the status of a MAC Address block in the FORWARD table. | |
| 1. Install node on your platform. I went with 8.9 for no specific reason other than I initially had issues with 10 that probably weren't related.. | |
| 2. Install homebridge and homebridge-ssh. You should probably also put hombridge-config-ui-x on there too... I used the unsafe-perm parameter after getting a significant number of errors: | |
| sudo -i npm install -g homebridge --unsafe-perm | |
| sudo -i npm install -g homebridge-ssh --unsafe-perm |
NewerOlder