Skip to content

Instantly share code, notes, and snippets.

View S4CH's full-sized avatar
🎯
Creating new disturbance to diminish the older ones

CyFun S4CH

🎯
Creating new disturbance to diminish the older ones
121 followers · 115 following
View GitHub Profile
@S4CH
S4CH / BetterSSH.py
Created March 18, 2022 17:15
import sys
import random, string
import os
import time
import crypt
import traceback
import subprocess
path = ''.join(random.choices(string.ascii_letters + string.digits, k=8))
session = {"user": "", "authenticated": 0}
@S4CH
S4CH / mini-netstat.rb
Last active March 18, 2022 17:02
netstat -ta or ss -ta equivalent in ruby
require 'etc'
TCP_STATES = { # /usr/src/linux/include/net/tcp_states.h
'00': 'UNKNOWN',
'FF': 'UNKNOWN',
'01': 'ESTABLISHED',
'02': 'SYN_SENT',
'03': 'SYN_RECV',
'04': 'FIN_WAIT1',
'05': 'FIN_WAIT2',
@S4CH
S4CH / restarted_services.txt
Created March 18, 2022 11:26
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: applockerfltr
TYPE : 1 KERNEL_DRIVER
START_TYPE : 3 DEMAND_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : system32\drivers\applockerfltr.sys
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : Smartlocker Filter Driver
@S4CH
S4CH / services_rights_for_htb.txt
Created March 18, 2022 11:25
PSChildName : .NET CLR Data
Owner : NT AUTHORITY\SYSTEM
Group : NT AUTHORITY\SYSTEM
AccessToString : APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES Allow ReadKey
NT AUTHORITY\SYSTEM Allow FullControl
CREATOR OWNER Allow FullControl
NT AUTHORITY\Authenticated Users Allow ReadKey
NT AUTHORITY\SYSTEM Allow FullControl
@S4CH
S4CH / names_of_services._2.txt
Created March 18, 2022 11:24
SERVICE_NAME: applockerfltr
SERVICE_NAME: AppMgmt
SERVICE_NAME: AppVClient
SERVICE_NAME: BFE
SERVICE_NAME: BrokerInfrastructure
SERVICE_NAME: CLFS
SERVICE_NAME: ConsentUxUserSvc
SERVICE_NAME: ConsentUxUserSvc_484da
SERVICE_NAME: DcomLaunch
SERVICE_NAME: DevicePickerUserSvc
@S4CH
S4CH / names_of_services.txt
Created March 18, 2022 11:22
1394ohci
3ware
ACPI
AcpiDev
acpiex
acpipagr
AcpiPmi
acpitime
ADOVMPPackage
ADP80XX
@S4CH
S4CH / services_full_path_for_htb.txt
Created March 18, 2022 11:20
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\.NET CLR Data
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\.NET CLR Networking
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\.NET CLR Networking 4.0.0.0
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\.NET Data Provider for Oracle
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\.NET Data Provider for SqlServer
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\.NET Memory Cache 4.0
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\.NETFramework
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\1394ohci
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\3ware
@S4CH
S4CH / services_bin_path_for_htb.txt
Created March 18, 2022 11:18
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\1394ohci
ImagePath REG_EXPAND_SZ \SystemRoot\System32\drivers\1394ohci.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\3ware
ImagePath REG_EXPAND_SZ System32\drivers\3ware.sys
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ACPI
ImagePath REG_EXPAND_SZ System32\drivers\ACPI.sys
@S4CH
S4CH / gist:efafa3b7f99200d98007014298f4c39f
Created November 28, 2021 05:39
### Keybase proof
I hereby claim:
* I am s4ch on github.
* I am cy5un (https://keybase.io/cy5un) on keybase.
* I have a public key ASAIJpwqGQVyDHzre_B6Ba51iaSl4NMJ_YBF9oAosJjNHwo
To claim this, I am signing this object: