This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
#The War Room Blog | |
#http://warroom.securestate.com/index.php/cya-cover-your-alfa-part-ii/ | |
x=1 # set the variables | |
HIGH_QUAL=$(cat /proc/net/wireless | awk 'END { print $3 }' | sed 's/\.$//') # parse the output of /proc/net/wireless to get integers only | |
LOW_QUAL=$(cat /proc/net/wireless | awk 'END { print $3 }' | sed 's/\.$//') | |
AVG_QUAL=$(cat /proc/net/wireless | awk 'END { print $3 }' | sed 's/\.$//') | |
HIGH_LVL=$(cat /proc/net/wireless | awk 'END { print $4 }'| sed 's/\.$//') | |
LOW_LVL=$(cat /proc/net/wireless | awk 'END { print $4 }'| sed 's/\.$//') | |
AVG_LVL=$(cat /proc/net/wireless | awk 'END { print $4 }'| sed 's/\.$//') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!DOCTYPE html> | |
<html> | |
<head> | |
<title>PHP OS Command Injection</title> | |
<!-- Adapted from the SecureState 2015 High School CTF http://www.mountunion.edu/information-security-challenge-slated-for-saturday --> | |
<!-- Originally hosted at http://warroom.securestate.com --> | |
</head> | |
<body> | |
<h1>MD5 Hashing</h1> | |
<br /> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## | |
# This module requires Metasploit: http://metasploit.com/download | |
# Current source: https://github.com/rapid7/metasploit-framework | |
## | |
require 'msf/core' | |
class Metasploit3 < Msf::Auxiliary | |
def initialize |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
use post/windows/gather/enum_ad_computers | |
set FIELDS distinguishedName,dNSHostname,description,operatingSystem,operatingSystemServicePack | |
set FILTER (&(objectCategory=computer)(userAccountControl:1.2.840.113556.1.4.803:=8192)) | |
run | |
set FILTER (&(objectCategory=computer)(operatingSystem=*server*)(!(userAccountControl:1.2.840.113556.1.4.803:=8192))) | |
run | |
set FILTER (&(objectCategory=computer)(!(operatingSystem=*server*))) | |
run | |
set FIELDS distinguishedName,name,mail,description | |
set FILTER (&(objectCategory=person)(objectClass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2))) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import argparse | |
from subprocess import call | |
# Useful for Bluetooth device discovery when Bluetooth device addresses may be one off from wireless MAC addresses | |
# See, for example, "Hacking Exposed: Wireless", 3rd edition, by Joshua Wright and Johnny Cache, pages 211-214. | |
# To generate the list of addresses and test using hcitool (or another command line tool): | |
# python3 off-by-one.py -l macs.lst | while read -r line; do hcitool name "$line"; done | |
def off_by_one(mac_list, flag): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import requests | |
import argparse | |
def lengthen(url): | |
if not url.lower().startswith(("http://", "https://")): | |
url = "http://" + url | |
http_req = requests.get(url) | |
return http_req.url | |
def main(): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
'''Pipe output of host command into this script when performing reverse lookups to get a more friendly output: | |
while read i; do host $i | ./friendly-reverse.py; done < list.txt ''' | |
import sys | |
for lookup in sys.stdin: | |
ip = lookup.split('.', 4)[:4] | |
domain = lookup.rsplit(' ', 1)[1] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# reconcile.py | |
"""Given an all-capital password (from a cracked LM hash) and an NTLM hash, | |
identify the correct capitalization.""" | |
import argparse | |
import hashlib | |
import itertools | |
def all_cases(password): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apt-get update | |
apt-get install \ | |
apt-transport-https \ | |
ca-certificates \ | |
curl \ | |
gnupg-agent \ | |
software-properties-common | |
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
while read user; do curl --ntlm -u '"$user":PASSWORD' URI -w 'size: %{size_download}\n' -o /dev/null; done < userlist.txt |
OlderNewer