Skip to content

Instantly share code, notes, and snippets.

Avatar

Andrea Fortuna andreafortuna

View GitHub Profile
View CVE-2019-14271_PoC.c
#include ...
#define ORIGINAL_LIBNSS "/original_libnss_files.so.2"
#define LIBNSS_PATH "/lib/x86_64-linux-gnu/libnss_files.so.2"
bool is_priviliged();
__attribute__ ((constructor)) void run_at_link(void)
{
char * argv_break[2];
@andreafortuna
andreafortuna / ServiceAccounts.ps1
Created Nov 7, 2019
Powershell script to read service configuration from all Windows servers in the current domain and generate report listing all domain accounts used as service logon account
View ServiceAccounts.ps1
<#
Service account report scrip that reads service configuration from
all Windows servers in the current domain and generate a report listing all
domain accounts used as service logon account.
By Andrea Fortuna (andrea@andreafortuna.org)
*** Based on "report-service-accounts.ps1" by Gleb Yourchenko (fnugry@null.net) ***
#>
View keybase.md

Keybase proof

I hereby claim:

  • I am andreafortuna on github.
  • I am andrea_fortuna (https://keybase.io/andrea_fortuna) on keybase.
  • I have a public key whose fingerprint is F08A 2478 ACEB D77B 8A11 6A43 A705 D2DA 05FF 95C5

To claim this, I am signing this object:

@andreafortuna
andreafortuna / GPPDecrypt.ps1
Created Nov 27, 2018
Group Policy Preferences Decoder
View GPPDecrypt.ps1
param (
[string]$cpassword
)
function Get-DecryptedCpassword {
[CmdletBinding()]
Param (
[string] $Cpassword
)
@andreafortuna
andreafortuna / GPPDecrypt.py
Created Nov 27, 2018
Group Policy Preference Password Decoder
View GPPDecrypt.py
#!/usr/bin/env python3
import base64
from Crypto.Cipher import AES
def decrypt(encrypt_str):
padding = "=" * (4 - len(encrypt_str) % 4)
encrypt_str = encrypt_str + padding
encrypt_str = base64.b64decode(encrypt_str)
# Public available AES key on https://msdn.microsoft.com/en-us/library/2c15cbf0-f086-4c74-8b70-1f2fa45dd4be.aspx?f=255&MSPPError=-2147217396
View Optionsbleed.py
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# Optionsbleed proof of concept test
# by Hanno Böck
import argparse
import urllib3
import re
@andreafortuna
andreafortuna / screenshot.sh
Created Jul 8, 2017
Screenshot with Imagemagick
View screenshot.sh
#!/bin/bash
TS=`date +%s`.png
/usr/bin/import ~/Immagini/$TS > ~/logs/ss.log 2>&1
xclip -selection clipboard -t image/png -i ~/Images/$TS >> ~/logs/ss.log 2>&1
notify-send "Screenshot saved into ~/Immagini/$TS and into clipboard" -t 3
@andreafortuna
andreafortuna / notpetyavaccine.ps1
Created Jun 28, 2017
Local vaccine for #Petya / #NotPetya
View notpetyavaccine.ps1
$extensions = "", ".dat", ".dll"
$baseFileName = "C:\windows\perfc"
foreach ($extension in $extensions)
{
$outFile = "{0}{1}" -f $baseFileName, $extension
Write-Host ("Creating file: {0}" -f $baseFileName)
New-Item $outFile -ItemType file -Value "Road block for Petya." -Force
@andreafortuna
andreafortuna / brightness.sh
Last active Jul 22, 2020
Simple script to modify screen brightness
View brightness.sh
#!/bin/bash
# Simple script to modify screen brightness
# USAGE:
# brightness.sh +20 (Increase brightness by 20%)
basedir="/sys/class/backlight/"
# get the backlight handler
handler=$basedir$(ls $basedir)"/"
View vbfilesystembodyfile.sh
#!/bin/bash
#Simple script for VirtuaBox filesystem bodyfile creation
# Usage: vbfilesystembodyfile.sh <VM name>
disk=`echo $( sudo VBoxManage showvminfo $1|grep "vdi\|vmdk"|head -n 1|cut -d ":" -f 2|cut -d "(" -f 1)|xargs`
VBoxManage clonemedium $disk ./$1.raw --format=raw
offset=$(mmls $1.raw -a | grep `mmls $1.raw -a | grep "000:" | cut -d " " -f 9 | sort -r | head -1` | cut -d " " -f 6 | bc)
fls -o $offset -r -m / $1.raw > $1.bodyfile
rm $1.raw
You can’t perform that action at this time.