Ben Grewell bgrewell
bgrewell
/ lnk-builder.py
Last active
October 26, 2018 21:49
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import struct | |
| import codecs | |
| import binascii | |
| sample_string = """ | |
| 4C 00 00 00 01 14 02 00 00 00 00 00 C0 00 00 00 | |
| 00 00 00 46 81 00 00 00 00 00 00 00 00 00 00 00 | |
| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | |
| 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
bgrewell
/ netfill.go
Created
August 13, 2018 20:12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "net" | |
| "fmt" | |
| "math/rand" | |
| "flag" | |
| "bufio" | |
| "os" | |
| "strconv" |
bgrewell
/ PenTesters_Framework_Install.txt
Last active
February 5, 2024 22:11
Steps required to install and setup PenTesters Framework (PTF) from TrustedSec
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## run in terminal ## | |
| sudo su - | |
| apt-get update | |
| apt-get install python | |
| git clone https://github.com/trustedsec/ptf /opt/ptf | |
| cd /opt/ptf | |
| ./ptf | |
| ## run inside PTF ## | |
| use modules/exploitation/install_update_all |
bgrewell
/ bash64coder.py
Last active
May 11, 2018 01:06
bash64coder.py is a simple python script for creating base64 encoded payloads that have any undesirable character sequences quoted out. It was written as a tool for generating base64 encoded bash payload that could pass through a WAF that was filtering out commands (and subsequently would also block any base64 strings that happened to contain so…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import base64 | |
| SEQUENCE_FILE = "blocked_commands.txt" | |
| filtered_sequences = [ | |
| ] | |
| def LoadFilteredSequences(wordlist): | |
| ''' | |
| Loads a list of character sequences which aren't allowed in our final output |
bgrewell
/ rotten_pickle.py
Last active
May 13, 2021 09:18
This Gist creates payloads to exploit pythons pickle function. It is pre-setup to create reverse shells but could be tweaked for whatever fun uses you can think of.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import marshal | |
| import urllib | |
| import base64 | |
| import os | |
| """ | |
| Script: rotten_pickle.py | |
| Date: 5/4/2018 | |
| Author: Benjamin Grewell | |
| Purpose: This script creates a reverse shell that will be executed when the python pickle package attempts to unpickle it. |
bgrewell
/ procwatcher.go
Last active
April 19, 2018 15:22
ProcWatcher is a tool to watch newly created processes on a Linux system. The main purpose of this was to have a way to watch for very short lived randomly executed processes so that their command line arguments could be captured. Note: This is intentinally designed to run under conditions with minimal privillages and no external dependencies.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "fmt" | |
| "io/ioutil" | |
| "log" | |
| "strings" | |
| ) | |
| // Map to hold a list of "currently running" processes. |
NewerOlder