Skip to content

Instantly share code, notes, and snippets.

Felipe Molina felmoltor

Block or report user

Report or block felmoltor

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@felmoltor
felmoltor / ColoredMessages.ps1
Created Aug 3, 2017
Powershell - Parse-MBSA
View ColoredMessages.ps1
# Author: Felipe Molina (@felmoltor)
# Date: 2017/08
# Summary: These functions are used to print colored messages on powershell.
Function Print-Ok (){
param(
[Parameter(Mandatory=$true,Position=0)][string]$msg
)
Write-Host -NoNewline "[ "
Write-Host -NoNewline -ForegroundColor Green "OK"
@felmoltor
felmoltor / level01
Last active Jun 28, 2017
Nebula Exploit Exercises
View level01
Problem
-------
https://exploit-exercises.com/nebula/level01/
Solution
--------
The binary uses the binary "/usr/bin/env echo" call to show a message to the user.
As /usr/bin/env searches for the specified binary in the PATH variable, we can just fake the "echo" binary with our own binary to get a shell.
@felmoltor
felmoltor / scan.vuln.scheduledtask.ps1
Created May 19, 2017
Scan vulnerable scheduled task
View scan.vuln.scheduledtask.ps1
$tasks = Get-ScheduledTask |
Where-Object { $_.Principal.RunLevel -ne "Limited" -and
$_.Principal.LogonType -ne "ServiceAccount" -and
$_.State -ne "Disabled" -and
$_.Actions[0].CimClass.CimClassName -eq "MSFT_TaskExecAction" }
@felmoltor
felmoltor / zlib1.dll.cpp
Last active Sep 14, 2016
Privilege escalation with DLL Hijack of zlib1.dll on a MinGW default installation
View zlib1.dll.cpp
// Author: Felipe Molina (@felmoltor)
//
// MinGW DLL Hijack Privilege Escalation POC.
// This dll will suplantate the legitimate library "zlib1.dll" residing inside
// the default installation folder of MinGW "C:\MinGW\bin\zlib1.dll"
//
// g++ -c -DPRIVESC_DLL mingwprivesc.dll.cpp & g++ -shared -o mingwprivesc.dll mingwprivesc.dll.o -Wl,--out-implib,main.a & copy /y mingwprivesc.dll C:\MinGW\bin\zlib1.dll
@felmoltor
felmoltor / negotiate_bruteforce.sh
Last active Aug 3, 2016
Negotiate Content Scanner (RFC 2616)
View negotiate_bruteforce.sh
#!/bin/bash
#################
# CONFIG COLORS #
#################
# Text color variables
txtund=$(tput sgr 0 1) # Underline
txtbld=$(tput bold) # Bold
bldred=${txtbld}$(tput setaf 1) # red
@felmoltor
felmoltor / 20160306.spotify.leak.analisys
Created Apr 26, 2016
20160306 Spotify Leak Analisys
View 20160306.spotify.leak.analisys
________________ __________ ____ _______
\_ _____/ _ \\______ \ ___ _/_ | \ _ \
| __)/ /_\ \| ___/ \ \/ /| | / /_\ \
| | / | \ | \ / | | \ \_/ \
\__ | \____|__ /____| \_/ |___| /\ \_____ /
\/ \/ \/ \/
Author: @felmoltor
License: GPLv3
Summary: This tool analyzes password dump. The dump can be of this three kinds (option -F):
@felmoltor
felmoltor / 2013.old.spotify.dump.analisys
Last active Apr 26, 2016
(Old) Spotify dump analisys
View 2013.old.spotify.dump.analisys
________________ __________ ____ _______
\_ _____/ _ \\______ \ ___ _/_ | \ _ \
| __)/ /_\ \| ___/ \ \/ /| | / /_\ \
| | / | \ | \ / | | \ \_/ \
\__ | \____|__ /____| \_/ |___| /\ \_____ /
\/ \/ \/ \/
Author: @felmoltor
License: GPLv3
Summary: This tool analyzes password dump. The dump can be of this three kinds (option -F):
@felmoltor
felmoltor / Honeypot Statistics
Created Apr 2, 2016
Honeypot - Top scanners,countries and user/passwords used
View Honeypot Statistics
====================
= Top 15 source IP =
====================
103.41.124.12:6480 (Hong Kong)
103.41.124.53:6363 (Hong Kong)
103.41.124.19:5809 (Hong Kong)
112.171.173.137:1691 (Korea, Republic of)
222.186.21.82:1596 (China)
117.27.249.4:1470 (China)
222.186.56.171:1302 (China)
@felmoltor
felmoltor / Backup-GPOs.ps1
Created Oct 6, 2015
Powershell script to backup a domain gpo list
View Backup-GPOs.ps1
# Date: 10-2015
# Author: Felipe Molina (@felmoltor)
# Summary: Authomatize the backup proccess of GPO for a domain.
# Create a folder with the time when this script was executed and inside it a folder for each GPO of the domain
# The program needs two mandatory parameters:
# * Domain: The domain from where we want to backup the GPOs
# * backuppath: The path to the folder where we want to store this backups
param(
[Parameter(Mandatory=$True,Position=1)][String]$domain,
@felmoltor
felmoltor / wordpress.scan.detected.txt
Created Aug 4, 2015
[IDS] Detected wordpress vulnerability scans
View wordpress.scan.detected.txt
03/12/2015 37.187.238.74 403 /$wp-content$/plugins/wp-filemanager/incl/libfile.php?&path=../../&filename=wp-config.php&action=download
03/12/2015 37.187.238.74 403 /$wp-content$/plugins/wp-filemanager/incl/libfile.php?&path=../../&filename=wp-config.php&action=download
03/12/2015 37.187.238.74 403 /$wp-content$/plugins/wp-filemanager/incl/libfile.php?&path=../../&filename=wp-config.php&action=download
03/12/2015 37.187.238.74 403 /$wp-content$/themes/parallelus-mingle/framework/utilities/download/getfile.php?file=../../../../../../wp-config.php
03/12/2015 37.187.238.74 403 /$wp-content$/themes/parallelus-mingle/framework/utilities/download/getfile.php?file=../../../../../../wp-config.php
03/12/2015 37.187.238.74 403 /$wp-content$/themes/parallelus-mingle/framework/utilities/download/getfile.php?file=../../../../../../wp-config.php
03/12/2015 37.187.238.74 403 /$wp-content$/themes/parallelus-salutation/framework/utilities/download/getfile.php?file=../../../../../../wp-config.php
03/12/2015 37.187.238.74 403 /$
You can’t perform that action at this time.