This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Usage: | |
# python3 login_getdata.py -p XXXXXXXXXX -ip 192.168.YYY.ZZZ -r '[^,]*,[^,]*\"PC\-AAA\-BBB\-CCC\-DDD\".+?(?=\,\{\"uid)' | |
import sys | |
import os | |
import binascii | |
# pip install requests | |
import requests | |
import re | |
from argparse import ArgumentParser |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Splunk query to detect when an account is adding extended right that can be leverage to perform a DCsync attack. | |
Windows event code monitored: 5136. | |
extended rights monitored: | |
https://docs.microsoft.com/en-us/windows/win32/adschema/r-ds-replication-get-changes | |
https://docs.microsoft.com/en-us/windows/win32/adschema/r-ds-replication-get-changes-all | |
https://docs.microsoft.com/en-us/windows/win32/adschema/r-ds-replication-get-changes-in-filtered-set | |
Query: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Take note of the IPv6 prefix assigned then disable IPv6 LAN in the Fastgate (Avanzate->then disable "IPV6 su LAN"). | |
Commands: | |
/interface 6to4 | |
add clamp-tcp-mss=yes comment="Fastweb IPv6 tunnel" disabled=no dont-fragment=no dscp=inherit !ipsec-secret !keepalive local-address=192.168.2.1 mtu=1480 name=FastwebIPv6Tunnel remote-address=81.208.50.214 | |
/ipv6 address | |
add address=2001:b07:XXXX:YYYY::512/128 advertise=no disabled=no eui-64=no from-pool="" interface=FastwebIPv6Tunnel no-dad=no | |
add address=2001:b07:XXXX:YYYY::/64 advertise=yes disabled=no eui-64=no from-pool="" interface=bridge no-dad=no |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
# obsolete with a decent qos | |
import paramiko, sys, os | |
import time | |
from subprocess import call | |
import signal | |
filename="/tmp/" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import time | |
import sys | |
import signal | |
import hashlib | |
CHAR_LIST=['0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'] | |
CHAR_EMPTY='-' | |
s= [['3','F','-','-','-','6','8','9','5','2','4','-','-','-','A','B'], |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import paramiko, sys, os | |
import time | |
from subprocess import call | |
import signal | |
filename="/tmp/" | |
filename+=str(time.time()) | |
filename+=".csv" | |
sys.stdout = open(filename, "w") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# This script rotates the screen and touchscreen input 90 degrees each time it is called, | |
# also disables the touchpad, and enables the virtual keyboard accordingly | |
# modified for my Lenovo X1 Carbon | |
# based on the script provided by Ruben Barkow: https://gist.github.com/rubo77/daa262e0229f6e398766 | |
# To avoid black bars and squares in the bottom right corner: Settings->Screen and video->Compositor and set "Rendering Engine" to "OpenGL 3.1" seems to solve the problem | |
#### configuration | |
# find your Touchscreen and Touchpad device with `xinput` |