Skip to content

Instantly share code, notes, and snippets.

View jborean93's full-sized avatar

Jordan Borean jborean93

429 followers · 2 following
View GitHub Profile
@jborean93
jborean93 / tls_web_server.py
Last active February 22, 2024 20:16
A test HTTP server with TLS enabled to test out some TLS behaviour for web based commands
#!/usr/bin/env python
"""Test TLS Enabled Web Server
A script that can start a temporary TLS enabled web server. This server
supports a basic GET request and will return metadata on the request from the
client. By default it will create an ephemeral certificate when starting up but
a custom certificate can be provided. Also supports client authentication by
providing a CA bundle to use for verification or using --tls-client-auth to
generate a new set of keys.
@jborean93
jborean93 / winrm_with_gssapi.py
Created November 28, 2023 00:34
Test WinRM with GSSAPI authentication in Python
from __future__ import annotations
import base64
import gssapi
import io
import re
import requests
import struct
import sys
import typing as t
@jborean93
jborean93 / NoGui.ps1
Last active May 24, 2024 15:49
Generates an exe called NoGui.exe that can spawn a hidden windows
<#
NOTE: Must be run in Windows PowerShell (5.1), PowerShell (7+) cannot create standalone exes.
This is designed to create a simple exe that can be used to spawn any console
application with a hidden Window. As NoGui.exe is a GUI executable it won't
spawn with an associated console window and can be used to then create a new
process with a hidden console window with the arguments it was created with.
The arguments after -- will be used as the new process, for example
C:\path\NoGui.exe -- pwsh.exe
@jborean93
jborean93 / New-S4UAccessToken.ps1
Last active February 8, 2024 05:50
Generates a Win32 Access Token using S4U (no password required)
# Copyright: (c) 2023, Jordan Borean (@jborean93) <jborean93@gmail.com>
# MIT License (see LICENSE or https://opensource.org/licenses/MIT)
#Requires -Module Ctypes
Function New-S4UAccessToken {
<#
.SYNOPSIS
Generates an S4U access token.
@jborean93
jborean93 / New-Uuid5.ps1
Created September 11, 2023 03:28
Generate UUIDv5 values in PowerShell
# Copyright: (c) 2023, Jordan Borean (@jborean93) <jborean93@gmail.com>
# MIT License (see LICENSE or https://opensource.org/licenses/MIT)
class EncodingTransformAttribute : System.Management.Automation.ArgumentTransformationAttribute {
[object] Transform([System.Management.Automation.EngineIntrinsics]$engineIntrinsics, [object]$InputData) {
$result = switch ($InputData) {
{ $_ -is [System.Text.Encoding] } { $_ }
{ $_ -is [string] } {
switch ($_) {
@jborean93
jborean93 / linux_print_argv.c
Last active October 30, 2023 22:25
Code that can be used to generate an executable that can print how it receives arguments
#include<stdio.h>
// gcc print_argv.c -o print_argv
int main(int argc, char *argv[])
{
int i;
for(i = 1;i < argc;i++)
{
printf("[%d] %s\n", i, argv[i]);
@jborean93
jborean93 / TightVNC Password.ps1
Created August 15, 2023 11:44
Code that can encrypt or decrypt TightVNC server passwords
Function ConvertTo-EncryptedVNCPassword {
[OutputType([byte[]])]
[CmdletBinding()]
param (
[Parameter(Mandatory)]
[SecureString]
$Password
)
# This is hardcoded in VNC applications like TightVNC.
@jborean93
jborean93 / 1 - KB2267602 Info.md
Last active August 15, 2023 01:25
Windows Update API (WUA) KB2267602

This is to document some issues with trying to install KB2267602 on Windows Server 2016 using the Windows Updates API (WUA). The ansible.windows.win_updates.log shows the installation of KB2267602 and it's first failure when installed by the Ansible module, the manual MpCmdRun.exe workaround on this failure, then subsequent update runs that show the update no longer being required. The MpSigStub.log file shows the contents of that log file for the first failed install using WUA and then the subsequent working entries when using MpCmdRun.exe.

The update KB is the security intelligence updates for Microsoft Defender Antivirus and can be updated many times in one day. From what I can see it typically installs just fine but there is a chance where Windows Updates pulls down a new version before it is ready to be installed. For example the logs during a failed run indicates that the following update tried to be installed and resulted in the following error:

4ee7ce61-491b-4e2d-bfd9-a9decbb3ae1a:
@jborean93
jborean93 / AsyncPSCmdlet.cs
Last active May 29, 2024 07:38
Async PSCmdlet base class
using System;
using System.Collections.Concurrent;
using System.Management.Automation;
using System.Threading;
using System.Threading.Tasks;
public abstract class AsyncPSCmdlet : PSCmdlet, IDisposable
{
private enum PipelineType
{
@jborean93
jborean93 / Get-SqlServerTlsCertificate.ps1
Last active May 20, 2024 19:27
Gets the certificate used by a MS SQL Server
# Copyright: (c) 2023, Jordan Borean (@jborean93) <jborean93@gmail.com>
# MIT License (see LICENSE or https://opensource.org/licenses/MIT)
Function Get-SqlServerTlsCertificate {
<#
.SYNOPSIS
Gets the MS SQL X509 Certificate.
.DESCRIPTION
Gets the X509 Certificate that is being used by a remote MS SQL Server.