kernelsmith
/ mubix.rb
Last active
August 29, 2015 13:56
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def checkit(arr3) | |
| if arr3.first =~ /uid=/ | |
| print arr3.first.strip.split('modbusconfig=')[1].split(',')[0] | |
| print ':' | |
| print arr3[1].split(' ')[1] | |
| print ':' | |
| print arr3[2].split(' ')[1] | |
| print "\r\n" | |
| end | |
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| == RubyInject == | |
| RubyInject is a Mac OS X framework that allows you to inject at runtime the | |
| Ruby interpreter into any running application, using the mach_star mechanism. | |
| It will spawn a new thread on the remote process, initialize the Ruby | |
| interpreter, start a new DRb server that exposes an expression evaluator, and | |
| advertises the DRb server URI on bonjour (if you have the ruby-dnssd library). | |
| https://github.com/rentzsch/mach_star |
kernelsmith
/ dont_close_me_bro.sh
Last active
August 29, 2015 13:57
email my phone if a website says location is closed
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl -Ls http://school.edu | egrep -q yellow && echo "school delayed" | mail -s school my@phone |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| if mod | |
| # Don't report module run events here as it will be taken care of | |
| # in +Post.run_simple+ | |
| # meterpreter scripts don't need SESSION, but it's not gonna hurt | |
| opts = { 'SESSION' => self.sid } | |
| args.each do |arg| | |
| k,v = arg.split("=", 2) | |
| opts[k] = v | |
| end | |
| if mod.type == "post" |
kernelsmith
/ psexec.reg
Created
May 6, 2014 18:37
registry setting change to allow psexec w/local account for host not joined to a domain
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Windows Registry Editor Version 5.00 | |
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] | |
| "LocalAccountTokenFilterPolicy"=dword:00000001 |
kernelsmith
/ test_auto_run_local.rc
Last active
August 29, 2015 14:01
first attempt at resource file for automating testing of auto_run_local_exploits
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # 0) setup our variables | |
| <% rc_primary_lhost = "192.168.130.1" %> | |
| <% rc_lhost_for_local = rc_primary_lhost %> | |
| <% rc_primary_lport = "4433" %> | |
| <% rc_lport_for_local = "4443" %> | |
| ## primary exploit options | |
| #<% rc_primary_exploit = "exploit/windows/smb/psexec" %> #> | |
| <% rc_primary_exploit = "exploit/windows/browser/ms14_012_textrange" %> |
kernelsmith
/ msf_payload_network_comms.txt
Created
August 28, 2014 03:26
MSF payload/session network communications. A custom stage should do these things
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| with reverse_tcp its listen -> accept -> recv(4) -> recv(length) -> jmp(buffer) |
kernelsmith
/ download_file_over_http.rb
Created
October 15, 2014 20:03
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'net/http' | |
| # Must be somedomain.net instead of somedomain.net/, otherwise, it will throw exception. | |
| Net::HTTP.start("somedomain.net") do |http| | |
| resp = http.get("/blah.zip") | |
| open("blah.zip", "wb") do |file| | |
| file.write(resp.body) | |
| end | |
| end |
kernelsmith
/ unzip.rb
Last active
August 29, 2015 14:07
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'zip' | |
| source_file = "blah.zip" | |
| string = File.binread(source_file) | |
| Zip::File.open_buffer(string) do |entries| | |
| entries.each {|entry| puts entry.name } | |
| end |
kernelsmith
/ osx_window_grab.sh
Created
October 21, 2014 23:12
screen capture current terminal window on osx, command-line
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| screencapture -l$(osascript -e 'tell app "iTerm" to id of window 1') sc_test.png |
OlderNewer