Josh kernelsmith
kernelsmith
/ unzip.rb
Last active
August 29, 2015 14:07
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'zip' | |
| source_file = "blah.zip" | |
| string = File.binread(source_file) | |
| Zip::File.open_buffer(string) do |entries| | |
| entries.each {|entry| puts entry.name } | |
| end |
kernelsmith
/ download_file_over_http.rb
Created
October 15, 2014 20:03
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'net/http' | |
| # Must be somedomain.net instead of somedomain.net/, otherwise, it will throw exception. | |
| Net::HTTP.start("somedomain.net") do |http| | |
| resp = http.get("/blah.zip") | |
| open("blah.zip", "wb") do |file| | |
| file.write(resp.body) | |
| end | |
| end |
kernelsmith
/ msf_payload_network_comms.txt
Created
August 28, 2014 03:26
MSF payload/session network communications. A custom stage should do these things
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| with reverse_tcp its listen -> accept -> recv(4) -> recv(length) -> jmp(buffer) |
kernelsmith
/ test_auto_run_local.rc
Last active
August 29, 2015 14:01
first attempt at resource file for automating testing of auto_run_local_exploits
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # 0) setup our variables | |
| <% rc_primary_lhost = "192.168.130.1" %> | |
| <% rc_lhost_for_local = rc_primary_lhost %> | |
| <% rc_primary_lport = "4433" %> | |
| <% rc_lport_for_local = "4443" %> | |
| ## primary exploit options | |
| #<% rc_primary_exploit = "exploit/windows/smb/psexec" %> #> | |
| <% rc_primary_exploit = "exploit/windows/browser/ms14_012_textrange" %> |
kernelsmith
/ psexec.reg
Created
May 6, 2014 18:37
registry setting change to allow psexec w/local account for host not joined to a domain
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Windows Registry Editor Version 5.00 | |
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] | |
| "LocalAccountTokenFilterPolicy"=dword:00000001 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| if mod | |
| # Don't report module run events here as it will be taken care of | |
| # in +Post.run_simple+ | |
| # meterpreter scripts don't need SESSION, but it's not gonna hurt | |
| opts = { 'SESSION' => self.sid } | |
| args.each do |arg| | |
| k,v = arg.split("=", 2) | |
| opts[k] = v | |
| end | |
| if mod.type == "post" |
kernelsmith
/ dont_close_me_bro.sh
Last active
August 29, 2015 13:57
email my phone if a website says location is closed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl -Ls http://school.edu | egrep -q yellow && echo "school delayed" | mail -s school my@phone |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| == RubyInject == | |
| RubyInject is a Mac OS X framework that allows you to inject at runtime the | |
| Ruby interpreter into any running application, using the mach_star mechanism. | |
| It will spawn a new thread on the remote process, initialize the Ruby | |
| interpreter, start a new DRb server that exposes an expression evaluator, and | |
| advertises the DRb server URI on bonjour (if you have the ruby-dnssd library). | |
| https://github.com/rentzsch/mach_star |
kernelsmith
/ mubix.rb
Last active
August 29, 2015 13:56
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def checkit(arr3) | |
| if arr3.first =~ /uid=/ | |
| print arr3.first.strip.split('modbusconfig=')[1].split(',')[0] | |
| print ':' | |
| print arr3[1].split(' ')[1] | |
| print ':' | |
| print arr3[2].split(' ')[1] | |
| print "\r\n" | |
| end | |
| end |
kernelsmith
/ ruby_code_order.txt
Created
January 26, 2014 22:07
idiomatic ruby code organization/order
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1) extend and include | |
| 2) constants | |
| 3) attribute macros | |
| 4) other macros (if any) | |
| 5) public class methods | |
| 6) public instance methods | |
| 7) protected and private methods near the end |