Instantly share code, notes, and snippets.

⚡️
[hip, hip]

Leon Jacobs leonjza

View GitHub Profile
@leonjza leonjza / index.html
Created Jul 23, 2018
HTML5 Drag 'n drop API test
View index.html
<html>
<head></head>
<body id="drop_zone" ondragenter="dragEnterHandler(event);">
<div>
<p>Drag one or more files to this Drop Zone ...</p>
</div>
</body>
@leonjza leonjza / mq_clients.go
Last active Jun 11, 2018
IBM MQ "mq_clients" osquery Custom Table
View mq_clients.go
package main
import (
"context"
"flag"
"log"
"os"
"os/exec"
"regexp"
"strings"
@leonjza leonjza / convert.py
Created Apr 10, 2018
Invoke-Kerberoast Output Converter
View convert.py
#!/usr/bin/python
# Invoke-Kerberoast output hash extractor.
#
# For when you have:
# TicketByteHexStream :
# Hash : $krb5tgs$23$*sqlSvc$Adomain.com$MSSQLSvc/sqlserver.Adomain.com:1433*$C13BFD40143C0E
# ....
# SamAccountName : sqlSvc
# DistinguishedName : CN=sqlSvc,OU=ServiceAccounts,DC=Adomain,DC=com
@leonjza leonjza / README.md
Last active Jul 5, 2018
☄️go-out - A dependency free, Golang egress buster using @mubix letmeoutofyour.net and @bhinfosecurity allports.exposed services.
View README.md

☄️ go-out

This code now lives at: https://github.com/sensepost/go-out

A simple, dependency free, Golang egress buster using @mubix letmeoutofyour.net and @bhinfosecurity allports.exposed services.

install

Save the main.go file and either go run main.go or build it with go build -o go-out main.go, moving the resultant binary to your place of choice.

cross compiling

@leonjza leonjza / crypt.php
Last active Feb 13, 2018
Laravel ~5.6 encryptor / decryptor.
View crypt.php
<?php
/*
* Quick 'n Dirty Laravel ~5.6 decrypter.
* @leonjza
*
* Typically, if you see a key with the format base64:key_string then
* you know you need this decrypter.
*
* For Laravel ~5.1, use: https://gist.github.com/leonjza/ce27aa7435f8d131d93f
@leonjza leonjza / install.sh
Last active Aug 9, 2018
Kali Linux Rolling Docker Installation
View install.sh
# https://docs.docker.com/engine/installation/linux/docker-ce/debian/
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
echo "deb https://download.docker.com/linux/debian stretch stable" >> /etc/apt/sources.list
apt install docker-ce
# test that this thing is on
docker run hello-world
@leonjza leonjza / README.md
Last active Dec 1, 2018
BSides CPT 2017 - RFCat Challenge Server and Client Sources
View README.md
@leonjza leonjza / README.md
Last active Feb 9, 2019
Custom socat with SSLv2 and SSLv3 support
View README.md

socat with sslv2 and sslv3 support

This script downloads and builds OpenSSL v1.0.2m and socat v1.7.3.2 in /usr/local/src. Once complete, a symlink at /usr/local/bin/socat-ssl23 is created so that you can run it with socat-ssl23.

install

Tested on Kali Linux:

curl -fsSL https://git.io/vFBDA | bash
@leonjza leonjza / README.md
Last active Jul 19, 2018
goness - A golang Nessus XML parser for use in your shell pipeline
View README.md

goness

A golang Nessus XML parser for use in your shell pipeline

examples

Just searching for "MS15":

$ goness -f exported_download.nessus | grep "MS15"
MS15-034: Vulnerability in HTTP.sys Could Allow Remote Code Execution (3042553) (uncredentialed check)|www|10.1.1.1:80
@leonjza leonjza / escalate.py
Last active Apr 1, 2018
Laravel Valet v1.1.4 - 2.0.3 & v2.0.7+ Local Privilege Escalation (macOS)
View escalate.py
#!/usr/bin/env python2
# Laravel Valet v1.1.4 - 2.0.3 Local Privilege Escalation (macOS)
# February 2017 - @leonjza
# Affected versions: At least since ~v1.1.4 to v2.0.3. Yikes.
# Reintroduced in v2.0.7 via the 'trust' command again.
# This bug got introduced when the sudoers files got added around
# commit b22c60dacab55ffe2dc4585bc88cd58623ec1f40 [1].