Instantly share code, notes, and snippets.

[hip, hip]

Leon Jacobs leonjza

View GitHub Profile
View index.html
<body id="drop_zone" ondragenter="dragEnterHandler(event);">
<p>Drag one or more files to this Drop Zone ...</p>
View mq_clients.go
package main
import (
# Invoke-Kerberoast output hash extractor.
# For when you have:
# TicketByteHexStream :
# Hash : $krb5tgs$23$*sqlSvc$$MSSQLSvc/*$C13BFD40143C0E
# ....
# SamAccountName : sqlSvc
# DistinguishedName : CN=sqlSvc,OU=ServiceAccounts,DC=Adomain,DC=com

☄️ go-out

This code now lives at:

A simple, dependency free, Golang egress buster using @mubix and @bhinfosecurity services.


Save the main.go file and either go run main.go or build it with go build -o go-out main.go, moving the resultant binary to your place of choice.

cross compiling

View crypt.php
* Quick 'n Dirty Laravel ~5.6 decrypter.
* @leonjza
* Typically, if you see a key with the format base64:key_string then
* you know you need this decrypter.
* For Laravel ~5.1, use:
curl -fsSL | sudo apt-key add -
echo "deb stretch stable" >> /etc/apt/sources.list
apt install docker-ce
# test that this thing is on
docker run hello-world

socat with sslv2 and sslv3 support

This script downloads and builds OpenSSL v1.0.2m and socat v1.7.3.2 in /usr/local/src. Once complete, a symlink at /usr/local/bin/socat-ssl23 is created so that you can run it with socat-ssl23.


Tested on Kali Linux:

curl -fsSL | bash


A golang Nessus XML parser for use in your shell pipeline


Just searching for "MS15":

$ goness -f exported_download.nessus | grep "MS15"
MS15-034: Vulnerability in HTTP.sys Could Allow Remote Code Execution (3042553) (uncredentialed check)|www|
#!/usr/bin/env python2
# Laravel Valet v1.1.4 - 2.0.3 Local Privilege Escalation (macOS)
# February 2017 - @leonjza
# Affected versions: At least since ~v1.1.4 to v2.0.3. Yikes.
# Reintroduced in v2.0.7 via the 'trust' command again.
# This bug got introduced when the sudoers files got added around
# commit b22c60dacab55ffe2dc4585bc88cd58623ec1f40 [1].