With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>
With Rubeus version with brute module:
start = 0x4007E0 | |
end = 0x400800 | |
to_list_int = [] | |
to_list_str = [] | |
for i in range(start,end,1): | |
print(Byte(i)) | |
print(hex(Byte(i))) | |
to_list_int.append(Byte(i)) | |
to_list_str.append(hex(Byte(i))) |
#!/bin/sh | |
mkdir certs | |
cp /usr/lib/ssl/openssl.cnf ./ | |
openssl req -x509 -days 730 -nodes -newkey rsa:2048 -outform der -keyout server.key -out ca.der -extensions v3_ca -config openssl.cnf | |
openssl rsa -in server.key -inform pem -out server.key.der -outform der | |
openssl pkcs8 -topk8 -in server.key.der -inform der -out server.key.pkcs8.der -outform der -nocrypt |
./gencert.sh | |
Enter your domain [www.example.com]: www.test.com | |
Create server key... | |
Generating RSA private key, 1024 bit long modulus | |
.................++++++ | |
.....++++++ | |
e is 65537 (0x10001) | |
Enter pass phrase for www.test.com.key:输入口令 | |
Verifying - Enter pass phrase for www.test.com.key:输入口令 | |
Create server certificate signing request... |
root@kali:~/temp# cat test.sh | |
#!/bin/sh | |
for i in `ls *.jar`;do | |
~/tools/jadx/bin/jadx -d out-$i $i | |
echo $i | |
done; | |
root@kali:~/temp# cat test2.sh | |
#!/bin/sh | |
for i in `ls *.dex`;do | |
~/tools/jadx/bin/jadx -d out-$i $i |
; global _start | |
; section .text | |
; _start: | |
; jmp short call_shellcode | |
; shellcode: | |
; pop esi | |
; xor ebx,ebx | |
; mov byte[esi+9],bl | |
; mov dword[esi+10],esi |
using System; | |
using System.EnterpriseServices; | |
using System.Runtime.InteropServices; | |
/* | |
Author: Casey Smith, Twitter: @subTee | |
License: BSD 3-Clause | |
Create Your Strong Name Key -> key.snk |
using System; | |
using System.Net; | |
using System.Diagnostics; | |
using System.Reflection; | |
using System.Configuration.Install; | |
using System.Runtime.InteropServices; | |
/* | |
Author: Casey Smith, Twitter: @subTee | |
License: BSD 3-Clause |
#!/bin/bash | |
HOST=192.168.10.130 | |
ACTIVATE=activate.php | |
ME=$(basename $0) | |
function token() { | |
local COOKIE="" | |
if [ -e cookie ]; then | |
COOKIE=" -b cookie" |
export JAVA_HOME=/usr/lib/jvm/jdk-13 | |
export JRE_HOME=${JAVA_HOME}/jre | |
export CLASSPATH=.:${JAVA_HOME}/lib:${JRE_HOME}/lib | |
export PATH=${JAVA_HOME}/bin:$PATH |
With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>
With Rubeus version with brute module: