natesubra

using System;
using System.Reflection;
using System.Runtime.InteropServices;

namespace test
{
    class Win32
    {
        [DllImport("kernel32")]
        public static extern IntPtr GetProcAddress(IntPtr hModule, string procName);

natesubra

using System;
using System.Reflection;
using System.Runtime.InteropServices;
using System.Linq;

namespace NautilusProject
{
    internal class CombinedExec
    {
        public static IntPtr AllocMemory(int length)

natesubra

Whenever you research a certain vulnerability ask yourself these questions and please answer them for us

Logging

Does the exploited service write a log?
(check ls -lrt /var/log or lsof +D /var/log/ or lsof | grep servicename)

Does a system service write a log?
(e.g. check with tail -f /var/log/messages)

natesubra

PS> time { ping -n 1 google.com } -Samples 10 -Silent
..........
Avg: 62.1674ms
Min: 56.9945ms
Max: 87.9602ms

PS> time { ping -n 1 google.com } -Samples 10 -Silent -Long
..........
Avg: 00:00:00.0612480
Min: 00:00:00.0572167

natesubra

function Show-ObjectGraph {
    [Alias('sog')]
    <#
.Synopsis
   Displays structure of an object/collection in a WPF TreeView.
.DESCRIPTION
   Recursively builds out an object graph which is then set to 
   the DataContext of a WPF TreeView. This will display all type and
   member info for the object or collection elements. This is a blocking
   operation.

natesubra

require 'math'
math.randomseed(os.time())

dns_providers = {
  { -- Quad9
    {'9.9.9.9', hostname='dns.quad9.net', ca_file='/usr/local/etc/kresd/DigiCertECCSecureServerCA.pem'},
    {'149.112.112.112', hostname='dns.quad9.net', ca_file='/usr/local/etc/kresd/DigiCertECCSecureServerCA.pem'}
  },
  { -- Cloudflare
    {'1.1.1.1', hostname='cloudflare-dns.com', ca_file='/usr/local/etc/kresd/DigiCertECCSecureServerCA.pem'},

natesubra

#Wireless Penetration Testing Cheat Sheet

##WIRELESS ANTENNA

• Open the Monitor Mode

root@uceka:~# ifconfig wlan0mon down
root@uceka:~# iwconfig wlan0mon mode monitor
root@uceka:~# ifconfig wlan0mon up

natesubra

# file: merger.py
# based off: http://cmikavac.net/2011/07/09/merging-multiple-nessus-scans-python-script/
# by: mastahyeti

import xml.etree.ElementTree as etree
import shutil
import os

first = 1
for fileName in os.listdir("."):

natesubra

# These keyword values can be obtained with: logman query providers Microsoft-Windows-Kernel-Registry
[Flags()]
enum RegistryOptions {
    CloseKey              = 0x00000001
    QuerySecurityKey      = 0x00000002
    SetSecurityKey        = 0x00000004
    EnumerateValueKey     = 0x00000010
    QueryMultipleValueKey = 0x00000020
    SetInformationKey     = 0x00000040
    FlushKey              = 0x00000080

natesubra

# Powershell script to bypass UAC on Vista+ assuming
# there exists one elevated process on the same desktop.
# Technical details in:
# https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-1.html
# https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-2.html
# https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-3.html
# You need to Install-Module NtObjectManager for this to run.

Import-Module NtObjectManager