raystyle

function Invoke-GhostTask {
    param (
    [string]$TaskName,
    [switch]$ShowTasks,
    [string]$Id,
    [string]$TargetTask,
    [string]$TargetBinary,
    [string]$Date,
    [string]$Help
    )

raystyle

#!/usr/bin/env python2
# NOTE: this script was created for educational purposes to assist learning about kerberos tickets.  
#   Likely to have a few bugs that cause it to fail to decrypt some TGT or Service tickets.
#
# Recommended Instructions:
#   Obtain valid kerberos tickets using Rubeus or mimikatz "sekurlsa::tickets /export"
#   Optionally convert tickets to ccache format using kekeo "misc::convert ccache <ticketName.kirbi>"
#   Obtain appropriate aes256 key using dcsync (krbtgt for TGT or usually target computer account for Service Ticket)
#   Run this script to decrypt:
#     ./decryptKerbTicket.py -k 5c7ee0b8f0ffeedbeefdeadbeeff1eefc7d313620feedbeefdeadbeefafd601e -t ./Administrator@TESTLAB.LOCAL_krbtgt~TESTLAB.LOCAL@TESTLAB.LOCAL.ccaches 

raystyle

# Source:
# https://www.cloudflare.com/ips
# https://support.cloudflare.com/hc/en-us/articles/200169166-How-do-I-whitelist-CloudFlare-s-IP-addresses-in-iptables-

for i in `curl https://www.cloudflare.com/ips-v4`; do iptables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done
for i in `curl https://www.cloudflare.com/ips-v6`; do ip6tables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done

# Avoid racking up billing/attacks
# WARNING: If you get attacked and CloudFlare drops you, your site(s) will be unreachable. 
iptables -A INPUT -p tcp -m multiport --dports http,https -j DROP

raystyle

#Requires -Module PSDetour

[CmdletBinding()]
param (
    [Parameter(Mandatory)]
    [string]
    $LogPath
)

$LogPath = $ExecutionContext.SessionState.Path.GetUnresolvedProviderPathFromPSPath($LogPath)

raystyle

import base64
import re
import xml.dom.minidom
import json
import uuid
import struct
import string
import random
import hashlib
import time

raystyle

#! /usr/bin/env python3

'''
    Needs Requests (pip3 install requests)

    Author: Marcello Salvati, Twitter: @byt3bl33d3r
    License: DWTFUWANTWTL (Do What Ever the Fuck You Want With This License)

    
    This should allow you to detect if something is potentially exploitable to the log4j 0day dropped on December 9th 2021.

raystyle

jupyter/notebook#1311 https://github.com/openfisca/jupyter/blob/master/config/nginx_configuration/jupyterhub.nginx.conf https://programming.vip/docs/running-jupyter-jupyterhub-jupyterlab-as-a-system-service.html https://janakiev.com/blog/jupyter-systemd/

jupyter lab --generate-config
Writing default config to: /root/.jupyter/jupyter_lab_config.py

c.ServerApp.allow_remote_access = True

raystyle

Description

This is a simple guide to perform javascript recon in the bugbounty

Steps

• The first step is to collect possibly several javascript files (more files = more paths,parameters -> more vulns)

raystyle

using System;
using System.Collections.Generic;
using System.Configuration;
using System.Diagnostics;
using System.IO;
using System.IO.Compression;
using System.IO.Pipes;
using System.Linq;
using System.Management;
using System.Net;

raystyle

import hashlib
import struct
import sqlite3

def md5hash(buf):
    return hashlib.md5(buf.encode("utf-16")[2:]).digest()

def md5cmp(buf, postfix, a1, a2, a3, a4):
    if len(buf) < postfix:
        return False