Skip to content

Instantly share code, notes, and snippets.

Avatar

Ronnie Flathers ropnop

616 followers · 1 following
View GitHub Profile
@ropnop
ropnop / go-sharp-loader.go
Created Aug 5, 2020
Example Go file embedding multiple .NET executables
View go-sharp-loader.go
package main
/*
Example Go program with multiple .NET Binaries embedded
This requires packr (https://github.com/gobuffalo/packr) and the utility. Install with:
$ go get -u github.com/gobuffalo/packr/packr
Place all your EXEs are in a "binaries" folder
@ropnop
ropnop / docker_aliases.sh
Created Jul 18, 2019
Docker aliases
View docker_aliases.sh
function dockershell() {
docker run --rm -i -t --entrypoint=/bin/bash "$@"
}
function dockershellsh() {
docker run --rm -i -t --entrypoint=/bin/sh "$@"
}
function dockershellhere() {
dirname=${PWD##*/}
@ropnop
ropnop / Dockerfile
Created Jul 18, 2019
webdav dockerfile
View Dockerfile
FROM python:alpine
RUN pip install wsgidav cheroot
RUN mkdir -p /webdav/share && mkdir -p /srv/data/share
COPY run.sh /webdav/
WORKDIR /webdav/
ENTRYPOINT "/webdav/run.sh"
@ropnop
ropnop / Dockerfile
Created Jul 18, 2019
Nginx server Dockerfile
View Dockerfile
FROM nginx:stable
RUN apt-get update && apt-get install -y openssl
RUN mkdir -p /etc/nginx/ssl && mkdir -p /srv/data
COPY default.conf /etc/nginx/conf.d/
COPY start.sh /
ENTRYPOINT [ "/start.sh" ]
@ropnop
ropnop / Dockerfile
Created Jul 18, 2019
Impacket Dockerfile
View Dockerfile
FROM python:2.7-alpine
RUN apk --update --no-cache add \
zlib-dev \
musl-dev \
libc-dev \
gcc \
libffi-dev \
openssl-dev && \
rm -rf /var/cache/apk/*
RUN mkdir -p /opt/impacket
@ropnop
ropnop / Dockerfile
Created Jul 18, 2019
centos5 devel dockerfile
View Dockerfile
ARG CENTOSIMAGE=astj/centos5-vault
FROM ${CENTOSIMAGE}
RUN yum install -y perl curl wget gcc c++ make glibc-devel glibc-devel.i386
@ropnop
ropnop / cors_poc_test.html
Last active Nov 14, 2018
Quick tester for CORS misconfigurations
View cors_poc_test.html
<html>
<script src="https://code.jquery.com/jquery-3.2.1.min.js"></script>
<h1>CORS Test PoC</h1>
<label for="target_url">Endpoint to test: </label><input type="url" id="target_url" size=100 placeholder="Target URL"><br/>
<input type="checkbox" id="with_creds_checkbox" value="with_creds"><label for="with_creds_checkbox">With Credentials?</label><br/>
<input type="submit" id="submit_btn" value="Make Request">
<hr>
<p>If the site is vulnerable to an overly permissive CORS policy, the response of the above request will appear in the box below</p>
<div id="test_data" style="border:1px solid darkred; color: red">
@ropnop
ropnop / find_moles.py
Created Jan 9, 2018
A Python script for SANS Holiday Hack 2017
View find_moles.py
#!/usr/bin/env python2
# load the infraction json data
import json
with open('infractions.json', 'r') as fp:
data = json.loads(fp.read())
infractions = data['infractions']
# get all the names and generate the naughty list from the CSV
names = []
@ropnop
ropnop / startTerminator.vbs
Created Sep 29, 2017
VBS Script to Launch Terminator through WSL
View startTerminator.vbs
args = "-c" & " -l " & """DISPLAY=:0 terminator"""
WScript.CreateObject("Shell.Application").ShellExecute "bash", args, "", "open", 0
@ropnop
ropnop / lookupadmins.py
Last active Dec 4, 2021
Python script using Impacket to enumerate local administrators over SAMR
View lookupadmins.py
#!/usr/bin/env python
#
# Title: lookupadmins.py
# Author: @ropnop
# Description: Python script using Impacket to query members of the builtin Administrators group through SAMR
# Similar in function to Get-NetLocalGroup from Powerview
# Won't work against Windows 10 Anniversary Edition unless you already have local admin
# See: http://www.securityweek.com/microsoft-experts-launch-anti-recon-tool-windows-10-server-2016
#
# Heavily based on original Impacket example scripts written by @agsolino and available here: https://github.com/CoreSecurity/impacket