Ronnie Flathers ropnop

## go-sharp-loader.go
package main

/*
Example Go program with multiple .NET Binaries embedded

This requires packr (https://github.com/gobuffalo/packr) and the utility. Install with:
	$ go get -u github.com/gobuffalo/packr/packr

Place all your EXEs are in a "binaries" folder

## docker_aliases.sh
function dockershell() {
    docker run --rm -i -t --entrypoint=/bin/bash "$@"
}

function dockershellsh() {
    docker run --rm -i -t --entrypoint=/bin/sh "$@"
}

function dockershellhere() {
    dirname=${PWD##*/}

## Dockerfile
FROM python:alpine
RUN pip install wsgidav cheroot
RUN mkdir -p /webdav/share && mkdir -p /srv/data/share
COPY run.sh /webdav/
WORKDIR /webdav/
ENTRYPOINT "/webdav/run.sh"

## Dockerfile
FROM nginx:stable
RUN apt-get update && apt-get install -y openssl
RUN mkdir -p /etc/nginx/ssl && mkdir -p /srv/data

COPY default.conf /etc/nginx/conf.d/
COPY start.sh /
ENTRYPOINT [ "/start.sh" ]

## Dockerfile
FROM python:2.7-alpine
RUN apk --update --no-cache add \
    zlib-dev \
    musl-dev \
    libc-dev \
    gcc \
    libffi-dev \
    openssl-dev && \
    rm -rf /var/cache/apk/*
RUN mkdir -p /opt/impacket

## Dockerfile
ARG CENTOSIMAGE=astj/centos5-vault

FROM ${CENTOSIMAGE}
RUN yum install -y perl curl wget gcc c++ make glibc-devel glibc-devel.i386

## cors_poc_test.html
<html>
<script src="https://code.jquery.com/jquery-3.2.1.min.js"></script>
<h1>CORS Test PoC</h1>
<label for="target_url">Endpoint to test: </label><input type="url" id="target_url" size=100 placeholder="Target URL"><br/>
<input type="checkbox" id="with_creds_checkbox" value="with_creds"><label for="with_creds_checkbox">With Credentials?</label><br/>
<input type="submit" id="submit_btn" value="Make Request">
<hr>
<p>If the site is vulnerable to an overly permissive CORS policy, the response of the above request will appear in the box below</p>

<div id="test_data" style="border:1px solid darkred; color: red">

## find_moles.py
#!/usr/bin/env python2

# load the infraction json data
import json
with open('infractions.json', 'r') as fp:
    data = json.loads(fp.read())
    infractions = data['infractions']

# get all the names and generate the naughty list from the CSV
names = []

## startTerminator.vbs
args = "-c" & " -l " & """DISPLAY=:0 terminator"""
WScript.CreateObject("Shell.Application").ShellExecute "bash", args, "", "open", 0

## lookupadmins.py
#!/usr/bin/env python
#
# Title: lookupadmins.py
# Author: @ropnop
# Description: Python script using Impacket to query members of the builtin Administrators group through SAMR
# Similar in function to Get-NetLocalGroup from Powerview
# Won't work against Windows 10 Anniversary Edition unless you already have local admin
# See: http://www.securityweek.com/microsoft-experts-launch-anti-recon-tool-windows-10-server-2016
#
# Heavily based on original Impacket example scripts written by @agsolino and available here: https://github.com/CoreSecurity/impacket
	package main

	/*
	Example Go program with multiple .NET Binaries embedded

	This requires packr (https://github.com/gobuffalo/packr) and the utility. Install with:
	$ go get -u github.com/gobuffalo/packr/packr

	Place all your EXEs are in a "binaries" folder
	function dockershell() {
	docker run --rm -i -t --entrypoint=/bin/bash "$@"
	}

	function dockershellsh() {
	docker run --rm -i -t --entrypoint=/bin/sh "$@"
	}

	function dockershellhere() {
	dirname=${PWD##*/}
	FROM python:alpine
	RUN pip install wsgidav cheroot
	RUN mkdir -p /webdav/share && mkdir -p /srv/data/share
	COPY run.sh /webdav/
	WORKDIR /webdav/
	ENTRYPOINT "/webdav/run.sh"
	FROM nginx:stable
	RUN apt-get update && apt-get install -y openssl
	RUN mkdir -p /etc/nginx/ssl && mkdir -p /srv/data

	COPY default.conf /etc/nginx/conf.d/
	COPY start.sh /
	ENTRYPOINT [ "/start.sh" ]
	FROM python:2.7-alpine
	RUN apk --update --no-cache add \
	zlib-dev \
	musl-dev \
	libc-dev \
	gcc \
	libffi-dev \
	openssl-dev && \
	rm -rf /var/cache/apk/*
	RUN mkdir -p /opt/impacket
	ARG CENTOSIMAGE=astj/centos5-vault

	FROM ${CENTOSIMAGE}
	RUN yum install -y perl curl wget gcc c++ make glibc-devel glibc-devel.i386
	<html>
	<script src="https://code.jquery.com/jquery-3.2.1.min.js"></script>
	<h1>CORS Test PoC</h1>
	<label for="target_url">Endpoint to test: </label><input type="url" id="target_url" size=100 placeholder="Target URL"><br/>
	<input type="checkbox" id="with_creds_checkbox" value="with_creds"><label for="with_creds_checkbox">With Credentials?</label><br/>
	<input type="submit" id="submit_btn" value="Make Request">
	<hr>
	<p>If the site is vulnerable to an overly permissive CORS policy, the response of the above request will appear in the box below</p>

	<div id="test_data" style="border:1px solid darkred; color: red">
	#!/usr/bin/env python2

	# load the infraction json data
	import json
	with open('infractions.json', 'r') as fp:
	data = json.loads(fp.read())
	infractions = data['infractions']

	# get all the names and generate the naughty list from the CSV
	names = []
	args = "-c" & " -l " & """DISPLAY=:0 terminator"""
	WScript.CreateObject("Shell.Application").ShellExecute "bash", args, "", "open", 0
	#!/usr/bin/env python
	#
	# Title: lookupadmins.py
	# Author: @ropnop
	# Description: Python script using Impacket to query members of the builtin Administrators group through SAMR
	# Similar in function to Get-NetLocalGroup from Powerview
	# Won't work against Windows 10 Anniversary Edition unless you already have local admin
	# See: http://www.securityweek.com/microsoft-experts-launch-anti-recon-tool-windows-10-server-2016
	#
	# Heavily based on original Impacket example scripts written by @agsolino and available here: https://github.com/CoreSecurity/impacket