Skip to content

Instantly share code, notes, and snippets.

View thomhastings's full-sized avatar

Thom Hastings thomhastings

View GitHub Profile
@thomhastings
thomhastings / process-permissions.bat
Created October 24, 2012 01:13
Batch Script for process permission analysis
:: process-permissions.bat
:: =======================
:: Batch Script for process permission analysis
:: by Thom Hastings ©2012 New BSD License
::
:: for reference-
:: http://travisaltman.com/windows-privilege-escalation-via-weak-service-permissions/
:: TODO: http://it-ovid.blogspot.com/2012/02/windows-privilege-escalation.html
@echo off
title %username%@%userdomain% on %logonserver%\%computername% via %comspec% ~c0nS0Le
@thomhastings
thomhastings / 0_reuse_code.js
Last active August 29, 2015 14:13
Here are some things you can do with Gists in GistBox.
// Use Gists to store code you would like to remember later on
console.log(window); // log the "window" object to the console
@thomhastings
thomhastings / wedding.py
Last active July 2, 2016 16:44 — forked from phreeza/wedding.py
A small terminal based animation I made for a friend's wedding
# This script is released 'as is' into the public domain
from math import cos,sin
import os
from time import sleep
def y(p):
return (sin(p)**3)
def x(p):
return -(13*cos(p)-5*cos(2*p)-2*cos(3*p)-cos(4*t))/16
while True:
for r in range(14):
#!/bin/bash
####################################
# Get Buuf Icon Theme script
# by Thom Hastings 2017
# BSD 3-clause License
# tested Kali 2016.2
####################################
cd /tmp
wget buuficontheme.free.fr -r -l1 --no-parent -A.tar.xz
cd /usr/share/icons

Notes on Shadow Brokers EQGRP-LiT

credit: @GossiTheDog: "If you want to setup FUZZBUNCH (the Equation exploit framework) you need Win7 VM + Python 2.6 + Pywin 2.6, then python fb.py for shell"
h/t @x0rz @DEYCrypt @hackerfantastic

HOW 2 SETUP + INSTALL FUZZBUNCH & DANDERSPRITZ

context: https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation
writeup: https://www.trustedsec.com/blog/equation-group-dump-analysis-full-rce-win7-fully-patched-cobalt-strike/
decrypted files: https://github.com/x0rz/EQGRP_Lost_in_Translation

How to pass the OSCP

  1. Recon
  2. Find vuln
  3. Exploit
  4. Document it

Recon

Unicornscans in cli, nmap in msfconsole to help store loot in database.