Marcel Caspar Clevero
Clevero
/ mhn-email-alert.sh
Last active
March 14, 2019 09:12
— forked from jatrost/mhn-email-alert.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| PAST_TIMESTAMP="$(date +%s -d '5 min ago')000" | |
| mongoexport \ | |
| --csv --quiet \ | |
| --fields timestamp,source_ip,source_port,destination_ip,destination_port,honeypot \ | |
| --db mnemosyne \ | |
| --collection session \ | |
| --query "{ timestamp: {\$gt: new Date($PAST_TIMESTAMP)}}" > /tmp/mhn-report.txt |
Clevero
/ SO33205298
Last active
December 27, 2020 19:55
This is a powershell script that is downloaded via a Word Macro and executed. This was used in a proof of concept
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| param([string]$title) | |
| "Called with parameter: $title" | Write-Output | |
| New-Item new_file.txt -ItemType file | |
| echo "You have been hacked" >> .\new_file.txt | |
| echo "Please call your IT department for more information" >> .\new_file.txt |