Ben Campbell Meatballs1
Meatballs1
/ PELoader.cs
Last active
October 3, 2022 17:48
Reflective PE Injection Mimikatz - Via InstallUtil.exe
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.Text; | |
| using System.Collections.Generic; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
| /* |
Meatballs1
/ drop_binary.bat
Last active
August 29, 2015 14:26
— forked from mattifestation/drop_binary.bat
Drop binary data from the command line w/o needing PowerShell
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| echo -----BEGIN CERTIFICATE----- > encoded.txt | |
| echo Just Base64 encode your binary data | |
| echo TVoAAA== >> encoded.txt | |
| echo -----END CERTIFICATE----- >> encoded.txt | |
| certutil -decode encoded.txt decoded.bin |
Meatballs1
/ InstallUtil-PowerShell.cs
Last active
October 13, 2023 14:47
InstallUtil.exe PowerShell
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Diagnostics; | |
| using System.Reflection; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
| //Add For PowerShell Invocation | |
| using System.Collections.ObjectModel; | |
| using System.Management.Automation; | |
| using System.Management.Automation.Runspaces; |
Meatballs1
/ pshell.cs
Last active
September 11, 2018 15:00
Invoke Interactive PowerShell and Run Local Scripts Inside InstallUtil
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.Diagnostics; | |
| using System.Reflection; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
| //Add For PowerShell Invocation | |
| using System.Collections.ObjectModel; | |
| using System.Management.Automation; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Diagnostics; | |
| using System.Reflection; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
| /* | |
| Author: Casey Smith, Twitter: @subTee | |
| License: BSD 3-Clause | |
| Step One: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Here are the additional steps I had to put in place on a Kali linux VM | |
| to integrate BeEF and pishing-frenzy using mod_proxy as a reverse | |
| proxy. I'm certain this could be done more elegantly but this worked | |
| for my immediate needs. I'll also mention the evasion techniques | |
| within BeEF work amazing well. | |
| Install mod_proxy | |
| apt-get install -y libapache2-mod-proxy-html libxml2-dev | |
| enable mod_proxy |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Keybase proof | |
| I hereby claim: | |
| * I am meatballs1 on github. | |
| * I am meatballs (https://keybase.io/meatballs) on keybase. | |
| * I have a public key whose fingerprint is 3F50 A6C9 42C9 0046 D070 AC76 5380 EAF0 1F2F 8B38 | |
| To claim this, I am signing this object: |
Meatballs1
/ gist:e1ca08e5e56f6243db0e
Created
August 26, 2014 09:48
— forked from JosephPecoraro/shell-execution.rb
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Ways to execute a shell script in Ruby | |
| # Example Script - Joseph Pecoraro | |
| cmd = "echo 'hi'" # Sample string that can be used | |
| # 1. Kernel#` - commonly called backticks - `cmd` | |
| # This is like many other languages, including bash, PHP, and Perl | |
| # Returns the result of the shell command | |
| # Docs: http://ruby-doc.org/core/classes/Kernel.html#M001111 |
Meatballs1
/ gist:63b587212fb66c077039
Last active
November 22, 2015 12:22
Wired to Wireless Synology DS213air bridging
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # cat /usr/syno/etc.defaults/rc.d/S01iptables_nat.sh | |
| # Script to enable port forwarding and IP Masquerading, to share | |
| # the wireless connection to the ethernet port of ds213air | |
| # e.g. computer -> eth0 -> diskstation -> wlan0 -> router -> interwebs | |
| # Enable port forwarding, in case not enabled by default | |
| echo 1 > /proc/sys/net/ipv4/ip_forward | |
| # Load the required modules | |
| /usr/syno/etc.defaults/rc.d/S01iptables.sh load_nat_mod forwarding_test |
Meatballs1
/ armor_gpg
Created
September 27, 2013 17:43
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -----BEGIN PGP PUBLIC KEY BLOCK----- | |
| Version: GnuPG v1.4.12 (GNU/Linux) | |
| mQINBFJFrzwBEADOUjrwsvh+2i+Wd1oGmizodnYLMLqnPbzqJDAzlfobkGBV3Sq0 | |
| T1NyTdA0IdQ2/rxXJ0GemUqbWlZXzFlMimPycFrqjXvh/nkp3SLHl2eAsgs8raSb | |
| PYCdOaEyo+jFV09vpmPnZu7gCQGFENiRXH9UcaiwIZULKePrxfnf5ZR/Ib1brNAg | |
| NtIMURZmylvB3JaZsImC6+ZRYRtIyd6vFSbbj1EueqPsG+zuQ3CAGOL/tKAxIn8M | |
| snjVOP3UqED9Zz5RLcGzto7de/5LF/7SHxIhuxqr03xeOoH+NUnlqpe346Sqrx+f | |
| tJljlAmeKj49oTGVYm3SwfEF1D+G5t+YoVB+edLS5gRb1rSsJmz/azDQHT75IFkD | |
| Mz8jVJKTkJL9ZiekfVWo6LZm2sJ5LKKb31D8xqUF6O+8gj+QNKAnB+ExGeXmA65y |
NewerOlder