Skip to content

Instantly share code, notes, and snippets.

View Mriew's full-sized avatar

Mriew

0 followers · 1 following
View GitHub Profile
@Mriew
Mriew / kerberos_attacks_cheatsheet.md
Created August 10, 2024 03:28 — forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@Mriew
Mriew / namemash.py
Created August 5, 2024 06:20 — forked from superkojiman/namemash.py
Creating a user name list for brute force attacks.
#!/usr/bin/env python3
'''
NameMash by superkojiman
Generate a list of possible usernames from a person's first and last name.
https://blog.techorganic.com/2011/07/17/creating-a-user-name-list-for-brute-force-attacks/
'''
@farid007
farid007 / Rconfig File Upload RCE Exploit
Last active April 16, 2025 09:43
Rconfig 3.9.4 File Upload RCE
Remote Code Execution via File Upload (CVE-2020-12255)
The rConfig 3.9.4 is vulnerable to remote code execution due to improper checks/validation via the file upload functionality.
The vendor.crud.php accepts the file upload by checking through content-type and it is not restricting upload by checking the file extension and header.
Due to this flaw, An attacker can exploit this vulnerability by uploading a PHP file that contains arbitrary code (shell) and changing the content-type to `image/gif` in the vendor.crud.php.
since the validation checks are happening through content-type the server would accept the PHP file uploaded ultimately resulting code execution upon the response when invoked.
Steps To Reproduce-:
@holly
holly / nc-tcp-forward.sh
Created October 17, 2015 02:32
easy tcp port forwarding by netcat
#!/usr/bin/env bash
set -e
if [ $# != 3 ]; then
echo 'Usage: nc-tcp-forward.sh $FRONTPORT $BACKHOST $BACKPORT' >&2
exit 1
fi