Superseded by github.com/dadevel/impacket-zsh-integration.
Daniel dadevel
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <stdio.h> | |
| // compilation: x86_64-w64-mingw32-g++ -m64 -Wall -Wextra -std=c++20 -lstdc++ -static -Os -s -o ./ArcserveDecrypter.exe ./ArcserveDecrypter.cpp | |
| // usage: ./ArcserveDecrypter.exe HEXBLOB | |
| // based on https://github.com/mdsecactivebreach/CVE-2023-26258-ArcServe/blob/main/ArcServeDecrypter.c | |
| constexpr unsigned char key[] = { 0x50, 0x00, 0x6C, 0x00, 0x65, 0x00, 0x61, 0x00, 0x73, 0x00, 0x65, 0x00, 0x20, 0x00, 0x69, 0x00, 0x6E, 0x00, 0x70, 0x00, 0x75, 0x00, 0x74, 0x00, 0x20, 0x00, 0x61, 0x00, 0x20, 0x00, 0x76, 0x00, 0x61, 0x00, 0x6C, 0x00, 0x69, 0x00, 0x64, 0x00, 0x20, 0x00, 0x70, 0x00, 0x61, 0x00, 0x73, 0x00, 0x73, 0x00, 0x77, 0x00, 0x6F, 0x00, 0x72, 0x00, 0x64, 0x00 }; | |
| constexpr auto key_len = sizeof(key); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| from argparse import ArgumentParser | |
| import json | |
| import sys | |
| import requests | |
| # Retrieve an access token via the device code flow: | |
| # roadtx auth --tokenfile ~/.cache/azmail.json --resource https://outlook.office.com --client d3590ed6-52b3-4102-aeff-aad2292ab01c --tenant contoso.com --device-code |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| import requests | |
| import sys | |
| # usage: cat ./gathered-emails.txt | ./o365-user-enum.py | tee -a ./valid-emails.txt | |
| url = 'https://login.microsoftonline.com/common/GetCredentialType' | |
| user_agent = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5359.178 Safari/537.36 Edg/106.0.1266.51' | |
| with requests.session() as session: |
dadevel
/ ldeep-trust-discover.sh
Last active
January 27, 2023 22:43
AD Trust Discovery with franc-pentest/ldeep#27
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -euo pipefail | |
| # usage: ldeep-trust-discover child.corp.com -u user -p passw0rd | |
| discover() { | |
| if [[ ! -e "./trust-$1.json" ]]; then | |
| echo "discovering $1" >&2 | |
| ldeep ldap -s ldaps://"$1" "${@:2}" trusts -v > "./trust-$1.json" 2> /dev/null || \ | |
| ldeep ldap -s ldap://"$1" "${@:2}" trusts -v > "./trust-$1.json" 2> /dev/null || { |
dadevel
/ sharphound-import-fix.py
Last active
August 29, 2024 06:50
Workaround for SpecterOps/BloodHound-Legacy#614
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| from argparse import ArgumentParser, RawDescriptionHelpFormatter | |
| from zipfile import ZipFile | |
| import json | |
| import shutil | |
| # from https://github.com/fox-it/BloodHound.py/blob/273984883d9ca3dd21f6fca35ec88671cac3fc87/bloodhound/ad/trusts.py#L59 | |
| TRUST_DIRECTIONS = { | |
| 0: 'Disabled', | |
| 1: 'Inbound', |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -euo pipefail | |
| # usage: cat ./subnets.txt | mapcidr | inetdb-recon | |
| xargs -I {} -n 1 -P 16 -r -- curl -sS https://internetdb.shodan.io/{} | \ | |
| jq -r 'select(.ip!=null)|[.ip,(.hostnames|join(",")),(.ports|join(",")),(.cpes|join(",")),(.tags|join(","))]|@tsv' | \ | |
| sort -Vu | \ | |
| column -ts $'\t' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import sys | |
| import urllib.parse | |
| import tldextract | |
| # pip3 install --user tldextract | |
| def main() -> None: | |
| for line in sys.stdin: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| from argparse import ArgumentParser | |
| from typing import Any, Iterator | |
| import ipaddress | |
| import json | |
| import requests | |
| def main() -> None: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -euo pipefail | |
| # usage: cat ./subnets.txt | mapcidr | inetdb-rdns | |
| xargs -I {} -n 1 -P 16 -r -- curl -sS https://internetdb.shodan.io/{} | \ | |
| jq -r 'select(.hostnames!=null)|.hostnames[]' | \ | |
| sort -Vu |