bandrel
/ check_hashes.py
Last active
November 5, 2024 06:12
To check for and reveal AD user accounts that share passwords using a hashdump from a Domain Controller
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| #Purpose: To check for and reveal AD user accounts that share passwords using a hashdump from a Domain Controller | |
| #Script requires a command line argument of a file containing usernames/hashes in the format of user:sid:LMHASH:NTLMHASH::: | |
| # ./check_hashes.py <hash_dump> | |
| import argparse | |
| import re | |
| parser = argparse.ArgumentParser(description="Check user hashes against each other to find users that share passwords") |
curi0usJack
/ .htaccess
Last active
September 23, 2025 22:00
FYI THIS IS NO LONGER AN .HTACCESS FILE. SEE COMMENTS BELOW. DON'T WORRY, IT'S STILL EASY.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # TO-DO: set |DESTINATIONURL| below to be whatever you want e.g. www.google.com. Do not include "http(s)://" as a prefix. All matching requests will be sent to that url. Thanks @Meatballs__! | |
| # | |
| # Note this version requires Apache 2.4+ | |
| # | |
| # Save this file into something like /etc/apache2/redirect.rules. | |
| # Then in your site's apache conf file (in /etc/apache2/sites-avaiable/), put this statement somewhere near the bottom | |
| # | |
| # Include /etc/apache2/redirect.rules | |
| # |
nullbind
/ SQL Server UNC Path Injection Cheatsheet
Last active
March 1, 2025 19:51
SQL Server UNC Path Injection Cheatsheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| This is a list of SQL Server commands that support UNC path [injections] by default. | |
| The injections can be used to capture or replay the NetNTLM password hash of the | |
| Windows account used to run the SQL Server service. The SQL Server service account | |
| has sysadmin privileges by default in all versions of SQL Server. | |
| Note: This list is most likely not complete. | |
| ----------------------------------------------------------------------- | |
| -- UNC Path Injections Executable by the Public Fixed Server Role | |
| ----------------------------------------------------------------------- |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python2 | |
| """ | |
| Use scapy to modify packets going through your machine. | |
| Based on nfqueue to block packets in the kernel and pass them to scapy for validation | |
| """ | |
| import nfqueue | |
| from scapy.all import * | |
| import os |
NewerOlder