Minoru Kobayashi mnrkbys
mnrkbys
/ linux_dump_ldsopreload.sh
Last active
October 6, 2024 10:13
A script to dump /etc/ld.so.preload file on XFS filesystem with xfs_db
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Copyright 2024 Minoru Kobayashi <[email protected]> (@unkn0wnbit) | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software |
mnrkbys
/ Get-RegKeyInfo.ps1
Created
March 8, 2024 05:34
— forked from jborean93/Get-RegKeyInfo.ps1
Gets detailed information about a registry key
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright: (c) 2021, Jordan Borean (@jborean93) <[email protected]> | |
| # MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
| Function Get-RegKeyInfo { | |
| <# | |
| .SYNOPSIS | |
| Gets details about a registry key. | |
| .DESCRIPTION | |
| Gets very low level details about a registry key. |
mnrkbys
/ Reading the LastWriteTime of a registry key using Powershell
Created
March 8, 2024 05:29
— forked from shaunhess/Reading the LastWriteTime of a registry key using Powershell
Reading the LastWriteTime of a registry key using Powershell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| At work recently I needed to pull together some information from the registry of a few thousand machines and include the last time the key had been updated. Lately I've been turning to Powershell more and more for my day to day tasks and this time was no different. However this simple task turned out to not be so easy, and it all revolved around acquiring the LastWriteTime of the registry keys. | |
| Digging through WMI and .NET proved less fruitful than I had hoped, so off to Google I went. It seemed everyone had the solution if you wanted to query the machine locally, but with thousands of hosts in my Enterprise that wasn't going to work. Plus, who doesn't enjoy a good challenge. One particular script was very useful in pointing my team in the right direction, posted by Tim Medin over at blog.securitywhole.com. So we decided to adapt and modify his script to work with remote hosts. | |
| I've only tested against a few machines at home, but I wanted to share it while I had time. I will update the post if I find issues |
mnrkbys
/ osx_extract_hash.py
Created
April 15, 2021 00:54
— forked from teddziuba/osx_extract_hash.py
Extract a Mac OSX Catalina user's password hash as a hashcat-compatible string
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| Mac OSX Catalina User Password Hash Extractor | |
| Extracts a user's password hash as a hashcat-compatible string. | |
| Mac OSX Catalina (10.15) uses a salted SHA-512 PBKDF2 for storing user passwords | |
| (hashcat type 7100), and it's saved in an annoying binary-plist-nested-inside-xml-plist | |
| format, so previously reported methods for extracting the hash don't work. |