Skip to content

Instantly share code, notes, and snippets.

View tehmoon's full-sized avatar

tehmoon

23 followers · 15 following
View GitHub Profile
@tehmoon
tehmoon / example_without_logstash.md
Last active June 29, 2019 14:10
Gist for elasticsearch and jq arcticle

First we index the numbers from 1 to 10 using json_lines and cryptocli in a temporary index.

seq 1 10 | \
bash json_lines.sh number 1 2>/dev/null | \
./cryptocli \
  -- stdin \
  -- line \
  -- elasticsearch-put \
    --index number_messages \
@tehmoon
tehmoon / init.sh
Last active June 4, 2019 02:38
Kali default configuration
#!/bin/bash
set -e
mkdir -pv /opt/local/{share,tools,bin}
mkdir -pv /opt/local/share/wordlists
PATH=/opt/local/bin:${PATH}
echo "deb http://kali.download/kali kali-rolling main contrib non-free" > /etc/apt/sources.list
@tehmoon
tehmoon / XMind.md
Last active March 20, 2019 00:45
XMind notes

How to install xmind (on kali):

  • download the zip file from their website
  • apt install openjdk-8-jdk libwebkit2gtk-4.0
  • comment the libwebkitgtk-1.0-0 from the setup.sh script
  • run setup.sh as root
  • use java 8 and execute ./XMind_64/Xmind
@tehmoon
tehmoon / iptables-reload.sh
Last active October 27, 2024 17:30
IPtables and docker reload!
#!/bin/sh
set -e
## SEE https://medium.com/@ebuschini/iptables-and-docker-95e2496f0b45
## You need to add rules in DOCKER-BLOCK AND INPUT for traffic that does not go to a container.
## You only need to add one rule if the traffic goes to the container
CWD=$(cd "$(dirname "${0}")"; pwd -P)
FILE="${CWD}/$(basename "${0}")"
@tehmoon
tehmoon / ssh-check-username.py
Last active August 18, 2018 13:57
Pentest recon helpers
#!/usr/bin/env python
# Copyright (c) 2018 Matthew Daley
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
@tehmoon
tehmoon / .torrc.client
Last active December 12, 2018 16:31
Tor
# Example for tor client to connect to onion service
HidServAuth <onion service> <auth from hostname>
DataDir ~/.tor
SocksPort 9050 # set the port of the proxy
@tehmoon
tehmoon / .tmux.conf
Last active September 6, 2018 02:12
My kali setup script
unbind [
unbind p
bind Escape copy-mode
bind p paste-buffer
bind-key -Tcopy-mode-vi 'v' send -X begin-selection
bind-key -Tcopy-mode-vi 'y' send -X copy-pipe-and-cancel "xclip -se c -i"
bind-key -Tcopy-mode-vi Escape send -X cancel
@tehmoon
tehmoon / .tmux_linux_2.4.conf
Last active July 27, 2018 01:15
dot files
unbind [
unbind p
bind Escape copy-mode
bind p paste-buffer
bind-key -Tcopy-mode-vi 'v' send -X begin-selection
bind-key -Tcopy-mode-vi 'y' send -X copy-pipe-and-cancel "xclip -se c -i"
bind-key -Tcopy-mode-vi Escape send -X cancel
set-option -s set-clipboard off
@tehmoon
tehmoon / main.go
Created May 30, 2018 01:41
PoC payload dump exec in golang
package main
/*
The goal of this PoC is to try to exec a payload built within the binary.
I kind of use the same idea as for protobuf, compile the target into executable
then copy the payload inside the program, do the reverse operation and exec it.
It works like this:
- compile your binary to the target arch
- use cryptocli dd -in <binary> -encoders gzip,byte-string -out <temp_file>
@tehmoon
tehmoon / powershell.md
Last active November 14, 2018 17:19
Windows stuff

Run as:

powershell -ExecutionPolicy bypass Start-Process  .\log-exporter.exe, -Verb, RunAs, -ArgumentList "-u `"blih`""

Escape string + get current user:

$blih = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name