Drop into IRB:
meterpreter > irb
[*] Starting IRB shell
[*] The 'client' variable holds the meterpreter client
>>
Then paste in the following, replacing the KB identifiers at the end with the desired ones.
Spencer McIntyre zeroSteiner
zeroSteiner
/ jarvis.py
Last active
November 7, 2017 20:55
Jarvis is a module which provides easy access to convenience functions.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # -*- coding: utf-8 -*- | |
| # | |
| # jarvis.py | |
| # | |
| # Redistribution and use in source and binary forms, with or without | |
| # modification, are permitted provided that the following conditions are | |
| # met: | |
| # | |
| # * Redistributions of source code must retain the above copyright |
zeroSteiner
/ meterpreter_patch_check.md
Last active
August 29, 2015 14:01
Meterpreter Check If A Patch Is Installed
zeroSteiner
/ _msfconsole
Last active
February 22, 2023 10:09
ZSH completions for Metasploit Utilities
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #compdef msfconsole | |
| # ------------------------------------------------------------------------------ | |
| # Copyright (c) 2014 Spencer McIntyre | |
| # All rights reserved. | |
| # | |
| # Redistribution and use in source and binary forms, with or without | |
| # modification, are permitted provided that the following conditions are met: | |
| # * Redistributions of source code must retain the above copyright | |
| # notice, this list of conditions and the following disclaimer. | |
| # * Redistributions in binary form must reproduce the above copyright |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import base64 | |
| import hashlib | |
| import hmac | |
| host_id = '11111111-2222-3333-4444-555555555555' | |
| host_secret_hash = 'hmac:TI/gifEUGbMsEhiZSLY0PcTX4xyPzpvcb7b6seOhOYc=' | |
| secret_pin = '123456' | |
| if 'hmac:' + base64.b64encode(hmac.new(host_id, secret_pin, hashlib.sha256).digest()) == host_secret_hash: | |
| print('[+] secret hashes match!') |
zeroSteiner
/ safeseh_inspect.py
Created
December 16, 2014 18:20
Safe Exception Handler Analysis Tool
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # -*- coding: utf-8 -*- | |
| # | |
| # safeseh_inspect.py | |
| # | |
| # Copyright 2014 Spencer McIntyre | |
| # | |
| # Redistribution and use in source and binary forms, with or without | |
| # modification, are permitted provided that the following conditions are | |
| # met: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require "json" | |
| require "rex/ui" | |
| module Msf | |
| class Plugin::ModuleSuggestor < Msf::Plugin | |
| class ModuleSuggestorCommandDispatcher | |
| include Msf::Ui::Console::CommandDispatcher | |
| def name | |
| "Module Suggestor" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # -*- coding: utf-8 -*- | |
| # | |
| # tools/cli_mailer.py | |
| # | |
| # Redistribution and use in source and binary forms, with or without | |
| # modification, are permitted provided that the following conditions are | |
| # met: | |
| # | |
| # * Redistributions of source code must retain the above copyright |
zeroSteiner
/ x86_kernel_ret.asm
Created
February 10, 2015 16:15
x86 Kernel Return to nt!KiSystemServicePostCall
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [BITS 32] | |
| ; This shellcode is meant to be executed in the kernel just after the token has | |
| ; been stolen. It walks up the stack looking for the first frame which returns | |
| ; to userland and returns into the one just before it. This is presumably | |
| ; nt!KiSystemServicePostCall which will clean up the operation before returning | |
| ; to userland. | |
| ; This shell code clobbers ecx, ebx and sets eax to 0 for the return value. |
I hereby claim:
- I am zeroSteiner on github.
- I am zerosteiner (https://keybase.io/zerosteiner) on keybase.
- I have a public key whose fingerprint is BD67 B5AC B947 C9D7 3035 9ECD C00D 6B6A A5E1 5412
To claim this, I am signing this object:
zeroSteiner
/ meterpreter_transport.rb
Created
July 1, 2015 18:33
Metasploit meterpreter transport test module
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'msf/core' | |
| require 'rex' | |
| lib = File.join(Msf::Config.install_root, "test", "lib") | |
| $:.push(lib) unless $:.include?(lib) | |
| require 'module_test' | |
| class Metasploit4 < Msf::Post |