Daniel dadevel
ThePirateWhoSmellsOfSunflowers
/ netdumper.py
Created
March 4, 2025 11:14
This script perform a netsync attack. No SMB involved
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from impacket.dcerpc.v5 import epm, rpcrt, transport, nrpc, samr | |
| from impacket.uuid import bin_to_uuidtup | |
| from impacket.crypto import SamDecryptNTLMHash | |
| from binascii import unhexlify, hexlify | |
| from random import randbytes | |
| import sys | |
| import argparse | |
| # This script perform a netsync attack. No SMB involved | |
| # My first idea was to only use netlogon SSP, however SAMR seems not compatible |
Informatic
/ domain.xml
Last active
April 13, 2025 00:32
How to use Windows 10 OEM license in libvirt VM (<smbios mode='host' /> does not work as Windows seems to verify UUID; apparmor/security configuration changes may be needed)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <domain type='kvm' xmlns:qemu='http://libvirt.org/schemas/domain/qemu/1.0'> | |
| <!-- ... --> | |
| <qemu:commandline> | |
| <qemu:arg value='-acpitable'/> | |
| <qemu:arg value='file=/some/path/slic.bin'/> | |
| <qemu:arg value='-acpitable'/> | |
| <qemu:arg value='file=/some/path/msdm.bin'/> | |
| <qemu:arg value='-smbios'/> | |
| <qemu:arg value='file=/some/path/smbios_type_0.bin'/> | |
| <qemu:arg value='-smbios'/> |