renini

# https://twitter.com/brsn76945860/status/1171233054951501824
pip install mmh3

-----------------------------
# python 2
import mmh3
import requests
 
response = requests.get('https://cybersecurity.wtf/favicon.ico')
favicon = response.content.encode('base64')

renini

How to setup Burp Suite inside a docker container.

renini

#!/usr/bin/env python3

"""
Copyright (c) 2017 Graeme Smith

Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in
the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
of the Software, and to permit persons to whom the Software is furnished to do

renini

Looking for WaitForSingleObject call within modern msfvenom generated payload.

---

Abstract

This is a document explaining how to locate WaitForSingleObject(..., INFINITE) within msfvenom's (4.12.23-dev) generated payload and how to fix the payload's glitches. It goes through the analysis of a windows/shell_reverse_tcp payload, touching issues like stack alignment, WaitForSingleObject locating & patching. It has been written when I realised there are many topics on the Offensive-Security OSCE/CTP forums touching problem of finding this particular Windows API. Since RE is one of my stronger FU's I decided to write down my explanation of the subject.

Contents:

renini

# PS-BGInfo
# Powershell script that updates the background image with a random image from a folder and writes out system info text to it.

# Configuration:

# Font Family name
$font="Consolas"
# Font size in pixels
$size=10.0
# spacing in pixels

renini

#!/usr/bin/env python

## Decodes NTLM "Authenticate" HTTP-Header blobs.
## Reads the raw blob from stdin; prints out the contained metadata.
## Supports (auto-detects) Type 1, Type 2, and Type 3 messages.
## Based on the excellent protocol description from:
##  <http://davenport.sourceforge.net/ntlm.html>
## with additional detail subsequently added from the official protocol spec:
##  <http://msdn.microsoft.com/en-us/library/cc236621.aspx>
##

renini

Create Root CA (Done once)

Create Root Key

Attention: this is the key used to sign the certificate requests, anyone holding this can sign certificates on your behalf. So keep it in a safe place!

openssl genrsa -des3 -out rootCA.key 4096

renini

# Disable extraneous services on Server 2016 Desktop Experience
# https://blogs.technet.microsoft.com/secguide/2017/05/29/guidance-on-disabling-system-services-on-windows-server-2016-with-desktop-experience/
Configuration DisablingServicesOnServer2016wDE
{
    param(
        [String]$ComputerName = "localhost",
        [ValidateSet('ShouldBeDisabledOnly','ShouldBeDisabledAndDefaultOnly','OKToDisable','OKToDisablePrinter','OKToDisableDC')]
        [String]$Level = 'OKToDisable'
    )

renini

#Based on <http://gallery.technet.microsoft.com/scriptcenter/Get-PendingReboot-Query-bdb79542>
function Test-RebootRequired 
{
    $result = @{
        CBSRebootPending =$false
        WindowsUpdateRebootRequired = $false
        FileRenamePending = $false
        SCCMRebootPending = $false
    }