Cahier des courses

Escalade & Rocher haute Montagne : https://www.camptocamp.org/outings?u=112318&act=mountain_climbing,rock_climbing Alpinisme : https://www.camptocamp.org/outings?u=112318&act=snow_ice_mixed   Cascade de Glace...

Windows and Unix PWN examples of binaries

Two excellent web sites with a reference on how each exe can be used Windows : https://lolbas-project.github.io/ Unix : https://gtfobins.github.io/ On Unix, there is a script based on that that would help enumerate all possible way to elevate privileges. cd /tmp...

Credential Phising check bypass

Each system, has its limits.The Palo Alto on the latest version (tested on 9.0.1), is checking only up to 21 fields for a coupe of username and password in the bloom field.Normal creds form with 20 hidden INPUT before the Username & Password field. This shows the...

SSH Redirect

The following example binds local port 8834 on remote host via ssh as localhost port 8834.ssh -R 8834:localhost:8834 username@1.2.3.4

AWS some commands

dig website.cloudnslookup website.cloud sudo pip install awscli List content of a public AWS bucketaws s3 ls s3://website.cloud –no-sign-request –region us-west-2 List content of a user authenticated AWS bucketaws configure –profile myuserprofilename...

GPP Windows Passwords

echo %logonserver% findstr /S /I cpassword \\xxDC01\sysvol\xxxdc01\policies*.xml crack cpassword with the default AES key https://github.com/PowerShellMafia/PowerSploit/blob/master/Exfiltration/Get-GPPPassword.ps1

Turn Python scripts into Windows exe file

pyinstaller -i toto.ico -w -F toto.py Medium article : https://medium.com/dreamcatcher-its-blog/making-an-stand-alone-executable-from-a-python-script-using-pyinstaller-d1df9170e263 Another one which I don’t agree, as yes, payload is undetected by execute will...