Skip to content

Instantly share code, notes, and snippets.

View CowlingBanana's full-sized avatar
🎯
Focusing

CowlingBanana

🎯
Focusing
14 followers · 16 following
  • ::1
View GitHub Profile
@CowlingBanana
CowlingBanana / CSM_pocs.md
Created November 17, 2020 01:07 — forked from Frycos/CSM_pocs.md

TLDR

Cisco Security Manager is an enterprise-class security management application that provides insight into and control of Cisco security and network devices. Cisco Security Manager offers comprehensive security management (configuration and event management) across a wide range of Cisco security appliances, including Cisco ASA Adaptive Security Appliances, Cisco IPS Series Sensor Appliances, Cisco Integrated Services Routers (ISRs), Cisco Firewall Services Modules (FWSMs), Cisco Catalyst, Cisco Switches and many more. Cisco Security Manager allows you to manage networks of all sizes efficiently-from small networks to large networks consisting of hundreds of devices.

Several pre-auth vulnerabilities were submitted to Cisco on 2020-07-13 and (according to Cisco) patched in version 4.22 on 2020-11-10. Release notes didn't state anything about the vulnerabilities, security advisories were not published. All payload are processed in the context of NT AUTHORITY\SYSTEM.

@CowlingBanana
CowlingBanana / latest-go.sh
Last active November 7, 2020 02:57 — forked from hackingguy/latest-go.sh
#!/bin/bash
# shellcheck disable=SC2016
set -e
VERSION="1.15"
[ -z "$GOROOT" ] && GOROOT="$HOME/.go"
[ -z "$GOPATH" ] && GOPATH="$HOME/go"
OS="$(uname -s)"
@CowlingBanana
CowlingBanana / unc1878_indicators.txt
Created October 29, 2020 00:32 — forked from aaronst/unc1878_indicators.txt
UNC1878 Indicators
# C2 FQDNs
first seen fqdn
2019-12-11 23:37:10 updatemanagir.us
2019-12-20 17:51:05 cmdupdatewin.com
2019-12-26 18:03:27 scrservallinst.info
2020-01-10 00:33:57 winsystemupdate.com
2020-01-11 23:16:41 jomamba.best
2020-01-13 05:13:43 updatewinlsass.com
2020-01-16 11:38:53 winsysteminfo.com
2020-01-20 05:58:17 livecheckpointsrs.com
@CowlingBanana
CowlingBanana / .tmux.conf
Created October 21, 2020 02:29
tmux configuration file
#Reload Tmux config
bind r source-file ~/.tmux.conf \; display "Reloaded!"
#Prefi rebinf to Ctrl-X from Ctrl-b
unbind C-b
set -g prefix C-x
# Enable mouse control (clickable windows, panes, resizable panes)
# Mouse resizing
@CowlingBanana
CowlingBanana / scanio.sh
Created October 2, 2020 05:34 — forked from haccer/scanio.sh
PoC script to mass-locate vulnerable subdomains using results from Rapid7's Project Sonar
#!/bin/bash
# Usage : ./scanio.sh <save file>
# Example: ./scanio.sh cname_list.txt
# Premium
function ech() {
spinner=( "|" "/" "-" "\\" )
while true; do
for i in ${spinner[@]}; do
echo -ne "\r[$i] $1"
@CowlingBanana
CowlingBanana / Amass Config
Created September 24, 2020 00:52 — forked from PatrikFehrenbach/Amass Config
# Copyright 2017-2020 Jeff Foley. All rights reserved.
# Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
# Should results only be collected passively and without DNS resolution? Not recommended.
#mode = passive
mode = active
# The directory that stores the Cayley graph database and other output files
# The default for Linux systems is: $HOME/.config/amass
#output_directory = amass
@CowlingBanana
CowlingBanana / ip_rotate.py
Created September 5, 2020 02:36 — forked from l0n3sh4rk/ip_rotate.py
OpenVPN IP Rotation
#!/usr/bin/python
# 1. Install openvpn
# 2. Download and extract all vpn config files (.ovpn files, .key and .crt) inside the /etc/openvpn/ folder
# 3. Create a new .pia file inside the /root/ directory that stores the username and password for the vpn
# 4. Run this script in crontab under root user. (Ie, use sudo crontab -e)
import os
import random
openvpn_config_dir = '/etc/openvpn/'
@CowlingBanana
CowlingBanana / Dutch-Government-Domains
Created September 3, 2020 05:51
The Dutch Government web register (https://www.ncsc.nl/english/security, https://www.communicatierijk.nl/vakkennis/r/rijkswebsites/verplichte-richtlijnen/websiteregister-rijksoverheid)
knmi.nl
rijksoverheid.nl
overheid.nl
duo.nl
politie.nl
koninklijkhuis.nl
defensie.nl
kadaster.nl
werkenbijdefensie.nl
cbs.nl
@CowlingBanana
CowlingBanana / all.txt
Created August 29, 2020 02:16 — forked from jhaddix/all.txt
all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/
This file has been truncated, but you can view the full file.
.
..
........
@
*
*.*
*.*.*
🐎