dust-life’s gists

hawktrace / gist:76b3ea4275a5e2191e6582bdc5a0dc8b

Last active November 1, 2025 06:44

HawkTrace CVE-2025-59287

	#!/usr/bin/env python3

	import requests
	import urllib3
	import xml.etree.ElementTree as ET
	from datetime import datetime, timezone
	import sys
	import uuid
	from xml.sax.saxutils import escape

hawktrace / gist:880b54fb9c07ddb028baaae401bd3951

Created October 18, 2025 02:44

CVE-2025-59287

	using System;
	using System.IO;
	using System.Security.Cryptography;
	using System.Runtime.Serialization.Formatters.Binary;

	namespace hawktracewsus
	{
	class Program
	{
	static void Main()

G0ldenGunSec / SCCM_HA_Cred_Decrypt.cs

Created October 15, 2025 15:51

	using System;
	using System.Collections.Generic;
	using System.Runtime.InteropServices;
	using System.Text;

	class Program
	{
	private const string MS_ENH_RSA_AES_PROV = "Microsoft Enhanced RSA and AES Cryptographic Provider";
	private const string KEY_CONTAINER = "Microsoft Systems Management Server";
	private const uint PROV_RSA_AES = 24;

ThePirateWhoSmellsOfSunflowers / lsarlookupsids3_aes.py

Created February 6, 2025 22:16

Perform a lsarlookupsids3 with a trust account, it uses netlogon as SSP (see [MS-NRPC] 3.3) (AES version)

	from impacket.dcerpc.v5 import epm, lsad, rpcrt, transport, lsat, ndr, nrpc
	from impacket.uuid import bin_to_uuidtup
	from binascii import unhexlify
	from random import randbytes
	import sys

	# Perform a lsarlookupsids3 with a trust account, it uses netlogon as SSP (see [MS-NRPC] 3.3)
	# Pure TCP RPC is used (ncacn_ip_tcp option)
	# AES is used, so you need impacket #1848 (https://github.com/fortra/impacket/pull/1848)
	# Tested with impacket 0.12.0 on GOAD

ThePirateWhoSmellsOfSunflowers / atexec_rpc.py

Last active August 15, 2025 12:15

	#!/usr/bin/env python
	# Impacket - Collection of Python classes for working with network protocols.
	#
	# Copyright Fortra, LLC and its affiliated companies
	#
	# All rights reserved.
	#
	# This software is provided under a slightly modified version
	# of the Apache Software License. See the accompanying LICENSE file
	# for more information.

jborean93 / New-ScheduledTaskSession.ps1

Last active September 4, 2025 08:50

Creates a PSSession that targets a scheduled task process

	# Copyright: (c) 2024, Jordan Borean (@jborean93) <[email protected]>
	# MIT License (see LICENSE or https://opensource.org/licenses/MIT)

	Function New-ScheduledTaskSession {
	<#
	.SYNOPSIS
	Creates a PSSession for a process running as a scheduled task.

	.DESCRIPTION
	Creates a PSSession that can be used to run code inside a scheduled task

dadevel / main.c

Created May 7, 2024 21:30

EFS Trigger

	#include <windows.h>

	int main() {
	HANDLE file = CreateFileA(".\\test.txt", GENERIC_WRITE, FILE_SHARE_WRITE, NULL, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL\|FILE_ATTRIBUTE_ENCRYPTED\|FILE_FLAG_DELETE_ON_CLOSE, NULL);
	if (!file \|\| file == INVALID_HANDLE_VALUE) {
	return GetLastError();
	}
	CloseHandle(file);
	return 0;
	}

liuran001 / config.yaml

Last active November 2, 2025 14:01

mihomo (Clash Meta) 懒人配置

	# AFF
	# 如果你想支持我，可以通过我的邀请链接购买机场
	# 感谢支持
	# 1. 倾城极速邀请码: 0jiB5uAA https://qcjs.ovh/#/register?code=0jiB5uAA
	# 2. ssLinks 邀请码: fSo2OhzH https://98a6251b6cd7471da86cca993b6dbe6f.36d.biz/#/register?code=fSo2OhzH

	# 一定要填我的邀请码，不填我哭给你看😭

	# mihomo (Clash Meta) 懒人配置
	# 版本 V1.22-250718

aconite33 / bloodhoundce_import.py

Created August 15, 2023 23:04

Import large files into BloodHound CE Edition

GeisericII / Get-LoggedOn.py

Last active May 23, 2025 03:42

Stupid simple script copied and pasted from reg.py/lookupsid and inspired from itm4n's session enum via registry

	#!/usr/bin/python3
	from __future__ import division
	from __future__ import print_function
	import re
	import codecs
	import logging
	import time
	import argparse
	import sys
	from impacket import version

Life dust-life