This is still a new situation. There is a lot we don't know. We don't know if there are more possible exploit paths. We only know about this one path. Please update your systems regardless.
This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.
This is a guide on how to email securely.
There are many guides on how to install and use PGP to encrypt email. This is not one of them. This is a guide on secure communication using email with PGP encryption. If you are not familiar with PGP, please read another guide first. If you are comfortable using PGP to encrypt and decrypt emails, this guide will raise your security to the next level.
| # PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/ | |
| # tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c | |
| # the most up-to-date version of PowerView will always be in the dev branch of PowerSploit: | |
| # https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1 | |
| # New function naming schema: | |
| # Verbs: | |
| # Get : retrieve full raw data sets | |
| # Find : ‘find’ specific data entries in a data set |
| # PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/ | |
| # tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c | |
| # the most up-to-date version of PowerView will always be in the dev branch of PowerSploit: | |
| # https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1 | |
| # New function naming schema: | |
| # Verbs: | |
| # Get : retrieve full raw data sets | |
| # Find : ‘find’ specific data entries in a data set |
| #!/usr/bin/env python3 | |
| """ | |
| Very simple HTTP server in python for logging requests | |
| Usage:: | |
| ./server.py [<port>] | |
| """ | |
| from http.server import BaseHTTPRequestHandler, HTTPServer | |
| import logging | |
| class S(BaseHTTPRequestHandler): |
| #! /usr/bin/env python3 | |
| # tweak return code in #HERE | |
| # tweak payload in HERE2 | |
| from flask_unsign import session | |
| from sys import argv | |
| import requests |
| // What system are we connected to? | |
| systeminfo | findstr /B /C:"OS Name" /C:"OS Version" | |
| // Get the hostname and username (if available) | |
| hostname | |
| echo %username% | |
| // Get users | |
| net users | |
| net user [username] |
| diff -r -U3 sshuttle-1.0.1.orig/sshuttle/server.py sshuttle-1.0.1/sshuttle/server.py | |
| --- sshuttle-1.0.1.orig/sshuttle/server.py 2020-06-05 00:43:00.000000000 +0300 | |
| +++ sshuttle-1.0.1/sshuttle/server.py 2020-07-01 12:18:01.086964478 +0300 | |
| @@ -6,7 +6,7 @@ | |
| import sys | |
| import os | |
| import platform | |
| -from shutil import which | |
| +import shutil | |
| diff -r -U3 sshuttle-1.0.1.orig/sshuttle/ssnet.py sshuttle-1.0.1/sshuttle/ssnet.py | |
| --- sshuttle-1.0.1.orig/sshuttle/ssnet.py 2020-06-05 00:43:00.000000000 +0300 | |
| +++ sshuttle-1.0.1/sshuttle/ssnet.py 2020-07-01 12:15:35.206952388 +0300 | |
| @@ -439,7 +439,8 @@ | |
| callback(cmd, data) | |
| def flush(self): | |
| - os.set_blocking(self.wfile.fileno(), False) | |
| + if 'set_blocking' in dir(os): | |
| + os.set_blocking(self.wfile.fileno(), False) |
| # decompress_android_backup.py: takes your backup.ab and turns it in to a tar. | |
| # Inf0Junki3, February 2016. | |
| import argparse | |
| from functools import partial | |
| import shutil | |
| import zlib | |
| parser = argparse.ArgumentParser("Decompresses an unencrypted android backup file into tar format") | |
| parser.add_argument("backup_file", help="The file to decompress") | |
| parser.add_argument("dest_tar", help="The destination tar file path") |