windows
scanf scanfsec
3xocyte
/ bad_sequel.py
Last active
May 26, 2025 08:39
PoC MSSQL RCE exploit using Resource-Based Constrained Delegation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # for more info: https://shenaniganslabs.io/2019/01/28/Wagging-the-Dog.html | |
| # this is a rough PoC | |
| # requirements for RCE: | |
| # - the attacker needs to either have or create an object with a service principal name | |
| # - the MSSQL server has to be running under the context of System/Network Service/a virtual account | |
| # - the MSSQL server has the WebClient service installed and running (not default on Windows Server hosts) | |
| # - NTLM has to be in use |
mgeeky
/ pickle-payload.py
Last active
July 14, 2025 16:19
Python's Pickle Remote Code Execution payload template.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # | |
| # Pickle deserialization RCE payload. | |
| # To be invoked with command to execute at it's first parameter. | |
| # Otherwise, the default one will be used. | |
| # | |
| import cPickle | |
| import sys | |
| import base64 |