daffainfo
/
PayloadsAllTheThings
mirror of https://github.com/daffainfo/PayloadsAllTheThings.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
794 Commits
2 Branches
3 Tags
11 MiB
Commit Graph

233 Commits (6e526de7b4f361f9088fa1c17fc821ee95cb87b5)

Author SHA1 Message Date
Swissky ba30618a8b Cobalt Strike - Artifact 2020-02-14 17:10:00 +01:00
Swissky 7cd49769be WMI + Cobalt Strike 2020-02-13 22:53:45 +01:00
Sameer Bhatt (debugger) 994e557178
Added more TTY Shell using perl and python 2020-02-09 12:46:18 +05:30
Swissky aba6874517 Maps API + secretsdump enabled user/pw last set + certutil mimikatz 2020-02-06 21:41:29 +01:00
socketz 056161fd9f
Updated Java & Groovy Shells 
Added threaded shells and alternative pure Java reverse shell
 2020-02-06 15:43:58 +01:00
antonioCoco 50a376337d
Update Reverse Shell Cheatsheet.md 2020-02-05 23:29:43 +01:00
Swissky fb76fdc331 Windows Firewall + DLL hijacking + Named pipes 2020-02-01 22:12:36 +01:00
Swissky be0397fa68 BloodHound ZIP + Zero Width space tip 2020-01-19 22:46:45 +01:00
Mehtab Zafar 8dc1e3c5fe
Update TTY shell command for python 
Made the command to use python3 because mostly now the machines have python3 installed.
 2020-01-10 17:57:53 +05:30
Ayoma Wijethunga 7f34c01794 Change IP and port to a common value across commands 2020-01-09 16:20:49 +05:30
Ayoma Wijethunga 96b9adb98b Change IP and port to a common value across commands 2020-01-09 16:17:35 +05:30
Swissky 742c7ee3c2 AppLocker rules 2020-01-06 23:03:54 +01:00
Swissky 71171fa78b SSRF exploiting WSGI 2020-01-05 22:11:28 +01:00
Swissky 3a9b9529cb Mimikatz - Credential Manager & DPAPI 2020-01-05 17:27:02 +01:00
Swissky 73abdeed71 Kerberos AD GPO 2020-01-05 16:28:00 +01:00
Swissky b052f78d95 Blacklist3r and Machine Key 2020-01-02 23:33:04 +01:00
György Demarcsek 9c188139ec
Added PHP reverse shell 
This reverse shell payload for PHP works even if `exec` is disabled and/or the new socket is not on fd 3
 2020-01-02 19:27:35 +01:00
Swissky 0a6ac284c9 AdminSDHolder Abuse 2019-12-30 19:55:47 +01:00
Swissky bcb24c9866 Abusing Active Directory ACLs/ACEs 2019-12-30 14:22:10 +01:00
Swissky 4b10c5e302 AD mitigations 2019-12-26 12:09:23 +01:00
Swissky 1535c5f1b3 Kubernetes - Privileged Service Account Token 2019-12-20 11:33:25 +01:00
Swissky cf5a4b6e97 XSLT injection draft 2019-12-17 21:13:59 +01:00
Swissky 896e262531 Privilege impersonation and GraphQL SQLi 2019-12-11 16:59:14 +01:00
Swissky 6f4a28ef66 Slim RCE + CAP list 2019-12-05 23:06:53 +01:00
Swissky c60f264664 RDP backdoor + RDP session takeover 2019-11-26 23:39:14 +01:00
Swissky 06864b0ff8 Password spraying rewrite + Summary fix 2019-11-25 23:35:20 +01:00
Swissky 3abaa3e23d Linux AD - Keyring, Keytab, CCACHE 2019-11-25 23:12:06 +01:00
Swissky 00684a10cd IIS asp shell with .asa, .cer, .xamlx 2019-11-16 14:53:42 +01:00
Swissky 639dc9faec .url file in writeable share 2019-11-14 23:54:57 +01:00
Swissky 3a384c34aa Password spray + AD summary re-org 2019-11-14 23:37:51 +01:00
Swissky 7f266bfda8 mitm ipv6 + macOS kerberoasting 2019-11-14 23:26:13 +01:00
M4x 221b353030
fix invalid link 2019-11-14 16:59:52 +08:00
Swissky 43f185d289 CVE-2019-1322 UsoSvc 2019-11-11 20:31:07 +01:00
Swissky f6d5221a85 SID history break trust + Powershell history + SCF files 2019-11-07 23:21:00 +01:00
Swissky 24516ca7a1 Kubernetes attacks update + ref to securityboulevard 2019-11-05 11:05:59 +01:00
Swissky 60050219b7 Impersonating Office 365 Users on Azure AD Connect 2019-11-04 21:43:44 +01:00
Dave 775d10c256
Fix awk snippet 
A small typo in the awk one-liner prevents successful execution of the command.

```
awk: cmd. line:1: warning: remote host and port information (10.0.0.1>, 4242) invalid: Name or service not known
awk: cmd. line:1: fatal: can't open two way pipe `/inet/tcp/0/10.0.0.1>/4242' for input/output (No such file or directory)
```

This commit fixes this :)
 2019-11-03 16:07:16 +00:00
Dave 6b22d53257
Fix lua reverse shell quote issue 
The single quotes around `io.popen` prevented the one-liner to be executed.
This change should fix that :)
 2019-10-29 19:31:07 +00:00
Hi15358 34d8853728
Merge pull request #1 from Hi15358/patch-1 
Patch 1
 2019-10-29 16:30:58 +08:00
Swissky 727eb5cabd Drop the MIC 2019-10-21 23:00:27 +02:00
Swissky 11fc6e4bc5 NTLM relay + MS08-068 2019-10-20 22:09:36 +02:00
Hi15358 b54142c3a2
Update Reverse Shell Cheatsheet.md 2019-10-21 02:35:13 +08:00
Swissky ed252df92e krb5.keytab + credential use summary 2019-10-20 13:25:06 +02:00
Swissky 7159a3ded3 RODC dcsync note + Dumping AD Domain summary 2019-10-18 00:07:09 +02:00
OOP f0af3b4f4d
Update Active Directory Attack.md 2019-10-15 23:18:07 +07:00
Swissky 357658371f SSRF URL for Google Cloud 2019-10-06 20:59:58 +02:00
Mark 3fb2a9006f
Add Spyse to network discovery 
1. spyse itself 
2. python wrapper - using only a part of the available functionality of spyse, but will be updated very soon.
 2019-09-30 15:26:26 +04:00
Swissky 3221197b1e RCE vBulletin + findomain 2019-09-26 20:41:01 +02:00
Swissky 742e3204d3 SharpPersist - Windows Persistence 2019-09-13 17:38:23 +02:00
Swissky 5455c30ec7 Juicy Potato + XXE update 2019-09-08 19:44:51 +02:00
Swissky 2b1900e046 PrivEsc - sudoers + Upload PHP 2019-09-02 12:36:40 +02:00
Swissky 3ca07aeb7a Docker Privesc - Unix socket 2019-08-30 17:25:07 +02:00
Alexandre ZANNI 72c54b5c1b
add missing backtick 2019-08-29 09:49:09 +02:00
Swissky bb305d0183 Network Discovery - Masscan update 2019-08-29 01:08:26 +02:00
Swissky 6c161f26b2 JWT None alternative + MS15-051 2019-08-22 23:03:48 +02:00
David B 3fd0791c2a
Update Linux - Privilege Escalation.md 
Adding a tool that helps with privilege escalation on linux through SUDO.
 2019-08-19 00:55:30 +02:00
Swissky 8dffb59ac5 Pspy + Silver Ticket + MSSQL connect 2019-08-18 22:24:48 +02:00
Swissky 4a176615fe CORS Misconfiguration 2019-08-18 12:08:51 +02:00
Swissky b6697d8595 SSRF SVG + Windows Token getsystem 2019-08-15 18:21:06 +02:00
Swissky bd449e9cea XSS PostMessage 2019-08-03 23:22:14 +02:00
Swissky 6baa446144 Directory Traversal CVE 2018 Spring 2019-07-27 13:02:16 +02:00
Swissky 98124178db EoP - Juicy Potato 2019-07-26 15:29:34 +02:00
Swissky 657823a353 PTH Mitigation + Linux Smart Enumeration 2019-07-26 14:24:58 +02:00
Swissky f6c0f226af PXE boot attack 2019-07-25 14:08:32 +02:00
Swissky 859695e2be Update PrivExchange based on chryzsh blog post 2019-07-24 14:10:58 +02:00
Swissky a14b3af934 Active Directory - Resource Based Constrained Delegation 2019-07-22 21:45:50 +02:00
Swissky 45af613fd9 Active Directory - Unconstrained delegation 2019-07-17 23:17:35 +02:00
Swissky 13ba72f124 GraphQL + RDP Bruteforce + PostgreSQL RCE 2019-07-01 23:29:29 +02:00
Swissky 46780de750 PostgreSQL rewrite + LFI SSH 2019-06-29 19:23:34 +02:00
Swissky 144b3827ab MS14-068 + /etc/security/opasswd 2019-06-29 17:55:13 +02:00
Swissky 9be62677b6 Add root user + PHP null byte version 2019-06-24 00:21:39 +02:00
Swissky 9745e67465 HQL Injection + references update 2019-06-16 23:45:52 +02:00
Dan Borges 24a05c7098
Update Windows - Privilege Escalation.md 2019-06-11 11:51:09 -07:00
Swissky 8cec2e0ca3 Linux PrivEsc - Writable files 2019-06-10 11:09:02 +02:00
Swissky 94a60b43d6 Writable /etc/sudoers + Meterpreter autoroute 2019-06-10 11:00:54 +02:00
Swissky a85fa5af28 Local File Include : rce via mail + kadimus 2019-06-10 00:05:47 +02:00
Swissky 5d4f65720a PrivEsc - Common Exploits 2019-06-09 20:53:41 +02:00
Swissky e8cd11f88f plink + sshuttle : Network Pivoting Techniques 2019-06-09 18:13:15 +02:00
Swissky adcea1a913 Linux PrivEsc + SSH persistency 2019-06-09 16:05:44 +02:00
Swissky f5a8a6b62f Meterpreter shell 2019-06-09 14:26:14 +02:00
Swissky 93f6c03b54 GraphQL + LXD/etc/passwd PrivEsc + Win firewall 2019-06-09 13:46:40 +02:00
Swissky f88da43e1c SQL informationschema.processlist + UPNP warning + getcap -ep 2019-05-25 18:19:08 +02:00
Swissky 9c2e63818f XSS without parenthesis, semi-colon + Lontara 2019-05-15 21:55:17 +02:00
Swissky b81df17589 RFI - Windows SMB allow_url_include = "Off" 2019-05-12 22:23:55 +02:00
Swissky bab04f8587 Masscan + AD password in description + ZSH revshell bugfix + Mimikatz lsass.dmp 2019-05-12 21:34:09 +02:00
Swissky 765c615efe XSS injection Summary + MSF web delivery 2019-05-12 14:22:48 +02:00
Swissky 9dfd7835ea mitm6 + ntlmrelayx 2019-04-21 14:08:18 +02:00
Swissky 13864bde04 GoGitDumper + MySQL summary rewrite 2019-04-15 00:49:56 +02:00
Swissky b4633bbb66 sudo_inject + SSTI FreeMarker + Lin PrivEsc passwords 2019-04-14 21:01:14 +02:00
Swissky c66197903f MYSQL Truncation attack + Windows search where 2019-04-14 19:46:34 +02:00
Swissky 546ecd0e36 Linux Privesc - /etc/passwd writable 2019-04-07 23:40:36 +02:00
Alex Zeecka 4b79b865c9
--dc-ip to -dc-ip for psexec cmd 2019-04-03 10:45:45 +02:00
Swissky 187762fac5
Fix typo in reverse shell 2019-04-02 22:45:08 +02:00
Swissky 3af87ddf98 Reverse shell summary + golang 2019-04-02 22:43:44 +02:00
kisec 1eb57ad919 Reverse shell Golang 2019-04-01 12:01:45 +09:00
Swissky 289fa8c22b PrivEsc - Linux Task 2019-03-31 15:05:13 +02:00
Swissky 90b182f10f AD references - Blog Post + SSTI basic config item 2019-03-24 16:26:00 +01:00
Swissky a509909561 PostgreSQL RCE CVE-2019–9193 + ADAPE + WinPrivEsc Resources 2019-03-24 16:00:27 +01:00
Swissky 5d1b8bca79 SAML exploitation + ASREP roasting + Kerbrute 2019-03-24 13:16:23 +01:00
Swissky e9489f0768 Linux Priv Esc - minor update 2019-03-18 23:19:36 +01:00