From 08f4886285e5a000d2f9a418faaf7201246408b5 Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Sun, 1 Dec 2019 17:58:35 -0500 Subject: [PATCH 1/8] Create Dockerfile_example --- SCOR/Dockerfile_example | 128 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 128 insertions(+) create mode 100644 SCOR/Dockerfile_example diff --git a/SCOR/Dockerfile_example b/SCOR/Dockerfile_example new file mode 100644 index 0000000..11ef89c --- /dev/null +++ b/SCOR/Dockerfile_example @@ -0,0 +1,128 @@ +FROM alpine:3.10 + +# ensure local python is preferred over distribution python +ENV PATH /usr/local/bin:$PATH + +# http://bugs.python.org/issue19846 +# > At the moment, setting "LANG=C" on a Linux system *fundamentally breaks Python 3*, and that's not OK. +ENV LANG C.UTF-8 + +# install ca-certificates so that HTTPS works consistently +# other runtime dependencies for Python are installed later +RUN apk add --no-cache ca-certificates + +ENV GPG_KEY E3FF2839C048B25C084DEBE9B26995E310250568 +ENV PYTHON_VERSION 3.8.0 + +RUN set -ex \ + && apk add --no-cache --virtual .fetch-deps \ + gnupg \ + tar \ + xz \ + \ + && wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz" \ + && wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc" \ + && export GNUPGHOME="$(mktemp -d)" \ + && gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$GPG_KEY" \ + && gpg --batch --verify python.tar.xz.asc python.tar.xz \ + && { command -v gpgconf > /dev/null && gpgconf --kill all || :; } \ + && rm -rf "$GNUPGHOME" python.tar.xz.asc \ + && mkdir -p /usr/src/python \ + && tar -xJC /usr/src/python --strip-components=1 -f python.tar.xz \ + && rm python.tar.xz \ + \ + && apk add --no-cache --virtual .build-deps \ + bzip2-dev \ + coreutils \ + dpkg-dev dpkg \ + expat-dev \ + findutils \ + gcc \ + gdbm-dev \ + libc-dev \ + libffi-dev \ + libnsl-dev \ + libtirpc-dev \ + linux-headers \ + make \ + ncurses-dev \ + openssl-dev \ + pax-utils \ + readline-dev \ + sqlite-dev \ + tcl-dev \ + tk \ + tk-dev \ + util-linux-dev \ + xz-dev \ + zlib-dev \ +# add build deps before removing fetch deps in case there's overlap + && apk del .fetch-deps \ + \ + && cd /usr/src/python \ + && gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \ + && ./configure \ + --build="$gnuArch" \ + --enable-loadable-sqlite-extensions \ + --enable-optimizations \ + --enable-shared \ + --with-system-expat \ + --with-system-ffi \ + --without-ensurepip \ + && make -j "$(nproc)" \ +# set thread stack size to 1MB so we don't segfault before we hit sys.getrecursionlimit() +# https://github.com/alpinelinux/aports/commit/2026e1259422d4e0cf92391ca2d3844356c649d0 + EXTRA_CFLAGS="-DTHREAD_STACK_SIZE=0x100000" \ + && make install \ + \ + && find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec scanelf --needed --nobanner --format '%n#p' '{}' ';' \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + | xargs -rt apk add --no-cache --virtual .python-rundeps \ + && apk del .build-deps \ + \ + && find /usr/local -depth \ + \( \ + \( -type d -a \( -name test -o -name tests -o -name idle_test \) \) \ + -o \ + \( -type f -a \( -name '*.pyc' -o -name '*.pyo' \) \) \ + \) -exec rm -rf '{}' + \ + && rm -rf /usr/src/python \ + \ + && python3 --version + +# make some useful symlinks that are expected to exist +RUN cd /usr/local/bin \ + && ln -s idle3 idle \ + && ln -s pydoc3 pydoc \ + && ln -s python3 python \ + && ln -s python3-config python-config + +# if this is called "PIP_VERSION", pip explodes with "ValueError: invalid truth value ''" +ENV PYTHON_PIP_VERSION 19.3.1 +# https://github.com/pypa/get-pip +ENV PYTHON_GET_PIP_URL https://github.com/pypa/get-pip/raw/ffe826207a010164265d9cc807978e3604d18ca0/get-pip.py +ENV PYTHON_GET_PIP_SHA256 b86f36cc4345ae87bfd4f10ef6b2dbfa7a872fbff70608a1e43944d283fd0eee + +RUN set -ex; \ + \ + wget -O get-pip.py "$PYTHON_GET_PIP_URL"; \ + echo "$PYTHON_GET_PIP_SHA256 *get-pip.py" | sha256sum -c -; \ + \ + python get-pip.py \ + --disable-pip-version-check \ + --no-cache-dir \ + "pip==$PYTHON_PIP_VERSION" \ + ; \ + pip --version; \ + \ + find /usr/local -depth \ + \( \ + \( -type d -a \( -name test -o -name tests -o -name idle_test \) \) \ + -o \ + \( -type f -a \( -name '*.pyc' -o -name '*.pyo' \) \) \ + \) -exec rm -rf '{}' +; \ + rm -f get-pip.py + +CMD ["python3"] From 2cb612baabb8437500c07058ccfb35f13fd32717 Mon Sep 17 00:00:00 2001 From: Jesus Martin Moraleda <45268817+jesusmoraleda@users.noreply.github.com> Date: Fri, 13 Dec 2019 12:34:32 +0100 Subject: [PATCH 2/8] Create LICENSE --- LICENSE | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 LICENSE diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..10c418c --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2019 The-Art-of-Hacking + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. From 783112548891c1843c9b474b3d58a0ef5c949559 Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Mon, 16 Dec 2019 09:51:40 -0500 Subject: [PATCH 3/8] Update LICENSE --- LICENSE | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/LICENSE b/LICENSE index 10c418c..2266a82 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2019 The-Art-of-Hacking +Copyright (c) 2019 Omar Santos Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal From e6c2415572edd44f88d1a0fa54a7ca28b50208ea Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Thu, 26 Dec 2019 21:06:50 -0500 Subject: [PATCH 4/8] Create powershell_commands.md --- post_exploitation/powershell_commands.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 post_exploitation/powershell_commands.md diff --git a/post_exploitation/powershell_commands.md b/post_exploitation/powershell_commands.md new file mode 100644 index 0000000..5e0d563 --- /dev/null +++ b/post_exploitation/powershell_commands.md @@ -0,0 +1,17 @@ +| PowerShell Command | Description | +|----------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------| +| Get-ChildItem | Lists directories | +| Copy-Item sourceFile.doc destinationFile.doc | Copies a file (cp, copy, cpi) | +| Move-Item sourceFile.doc destinationFile.doc | Moves a file (mv, move, mi) | +| Select-String –path c:\users\*.txt –pattern password | Finds text within a file | +| Get-Content omar_s_passwords.txt | Prints the contents of a file | +| Get-Location | Gets the present directory | +| Get-Process | Gets a process listing | +| Get-Service | Gets a service listing | +| Get-Process | Export-Csvprocs.csv | Exports output to a comma-separated values (CSV) file | +| 1..255 | % {echo "10.1.2.$_"; ping -n 1 -w 100 10.1.2.$_ | SelectString ttl} | Launches a ping sweep to the 10.1.2.0/24 network | +| 1..1024 | % {echo ((new-object Net.Sockets.TcpClient).Connect("10.1.2.3",$_))"Port $_ is open!"} 2>$null | Launches a port scan to the 10.1.2.3 host (scans for ports 1 through 1024) | +| Get-HotFix | Obtains a list of all installed hotfixes | +| cd HKLM: \ls | Navigates the Windows registry | +| Get-NetFirewallRule –all New-NetFirewallRule -Action Allow -DisplayName LetMeIn-RemoteAddress 10.6.6.6 | Lists and modifies the Windows firewall rules | +| Get-Command | Gets a list of all available commands | From f7fd42b92f89f6f15e1a8f7e5b2a454bc5e875f3 Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Thu, 26 Dec 2019 21:09:50 -0500 Subject: [PATCH 5/8] Update powershell_commands.md --- post_exploitation/powershell_commands.md | 31 ++++++++++++------------ 1 file changed, 16 insertions(+), 15 deletions(-) diff --git a/post_exploitation/powershell_commands.md b/post_exploitation/powershell_commands.md index 5e0d563..4c2422e 100644 --- a/post_exploitation/powershell_commands.md +++ b/post_exploitation/powershell_commands.md @@ -1,17 +1,18 @@ | PowerShell Command | Description | |----------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------| -| Get-ChildItem | Lists directories | -| Copy-Item sourceFile.doc destinationFile.doc | Copies a file (cp, copy, cpi) | -| Move-Item sourceFile.doc destinationFile.doc | Moves a file (mv, move, mi) | -| Select-String –path c:\users\*.txt –pattern password | Finds text within a file | -| Get-Content omar_s_passwords.txt | Prints the contents of a file | -| Get-Location | Gets the present directory | -| Get-Process | Gets a process listing | -| Get-Service | Gets a service listing | -| Get-Process | Export-Csvprocs.csv | Exports output to a comma-separated values (CSV) file | -| 1..255 | % {echo "10.1.2.$_"; ping -n 1 -w 100 10.1.2.$_ | SelectString ttl} | Launches a ping sweep to the 10.1.2.0/24 network | -| 1..1024 | % {echo ((new-object Net.Sockets.TcpClient).Connect("10.1.2.3",$_))"Port $_ is open!"} 2>$null | Launches a port scan to the 10.1.2.3 host (scans for ports 1 through 1024) | -| Get-HotFix | Obtains a list of all installed hotfixes | -| cd HKLM: \ls | Navigates the Windows registry | -| Get-NetFirewallRule –all New-NetFirewallRule -Action Allow -DisplayName LetMeIn-RemoteAddress 10.6.6.6 | Lists and modifies the Windows firewall rules | -| Get-Command | Gets a list of all available commands | +| `Get-ChildItem` | Lists directories | +| `Copy-Item sourceFile.doc destinationFile.doc` | Copies a file (cp, copy, cpi) | +| `Move-Item sourceFile.doc destinationFile.doc` | Moves a file (mv, move, mi) | +| `Select-String –path c:\users\*.txt –pattern password` | Finds text within a file | +| `Get-Content omar_s_passwords.txt` | Prints the contents of a file | +| `Get-Location` | Gets the present directory | +| `Get-Process` | Gets a process listing | +| `Get-Service` | Gets a service listing | +| `Get-Process | Export-Csvprocs.csv` | Exports output to a comma-separated values (CSV) file | +| `1..255 | % {echo "10.1.2.$_"; ping -n 1 -w 100 10.1.2.$_ | SelectString ttl}` | Launches a ping sweep to the 10.1.2.0/24 network | +| `1..1024 | % {echo ((new-object Net.Sockets.TcpClient).Connect("10.1.2.3",$_))"Port $_ is open!"} 2>$null` | Launches a port scan to the 10.1.2.3 host (scans for ports 1 through 1024) | +| `Get-HotFix` | Obtains a list of all installed hotfixes | +| ```cd HKLM: +\ls``` | Navigates the Windows registry | +| ```Get-NetFirewallRule –all ``` ```New-NetFirewallRule -Action Allow -DisplayName LetMeIn-RemoteAddress 10.6.6.6 | Lists and modifies the Windows firewall rules``` | +| `Get-Command` | Gets a list of all available commands | From b87afb96a3922b130f4643e89d50d717930f6301 Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Thu, 26 Dec 2019 21:10:27 -0500 Subject: [PATCH 6/8] Update powershell_commands.md --- post_exploitation/powershell_commands.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/post_exploitation/powershell_commands.md b/post_exploitation/powershell_commands.md index 4c2422e..19ec69d 100644 --- a/post_exploitation/powershell_commands.md +++ b/post_exploitation/powershell_commands.md @@ -8,9 +8,9 @@ | `Get-Location` | Gets the present directory | | `Get-Process` | Gets a process listing | | `Get-Service` | Gets a service listing | -| `Get-Process | Export-Csvprocs.csv` | Exports output to a comma-separated values (CSV) file | -| `1..255 | % {echo "10.1.2.$_"; ping -n 1 -w 100 10.1.2.$_ | SelectString ttl}` | Launches a ping sweep to the 10.1.2.0/24 network | -| `1..1024 | % {echo ((new-object Net.Sockets.TcpClient).Connect("10.1.2.3",$_))"Port $_ is open!"} 2>$null` | Launches a port scan to the 10.1.2.3 host (scans for ports 1 through 1024) | +| `Get-Process \| Export-Csvprocs.csv` | Exports output to a comma-separated values (CSV) file | +| `1..255 \| % {echo "10.1.2.$_"; ping -n 1 -w 100 10.1.2.$_ | SelectString ttl}` | Launches a ping sweep to the 10.1.2.0/24 network | +| `1..1024 \| % {echo ((new-object Net.Sockets.TcpClient).Connect("10.1.2.3",$_))"Port $_ is open!"} 2>$null` | Launches a port scan to the 10.1.2.3 host (scans for ports 1 through 1024) | | `Get-HotFix` | Obtains a list of all installed hotfixes | | ```cd HKLM: \ls``` | Navigates the Windows registry | From c9f6dd755460abd4aa20877c278bd939b2090109 Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Thu, 26 Dec 2019 21:11:30 -0500 Subject: [PATCH 7/8] Update powershell_commands.md --- post_exploitation/powershell_commands.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/post_exploitation/powershell_commands.md b/post_exploitation/powershell_commands.md index 19ec69d..3b7a97c 100644 --- a/post_exploitation/powershell_commands.md +++ b/post_exploitation/powershell_commands.md @@ -9,10 +9,10 @@ | `Get-Process` | Gets a process listing | | `Get-Service` | Gets a service listing | | `Get-Process \| Export-Csvprocs.csv` | Exports output to a comma-separated values (CSV) file | -| `1..255 \| % {echo "10.1.2.$_"; ping -n 1 -w 100 10.1.2.$_ | SelectString ttl}` | Launches a ping sweep to the 10.1.2.0/24 network | +| `1..255 \| % {echo "10.1.2.$_"; ping -n 1 -w 100 10.1.2.$_ | SelectString ttl}` | Launches a ping sweep to the 10.1.2.0/24 network | | `1..1024 \| % {echo ((new-object Net.Sockets.TcpClient).Connect("10.1.2.3",$_))"Port $_ is open!"} 2>$null` | Launches a port scan to the 10.1.2.3 host (scans for ports 1 through 1024) | -| `Get-HotFix` | Obtains a list of all installed hotfixes | -| ```cd HKLM: -\ls``` | Navigates the Windows registry | -| ```Get-NetFirewallRule –all ``` ```New-NetFirewallRule -Action Allow -DisplayName LetMeIn-RemoteAddress 10.6.6.6 | Lists and modifies the Windows firewall rules``` | +| `Get-HotFix` | Obtains a list of all installed hotfixes | +| ```cd HKLM: ls``` | Navigates the Windows registry | +| ```Get-NetFirewallRule –all +New-NetFirewallRule -Action Allow -DisplayName LetMeIn-RemoteAddress 10.6.6.6 | Lists and modifies the Windows firewall rules``` | | `Get-Command` | Gets a list of all available commands | From 26d5cc2518e756ab5efd7616b41a91325a169ccc Mon Sep 17 00:00:00 2001 From: Omar Santos Date: Thu, 26 Dec 2019 21:14:03 -0500 Subject: [PATCH 8/8] Update powershell_commands.md --- post_exploitation/powershell_commands.md | 31 ++++++++++++------------ 1 file changed, 15 insertions(+), 16 deletions(-) diff --git a/post_exploitation/powershell_commands.md b/post_exploitation/powershell_commands.md index 3b7a97c..ea665aa 100644 --- a/post_exploitation/powershell_commands.md +++ b/post_exploitation/powershell_commands.md @@ -1,18 +1,17 @@ | PowerShell Command | Description | -|----------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------| -| `Get-ChildItem` | Lists directories | -| `Copy-Item sourceFile.doc destinationFile.doc` | Copies a file (cp, copy, cpi) | -| `Move-Item sourceFile.doc destinationFile.doc` | Moves a file (mv, move, mi) | -| `Select-String –path c:\users\*.txt –pattern password` | Finds text within a file | -| `Get-Content omar_s_passwords.txt` | Prints the contents of a file | -| `Get-Location` | Gets the present directory | -| `Get-Process` | Gets a process listing | -| `Get-Service` | Gets a service listing | -| `Get-Process \| Export-Csvprocs.csv` | Exports output to a comma-separated values (CSV) file | -| `1..255 \| % {echo "10.1.2.$_"; ping -n 1 -w 100 10.1.2.$_ | SelectString ttl}` | Launches a ping sweep to the 10.1.2.0/24 network | +|----------------------------------------------|------------------------------------| +| `Get-ChildItem` | Lists directories | +| `Copy-Item sourceFile.doc destinationFile.doc` | Copies a file (cp, copy, cpi) | +| `Move-Item sourceFile.doc destinationFile.doc` | Moves a file (mv, move, mi) | +| `Select-String –path c:\users\*.txt –pattern password` | Finds text within a file | +| `Get-Content omar_s_passwords.txt` | Prints the contents of a file | +| `Get-Location` | Gets the present directory | +| `Get-Process` | Gets a process listing | +| `Get-Service` | Gets a service listing | +| `Get-Process \| Export-Csvprocs.csv` | Exports output to a comma-separated values (CSV) file | +| `1..255 \| % {echo "10.1.2.$_"; ping -n 1 -w 100 10.1.2.$_ \| SelectString ttl}` | Launches a ping sweep to the 10.1.2.0/24 network | | `1..1024 \| % {echo ((new-object Net.Sockets.TcpClient).Connect("10.1.2.3",$_))"Port $_ is open!"} 2>$null` | Launches a port scan to the 10.1.2.3 host (scans for ports 1 through 1024) | -| `Get-HotFix` | Obtains a list of all installed hotfixes | -| ```cd HKLM: ls``` | Navigates the Windows registry | -| ```Get-NetFirewallRule –all -New-NetFirewallRule -Action Allow -DisplayName LetMeIn-RemoteAddress 10.6.6.6 | Lists and modifies the Windows firewall rules``` | -| `Get-Command` | Gets a list of all available commands | +| `Get-HotFix` | Obtains a list of all installed hotfixes | +| `cd HKLM:` and then `ls` | Navigates the Windows registry | +| `Get-NetFirewallRule –all` or `New-NetFirewallRule -Action Allow -DisplayName LetMeIn-RemoteAddress 10.6.6.6` | Lists and modifies the Windows firewall rules | +| `Get-Command` | Gets a list of all available commands |