Tools and Exploits

Computer ToolsHere is a collection of coding samples, tools, and misc. other things that we have written over the past. All source code published on this website is considered copyrighted material and licensed under the FreeBSD licensing agreement found here: http://www.freebsd.org/copyright/freebsd-license.html. At the tail of of this page you can find the full copyright disclosure.

BypassUAC – Attack that allows you to bypass Windows UAC in Windows Vista and Windows 7 both on x86 and x64 operating systems. This issue has still not been patched to-date and can still be exploited on the most recent operating systems.

Download BypassUAC here.

EgressBuster – Simple port knocking tool that uses a client/server model for identifying open ports within a network. This is useful for finding egress points within the network.

Download EgressBuster here.

PowerShell_PoC – zip file containing a number of powershell samples including SAM database dumping, reverse shells, bind shells, all natively written in PowerShell

Download PowerShell_PoC here.

Metasploit_Modules – These are a mixture of Metasploit modules we have written in the past. Most of these have already been incorporated into the framework.

Download Metasploit_Modules here.

Encrypted_http_shell.zip – Contained source code and complied binaries of a server client reverse shell that communicates natively on HTTP channels. This shell also leverages a static AES encryption key for encrypted transport of the data.

Download Encrypted_http_shell here.

Simple_py_shell – This is a simple reverse shell written in Python.

Download Simple_py_shell here.

F5 BIG-IP Remote Root Authentication Bypass Vulnerability

F5 BIG-IP Remote Root Authentication Bypass Vulnerability Download

MySQL Remote Root Authentication Bypass

MySQL Remote Root Authentication Bypass Download

Egress Buster Reverse Shell – Brute force egress ports until one if found and execute a reverse shell

Download Egress Buster Reverse Shell

PyBuild is a tool for automating the pyinstaller method for compiling python code into an executable. This works on Windows, Linux, and OSX (pe and elf formats)

Download PyBuild

Another simple reverse shell written in Python (BSIDESLV and Defcon 20 Demo)

Download Simple Reverse Shell

SQL Brute force tool that brute forces MSSQL with wordlist. Second file adds local administrator on machine and re-enabled xp_cmdshell stored procedure

Download SQLBrute

PyInjector is a quick python script to inject shellcode straight into memory. This is often used as an AV evasion technique to circumvent security controls. Initial post found here and credit here: http://www.debasish.in/2012_04_01_archive.html

Download PyInjector

The Dell Drac and Chassis Scanner for Default Credentials v0.1a is a script that will scan CIDR notations looking for default installations of Dell DRAC and Chassis implementations. By default, dell DRAC and Chassis management servers ship with default credentials of root/calvin. By using this, you can interface with the console which has an operating system loaded on it. Mount a virtual media device remotely (an iso), reboot the server and compromise the underlying operating system. Step by step tutorial here:

Owning Dell DRAC for ONE AWESOME HACK! – Blog Post

Download Dell Drac and Chassis Scanner for Default Credentials v0.1a




Copyright 2012 TrustedSec, LLC. All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED BY TRUSTEDSEC, LLC AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL TRUSTEDSEC, LLC OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

The views and conclusions contained in the software and documentation are those of the authors and should not be interpreted as representing official policies, either expressed or implied, of TRUSTEDSEC, LLC.