I hereby claim:
- I am crypt0s on github.
- I am crypt0s (https://keybase.io/crypt0s) on keybase.
- I have a public key ASD9GuX9Y-LEm7EU2Py2l1PwsLtJ8ErCoPiJFWq8DfMKxAo
To claim this, I am signing this object:
#!/bin/bash | |
#bash <(curl -s https://gist.githubusercontent.com/Crypt0s/7299ccf252149a03805b4248585eaa2b/raw/9f9ef8c3c5c8ee1bd5a9ec0e8563f9d681e3957d/HTTPS.sh) | |
openssl req -nodes -new -x509 -keyout server.key -out server.cert -subj "/C=UA/ST=NJ/L=Roseland/O=Security/OU=OffSec/CN=coreweave.test/emailAddress=dev@www.example.com" | |
cat > https.py <<- EOM | |
import ssl | |
import http.server | |
import logging | |
import sys | |
file_h = logging.FileHandler(filename='https.log') | |
stdout_h = logging.StreamHandler(stream=sys.stdout) |
alert('external') |
#!/bin/bash | |
# Max number of restarts in THRESH seconds | |
MAX=5 | |
THRESH=10 | |
# Array to hold the list of restart dates | |
THEN=() | |
# run this monitoring operation forever |
#!/usr/bin/python3 | |
from Crypto.Cipher import AES #https://pycryptodome.readthedocs.io/en/latest/src/cipher/cipher.html | |
import javaobj #https://pypi.org/project/javaobj-py3/ | |
import struct | |
import base64 | |
import sys | |
if len(sys.argv) < 2: | |
print("Usage:\n\tpython3 decrypt_geronimo.py [base64_{SIMPLE} Value]") |
#!/usr/bin/python3 | |
# usage: | |
# python3 decrypt.py [base64 perforce password] | |
# Possibly related to CVE-2018-1000145 : https://nvd.nist.gov/vuln/detail/CVE-2018-1000145 | |
# The Perforce plugin in Jenkins encrypts passwords with a static key and not the traditional Jenkins secrets storage mechanism | |
# This script decrypts those passwords using the static key yanked from the Jenkins Perforce code. | |
# | |
# Copyright 2021 Bryan "Crypt0s" Halfpap / Netragard LLC (https://netragard.com) | |
# Greetz to @tit0n and @greybrimstone |
<html><body><script>alert(5)</script></body></html> |
I hereby claim:
To claim this, I am signing this object: