Crypt0s

#!/bin/bash
#bash <(curl -s https://gist.githubusercontent.com/Crypt0s/7299ccf252149a03805b4248585eaa2b/raw/9f9ef8c3c5c8ee1bd5a9ec0e8563f9d681e3957d/HTTPS.sh)
openssl req -nodes -new -x509 -keyout server.key -out server.cert -subj "/C=UA/ST=NJ/L=Roseland/O=Security/OU=OffSec/CN=coreweave.test/emailAddress=dev@www.example.com"
cat > https.py <<- EOM
import ssl
import http.server
import logging
import sys
file_h = logging.FileHandler(filename='https.log')
stdout_h = logging.StreamHandler(stream=sys.stdout)

Crypt0s

alert('external')

Crypt0s

#!/bin/bash

# Max number of restarts in THRESH seconds
MAX=5
THRESH=10

# Array to hold the list of restart dates
THEN=()

# run this monitoring operation forever 

Crypt0s

#!/usr/bin/python3
from Crypto.Cipher import AES #https://pycryptodome.readthedocs.io/en/latest/src/cipher/cipher.html
import javaobj #https://pypi.org/project/javaobj-py3/
import struct
import base64
import sys

if len(sys.argv) < 2:
    print("Usage:\n\tpython3 decrypt_geronimo.py [base64_{SIMPLE} Value]")

Crypt0s

#!/usr/bin/python3
# usage:
# python3 decrypt.py [base64 perforce password]
# Possibly related to CVE-2018-1000145 : https://nvd.nist.gov/vuln/detail/CVE-2018-1000145
# The Perforce plugin in Jenkins encrypts passwords with a static key and not the traditional Jenkins secrets storage mechanism
# This script decrypts those passwords using the static key yanked from the Jenkins Perforce code.
#
# Copyright 2021 Bryan "Crypt0s" Halfpap / Netragard LLC (https://netragard.com)
# Greetz to @tit0n and @greybrimstone

Crypt0s

<html><body><script>alert(5)</script></body></html>

Crypt0s

Keybase proof

I hereby claim:

• I am crypt0s on github.
• I am crypt0s (https://keybase.io/crypt0s) on keybase.
• I have a public key ASD9GuX9Y-LEm7EU2Py2l1PwsLtJ8ErCoPiJFWq8DfMKxAo

To claim this, I am signing this object: