Skip to content

Instantly share code, notes, and snippets.

View John-Lin's full-sized avatar
👋
hi

Che-Wei Lin John-Lin

👋
hi
312 followers · 255 following
View GitHub Profile
@John-Lin
John-Lin / dhcp.js
Created April 26, 2015 04:25
Decode DHCP
var EthernetAddr = require("./ethernet_addr");
var IPv4Addr = require("./ipv4_addr");
// DHCP packet parser
// RFC 2131
// DHCP packet format
// 0 1 2 3
// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// | op (1) | htype (1) | hlen (1) | hops (1) |
@John-Lin
John-Lin / HTTP-sys.py
Last active August 29, 2015 14:19
MS15-034 Checker
# original PoC: http://pastebin.com/raw.php?i=ypURDPc4
'''
___. .___ __ __
\_ |__ ____ ___.__. ____ ____ __| _// |________ __ __ _______/ |_
| __ \_/ __ < | |/ _ \ / \ / __ |\ __\_ __ \ | \/ ___/\ __\
| \_\ \ ___/\___ ( <_> ) | \/ /_/ | | | | | \/ | /\___ \ | |
|___ /\___ > ____|\____/|___| /\____ | |__| |__| |____//____ > |__|
\/ \/\/ \/ \/ \/
MS15-034 Checker
@John-Lin
John-Lin / fat_tree.py
Last active August 29, 2015 14:18
SDN LAB1
# sudo mn --custom ./fat_tree.py --topo mytopo --switch ovs,protocols=OpenFlow13 --controller=remote,ip=192.168.56.1
from mininet.topo import Topo
from mininet.cli import CLI
from mininet.net import Mininet
from mininet.link import TCLink
from mininet.util import dumpNodeConnections
from mininet.log import setLogLevel
from mininet.node import RemoteController
# hosts connections
@John-Lin
John-Lin / pyew_note
Last active August 29, 2015 14:17
A Python tool for static malware analysis
pynew download: https://code.google.com/p/pyew/downloads/list
TypicalProblems problem:
https://code.google.com/p/pyew/wiki/TypicalProblems
1. PEFILE: global name 'Decode32Bits' is not defined
Slove: https://github.com/kbandla/distorm64
X86組合語言/基本指令集
@John-Lin
John-Lin / EventOFPPortStatus
Created March 25, 2015 14:40
EventOFPPortStatus
# Copyright (C) 2011 Nippon Telegraph and Telephone Corporation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
@John-Lin
John-Lin / moocs.py
Last active August 29, 2015 14:10
Moocs
import csv
def get_mail_list(fileobj):
mail_list = []
for row in csv.reader(fileobj):
if row[1] != '':
mail_list.append(row[1])
fileobj.close()
return mail_list
@John-Lin
John-Lin / interfaces
Last active August 29, 2015 14:06
Raspberry Pi /etc/network/interfaces
root@kali:~# vim /etc/network/interfaces
auto lo
iface lo inet loopback
# For eth0 dhcp
# auto eth0
# iface eth0 inet dhcp
# For eth0 static IP
auto eth0
@John-Lin
John-Lin / honeyd.conf
Last active August 29, 2015 14:06
honyd configuration
create default
set default default tcp action block
set default default udp action block
set default default icmp action block
@John-Lin
John-Lin / unsock2nwsock.py
Last active August 29, 2015 14:05
import os
import sys
import time
import socket
import logging
logging.basicConfig(level=logging.INFO)
logger = logging.getLogger(__name__)
SOCKFILE = "/tmp/snort_alert"
@John-Lin
John-Lin / snort.conf
Created August 16, 2014 15:13
Snort configuration
#--------------------------------------------------
# VRT Rule Packages Snort.conf
#
# For more information visit us at:
# http://www.snort.org Snort Website
# http://vrt-blog.snort.org/ Sourcefire VRT Blog
#
# Mailing list Contact: snort-sigs@lists.sourceforge.net
# False Positive reports: fp@sourcefire.com
# Snort bugs: bugs@snort.org