KING SABRI KINGSABRI

## ex-ssh-pty.rb
require 'net/ssh'

host = "the.host"
user = "joe"
su_user = "bob"
password = "password"

commands = ["cd /", "pwd", "ls -l", "exit"]
finished = ("%08x" * 8) % Array.new(8) { rand(0xFFFFFFFF) }

## port_scanner.rb
require 'socket'

# Set up the parameters.
PORT_RANGE = 1..512
HOST = 'archive.org'
TIME_TO_WAIT = 5 # seconds

# Create a socket for each port and initiate the nonblocking
# connect.
sockets = PORT_RANGE.map do |port|

## keypress.rb
require 'io/console'

# Reads keypresses from the user including 2 and 3 escape character sequences.
def read_char
  STDIN.echo = false
  STDIN.raw!

  input = STDIN.getc.chr
  if input == "\e" then
    input << STDIN.read_nonblock(3) rescue nil

## test.rb
require 'bindata'
require 'pp'

class ImageDosHeader < BinData::Record
  endian   :little
  uint16   :e_magic, :check_value => 0x5A4D # MZ
  uint16   :e_cblp
  uint16   :e_cp
  uint16   :e_crlc
  uint16   :e_cparhdr

## san.msupn.rb
cert = OpenSSL::X509::Certificate.new(certificate_string)
subject_alt_name = cert.extensions.find {|e| e.oid == "subjectAltName"}

# Parse the subject alternate name certificate extension as ASN1, first value should be the key
asn_san = OpenSSL::ASN1.decode(subject_alt_name)
raise "Expected ASN1 Subject Alternate Name extension key to be subjectAltName but was #{asn_san.value[0].value}" if asn_san.value[0].value != 'subjectAltName'

# And the second value should be a nested ASN1 sequence
asn_san_sequence = OpenSSL::ASN1.decode(asn_san.value[1].value)

## gist:7360908

      
              1 file
            
          
              3654 forks
            
          
              1024 comments
            
          
              16721 stars
            
          
                rxaviers
                / gist:7360908
            
            
              Last active
              June 2, 2024 16:48
            
              
                Complete list of github markdown emoji markup
              
          
    People


 :bowtie:
😄 :smile:
😆 :laughing:


😊 :blush:
😃 :smiley:
☺️ :relaxed:


😏 :smirk:
😍 :heart_eyes:
😘 :kissing_heart:


😚 :kissing_closed_eyes:
😳 :flushed:
😌 :relieved:


😆 :satisfied:
😁 :grin:
😉 :wink:


😜 :stuck_out_tongue_winking_eye:
😝 :stuck_out_tongue_closed_eyes:
😀 :grinning:


😗 :kissing:
😙 :kissing_smiling_eyes:
😛 :stuck_out_tongue:


## hacked_windowtext.rb
windows = client.extapi.window.enumerate
windows.each do |winder|
  if winder[:title] != 'Default IME'
    result = client.railgun.user32.SetWindowTextA(winder[:handle],"Hacked")
  end
end

## gist:8923003
require 'net/http'
require 'uri'
host = "localhost"
port = 5125
path = "/api/hoge/hoge/hoge"
body = URI.encode_www_form({'number'=>0, 'mode'=>'gauge'})

# 1)
@client = Net::HTTP.new(host, port)
# @client.set_debug_output(STDOUT)

## brutelist.rb
#!/usr/bin/env ruby

#
## Brute code stolen form: https://gist.github.com/petehamilton/4755855
#


def result?(sub)
  puts sub
	1 == 2

## brutedns.rb
#!/usr/bin/env ruby

#
## Brute code stolen form: https://gist.github.com/petehamilton/4755855
#

@domain = 'contoso.com'

def result?(sub)
	results = %x(dig +noall #{sub}.#{@domain} +answer)
	require 'net/ssh'

	host = "the.host"
	user = "joe"
	su_user = "bob"
	password = "password"

	commands = ["cd /", "pwd", "ls -l", "exit"]
	finished = ("%08x" * 8) % Array.new(8) { rand(0xFFFFFFFF) }
	require 'socket'

	# Set up the parameters.
	PORT_RANGE = 1..512
	HOST = 'archive.org'
	TIME_TO_WAIT = 5 # seconds

	# Create a socket for each port and initiate the nonblocking
	# connect.
	sockets = PORT_RANGE.map do \|port\|
	require 'io/console'

	# Reads keypresses from the user including 2 and 3 escape character sequences.
	def read_char
	STDIN.echo = false
	STDIN.raw!

	input = STDIN.getc.chr
	if input == "\e" then
	input << STDIN.read_nonblock(3) rescue nil
	require 'bindata'
	require 'pp'

	class ImageDosHeader < BinData::Record
	endian :little
	uint16 :e_magic, :check_value => 0x5A4D # MZ
	uint16 :e_cblp
	uint16 :e_cp
	uint16 :e_crlc
	uint16 :e_cparhdr
	cert = OpenSSL::X509::Certificate.new(certificate_string)
	subject_alt_name = cert.extensions.find {\|e\| e.oid == "subjectAltName"}

	# Parse the subject alternate name certificate extension as ASN1, first value should be the key
	asn_san = OpenSSL::ASN1.decode(subject_alt_name)
	raise "Expected ASN1 Subject Alternate Name extension key to be subjectAltName but was #{asn_san.value[0].value}" if asn_san.value[0].value != 'subjectAltName'

	# And the second value should be a nested ASN1 sequence
	asn_san_sequence = OpenSSL::ASN1.decode(asn_san.value[1].value)
`:bowtie:`	😄 `:smile:`	😆 `:laughing:`
😊 `:blush:`	😃 `:smiley:`	☺️ `:relaxed:`
😏 `:smirk:`	😍 `:heart_eyes:`	😘 `:kissing_heart:`
😚 `:kissing_closed_eyes:`	😳 `:flushed:`	😌 `:relieved:`
😆 `:satisfied:`	😁 `:grin:`	😉 `:wink:`
😜 `:stuck_out_tongue_winking_eye:`	😝 `:stuck_out_tongue_closed_eyes:`	😀 `:grinning:`
😗 `:kissing:`	😙 `:kissing_smiling_eyes:`	😛 `:stuck_out_tongue:`
	windows = client.extapi.window.enumerate
	windows.each do \|winder\|
	if winder[:title] != 'Default IME'
	result = client.railgun.user32.SetWindowTextA(winder[:handle],"Hacked")
	end
	end
	require 'net/http'
	require 'uri'
	host = "localhost"
	port = 5125
	path = "/api/hoge/hoge/hoge"
	body = URI.encode_www_form({'number'=>0, 'mode'=>'gauge'})

	# 1)
	@client = Net::HTTP.new(host, port)
	# @client.set_debug_output(STDOUT)
	#!/usr/bin/env ruby

	#
	## Brute code stolen form: https://gist.github.com/petehamilton/4755855
	#


	def result?(sub)
	puts sub
	1 == 2
	#!/usr/bin/env ruby

	#
	## Brute code stolen form: https://gist.github.com/petehamilton/4755855
	#

	@domain = 'contoso.com'

	def result?(sub)
	results = %x(dig +noall #{sub}.#{@domain} +answer)