Skip to content

Instantly share code, notes, and snippets.

View LucaBongiorni's full-sized avatar

LucaBongiorni

106 followers · 30 following
View GitHub Profile
@LucaBongiorni
LucaBongiorni / hb-test.py
Created April 8, 2014 12:17 — forked from takeshixx/hb-test.py
#!/usr/bin/env python2
# Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org)
# The author disclaims copyright to this source code.
import sys
import struct
import socket
import time
import select
@LucaBongiorni
LucaBongiorni / ssltest.py
Created April 8, 2014 17:15 — forked from ixs/ssltest.py
#!/usr/bin/python
# Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org)
# The author disclaims copyright to this source code.
#
# Modified slightly by Andreas Thienemann <athienemann@schubergphilis.com> for clearer exploit code
# and 64k reads
#
# This version of the exploit does write received data to a file called "dump" in the local directory
# for analysis.
@LucaBongiorni
LucaBongiorni / hb-test.py
Created April 9, 2014 18:55 — forked from takeshixx/hb-test.py
#!/usr/bin/env python2
# Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org)
# The author disclaims copyright to this source code.
import sys
import struct
import socket
import time
import select
@LucaBongiorni
LucaBongiorni / gist:4fc2b5608da8ef12d4f9
Created July 21, 2014 12:33 — forked from command-tab/gist:2370710
# Parse a provisioning profile
# Extract the first DeveloperCertificates <data> entry
# Remove any leading whitespace
# Remove any blank lines
# Base64 decode the blob
# Parse the .cer with OpenSSL
# Extract the first line, which is the certificate subject (the rest is the cert blob)
# End up with a string like: subject= /UID=AABBCCDDEE/CN=iPhone Developer: First Last (FFGGHHIIJJ)/C=US
# Note: Uses xmlstarlet to parse the plist, but you could probably use PlistBuddy or grep, too
@LucaBongiorni
LucaBongiorni / enhanced-tls.md
Last active August 29, 2015 14:28 — forked from freddyb/enhanced-tls.md

Enhanced TLS Security for non-HTTP protocols

Goal

The goal is to transplant the concepts of HTTP Strict Transport Security (HSTS)[^1] and Public Key Pinning Extension for HTTP[^2] to other protocols that support TLS. We aim to do those for popular internet protocols like SMTP, POP, FTP, XMPP and IRC.

Strategy

  1. Identify status codes that are currently undefined and can be safely ignored by clients that do not support them
  2. In this status code, the server SHOULD send a list of tokens to describe it's Enhanced TLS Security settings. 2.1 foo
@LucaBongiorni
LucaBongiorni / PELoader.cs
Last active August 29, 2015 14:28
Reflective PE Injection Mimikatz - Via InstallUtil.exe
using System;
using System.IO;
using System.Text;
using System.Collections.Generic;
using System.Configuration.Install;
using System.Runtime.InteropServices;
/*
@LucaBongiorni
LucaBongiorni / frag32.py
Last active August 29, 2015 14:28 — forked from ryancdotorg/frag32.py
A FAT32 fragmenter, because I am a horrible person.
#!/usr/bin/env python
import random
import struct
import sys
# Most of the Fat32 class was cribbed from https://gist.github.com/jonte/4577833
def ppNum(num):
return "%s (%s)" % (hex(num), num)
@LucaBongiorni
LucaBongiorni / netkatz.cs
Last active September 14, 2015 05:54
Prototype - x86
using System;
using System.IO;
using System.Net;
using System.Text;
using System.IO.Compression;
using System.Collections.Generic;
using System.Configuration.Install;
using System.Runtime.InteropServices;
@LucaBongiorni
LucaBongiorni / gist:6baeee67955a985487c4
Created October 2, 2015 11:30 — forked from ChickenProp/gist:3050085
Simple Raspberry Pi GPIO example

Introduction

This is a dead-simple way to test that GPIO on the Raspberry Pi is working. I have an SKPang Raspberry Pi starter kit A. But all you need is

  • A Raspberry Pi.
  • An LED.
  • A button.
  • A resistor, approximately 270Ω.
  • Some way to connect these to each other and the GPIO pins.
@LucaBongiorni
LucaBongiorni / JSRat.ps1
Created January 2, 2016 10:44
Fileless JavaScript Reverse HTTP Shell
<#
Author: Casey Smith @subTee
License: BSD3-Clause
.SYNOPSIS
Simple Reverse Shell over HTTP. Execute Commands on Client.