Skip to content

Instantly share code, notes, and snippets.

View NicolaiSoeborg's full-sized avatar

Nicolai Søborg NicolaiSoeborg

44 followers · 35 following
View GitHub Profile
@NicolaiSoeborg
NicolaiSoeborg / harden.sh
Last active April 27, 2024 12:59
deb/apt based security tools
# Verify deb checksums:
sudo apt install debsums
# RNG tools:
sudo apt install rng-tools5
# TPM tools
sudo apt install tpm2-tools
# Monitor for ARP spoofing
@NicolaiSoeborg
NicolaiSoeborg / frida-compile problems and solutions.txt
Created September 29, 2021 20:12
Problem:
Error TS2688: Cannot find type definition file for 'frida-gum'
Solution:
yarn add --dev @types/frida-gum
Problem:
[TypeScript error: /node_modules/@types/frida-gum/index.d.ts(2317,15): Error TS2300: Duplicate identifier 'File'.]
Solution:
@NicolaiSoeborg
NicolaiSoeborg / socat - mitm - docker-compose.yml
Last active December 31, 2023 15:50
Docker (compose) socat mitm debug memcached
version: '3.8'
services:
web:
build: ./
ports:
- "5000:80"
depends_on:
- memcached
@NicolaiSoeborg
NicolaiSoeborg / trio-https-raw-socket.py
Created December 28, 2023 16:26
nc/socat like raw socket access to HTTPS
import trio
DOMAIN = "example.com"
PATH = "/"
async def main():
s0 = await trio.open_ssl_over_tcp_stream(DOMAIN, 443, https_compatible=True)
# Request a connection to the website
await s0.send_all(f"GET {PATH} HTTP/1.1\r\nHost: {DOMAIN}\r\n\r\n".encode())
@NicolaiSoeborg
NicolaiSoeborg / Caddy-ACME-CAA-setup.md
Last active November 4, 2023 16:22
Enabling ACME-CAA for Caddy and Let's Encrypt

  1. TL;DR: Grab this value jq -r '.location' $(sudo -u caddy caddy environ | awk -F'=' '/^caddy.AppDataDir=/{print $2"/acme/acme-v02.api.letsencrypt.org-directory/users/*/caddy.json"}') and jump to step 4.

  2. In your Caddyfile you should add an email to the Global Options Block:

{
	email demo@example.com
}
@NicolaiSoeborg
NicolaiSoeborg / Ubuntu cleanup
Last active October 21, 2023 14:09
Remove some of the bloat comnig with ubuntu-minimal
sudo apt install git htop tmux curl vim xclip
sudo apt install --no-install-recommends neovim
# Remove Ubuntu-branded XUL crapware:
sudo apt purge xul-ext-ubufox
# Stuff that I don't use:
sudo apt autoremove --purge snapd gnome-software-plugin-snap
sudo apt remove whoopsie
sudo apt remove bluez bluez-cups bluez-obexd
@NicolaiSoeborg
NicolaiSoeborg / sqlmap-helper.py
Created October 15, 2023 19:11
Often sqlmap can't do what you want it to do, so this is a small helper to run a flask server locally and exploit 127.0.0.1:5000
import httpx
from flask import Flask, request
URL = 'http://example.com/vuln'
client = httpx.Client(http2=True)
app = Flask(__name__)
@app.route("/vuln")
def hello_world():
param = request.args['q']
@NicolaiSoeborg
NicolaiSoeborg / angr-solve.py
Created August 7, 2023 10:22
Angr boilerplate
import angr
proj = angr.Project("./chal", auto_load_libs=False)
state = proj.factory.entry_state()
simgr = proj.factory.simulation_manager(state)
simgr.explore(find=lambda s: b"Correct!" in s.posix.dumps(1))
# Out[6]: <SimulationManager with 2 active, 34 deadended, 1 found>
print(simgr.found[0].posix.dumps(0))
@NicolaiSoeborg
NicolaiSoeborg / ssh422-polyglot.py
Created August 5, 2023 12:30
SSH + HTTP Polyglot
import trio # python3 -m pip install --upgrade trio
HTML = "<html>Hello World!</html>"
HTTP_BANNER = f"HTTP/1.1 200 OK\nContent-Length: {len(HTML)+1}\n\n{HTML}\n".encode()
async def forward_from_a_to_b(a, b):
async for chunk in a:
print(f"=> {chunk}", flush=True)
await b.send_all(chunk)
@NicolaiSoeborg
NicolaiSoeborg / antiyoy.java
Created July 24, 2023 10:45
antiyoy transfer progress
/*
Code to unlock all (176) levels:
* face3 (sad face)
* radioactive_ring
* triangle
* skull
* square
*/
import java.util.Arrays;
import java.util.Random;