I hereby claim:
- I am PaulSec on github.
- I am paulsec (https://keybase.io/paulsec) on keybase.
- I have a public key whose fingerprint is 37C2 C83D 124B 2688 7B62 7DA4 B4A6 F863 A65E 7C08
To claim this, I am signing this object:
Paul PaulSec
PaulSec
/ whathashisit.py
Last active
August 29, 2015 14:02
Interact with WhatHashIsIt REST API in Python
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import json | |
| req = requests.get('https://what-hash-is-it.herokuapp.com/API/hash/098f6bcd4621d373cade4e832627b4f6') | |
| data = json.loads(req.content) | |
| if (len(data) > 0): | |
| print data | |
| else: | |
| print "[-] No result found for this hash." |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # check that 7z is installed | |
| command -v 7z >/dev/null 2>&1 || { echo >&2 "This script requires 7z. Aborting."; exit 1; } | |
| jdgui="/path/to/jd-gui" | |
| startmenu="/path/to/DroidBox_4.1.1/startemu.sh" | |
| dex2jar="/path/to/dex2jar-0.0.9.15/d2j-dex2jar.sh" | |
| if [ $# -eq 0 ] |
PaulSec
/ Burp certificate on Android
Created
February 16, 2015 19:40
Add your Burp certificate on an Android device
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| To do so: | |
| 1. Export your Burp Certificate | |
| Proxy > Options > CA Certificate > Export in DER format | |
| 2. Convert it to PEM | |
| openssl x509 -inform der -in cacert.der -out burp.pem | |
| 3. Download it on the device |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000 | |
| apktool d -s src/ING.apk -o src/ING/ -f | |
| java -jar ./tools/baksmali-2.0.2.jar src/ING/classes.dex -o src/out/ | |
| # ==== here patch dex file ==== | |
| TEL1="+80000000001" | |
| TEL2="+80000000002" | |
| TEL_BACK="+80000000003" | |
| HOST1="127.0.0.1" | |
| HOST2="127.0.0.1" | |
| ID_BOT="500" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from Crypto.Cipher import AES | |
| secret_key = "1122456789abcdef" | |
| iv = "1122456789abcdef" | |
| mode = AES.MODE_CBC | |
| ciphers = ["9901a4037eae3008a99a0d42ee1d84d2", "524913a771bd29a4f4547f08c844b33a", "d3a1d39c993b6824212fba3f4aa50865", "6f95f17e43914c85ccf2f2370962aee899398b6cbf6d25ef97a71d4a9ec2dabb057871e5c3fdf2921a40801ce58d44fd", "282aadd640e6b03b1633fa698ecb958bb2bdbe545a06373aaa96c15b6a57fd3bfe29bc21e7b22cd718b118ad48f47308", "579ebf44d3fcf24fed05cd51a8952680", "1181dad1a14cd6323ecb89d2cd06d08a5c7dcd3bd66233f2859d2ec23834501e", "282aadd640e6b03b1633fa698ecb958b4705ee49d44709f62b82dbda708e296b"] | |
| for c in text: | |
| decryptor = AES.new(secret_key, mode, IV=iv) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| s = sys.argv[1].decode('unicode-escape') | |
| key = [int(i) for i in sys.argv[2].split(',')] | |
| index, res = 0, "" | |
| for char in list(s): | |
| res += chr(ord(char) ^ key[index]) | |
| index = (index + 1) % 5 | |
| print ''.join(res) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var http = require('http'), | |
| path = require('path'), | |
| fs = require('fs'); | |
| http.createServer(function(req, res) { | |
| filename = './cacert.crt' | |
| path.exists(filename, function(exists) { | |
| res.writeHead(200, {'Content-disposition': 'attachment; filename=cacert.crt', 'Content-Type': 'text/plain'}); | |
| var fileStream = fs.createReadStream(filename); | |
| fileStream.pipe(res); |
PaulSec
/ vnc_snapshot.py
Last active
October 5, 2019 10:25
VNC Snapshot using Torify and vncsnapshot
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/python | |
| import requests | |
| import threading | |
| import os | |
| API_KEY = "XXXXXXXXXXXXXXXXX" | |
| QUERY = "port:5900 authentication" | |
| class VNCSnapshot(threading.Thread): |
PaulSec
/ memory_dumper.py
Created
September 23, 2015 09:59
Dump the memory of the specified pid (linux)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import ctypes, re, sys | |
| ## Partial interface to ptrace(2), only for PTRACE_ATTACH and PTRACE_DETACH. | |
| c_ptrace = ctypes.CDLL("libc.so.6").ptrace | |
| c_pid_t = ctypes.c_int32 # This assumes pid_t is int32_t | |
| c_ptrace.argtypes = [ctypes.c_int, c_pid_t, ctypes.c_void_p, ctypes.c_void_p] | |
| def ptrace(attach, pid): |
OlderNewer