Image: https://nahamsec.net/Nahamsec_CTF_Giveaway.jpg
No usefull metadata:
date:create: 2020-01-12T11:09:18+00:00
date:modify: 2020-01-07T00:53:58+00:00
Domain nahamsec.net
import boto3 | |
prefix = "" | |
bucket = "" | |
client = boto3.client('s3') | |
paginator = client.get_paginator('list_objects') | |
operation_parameters = {'Bucket': bucket, | |
'Prefix': prefix} | |
page_iterator = paginator.paginate(**operation_parameters) |
### Keybase proof | |
I hereby claim: | |
* I am techbrunch on github. | |
* I am techbrunch (https://keybase.io/techbrunch) on keybase. | |
* I have a public key ASDcuKPV4Qvr8MkodHAlIjpCzi3vd6kZhspB_K5IgZTjrwo | |
To claim this, I am signing this object: |
arr = [238,140,120,0,112,154,194,172,72,32,24,240,160,232,26,52] | |
def decode(pos = 0, array) | |
array.map { |x| | |
pos = (256 + pos - x) % 256 | |
pos.to_s(2) | |
.rjust(8, '0') | |
.reverse | |
.to_i(2) | |
.chr | |
}.join |
require 'chunky_png' | |
i = ChunkyPNG::Image.from_file(ARGV[0]) | |
p = ChunkyPNG::Canvas.from_io(StringIO.new(i.to_blob)) | |
p.crop(452,1600,61,63).save('test.png') |
require 'httparty' | |
require 'colorize' | |
File.readlines(ARGV[0]).each do |ip| | |
ip.strip! | |
begin | |
print "ip: #{ip} - " | |
response = HTTParty.get("http://#{ip}/plugins/servlet/oauth/users/icon-uri?consumerUri=http://remote", | |
{timeout: 5, verify: false, headers: { "User-Agent" => "POC" }}) | |
if response.code != 200 && response.code != 404 |
require 'sinatra' | |
require 'openssl' | |
require 'base64' | |
require 'httparty' | |
require 'json' | |
require 'sinatra/custom_logger' | |
require 'logger' | |
require 'active_support/all' | |
set :logger, Logger.new(STDOUT) |
# ENDPOINT="host.com" ruby app_proxy.rb | |
# curl -i localhost:4567/capture # => "<TIMEOUT>" or regular response every 2 calls | |
require 'sinatra' | |
require 'net/http' | |
$request_settings = { host: ENV["ENDPOINT"] } | |
$headers = { "Content-Type" => "application/json" } | |
$counter = 0 |
18f.gov | |
acorns.com | |
airbnb.com | |
airtable.com | |
algolia.com | |
alienvault.com | |
amazonaws.com | |
ambo.io | |
amitree.com | |
appspot.com |
# Initial code by Matt Harzewski | |
# https://gist.github.com/mattvh/6692349 | |
# Read more: http://www.webmaster-source.com/2013/09/25/finding-a-websites-favicon-with-ruby/ | |
# https://github.com/hajimes/mmh3 | |
require "httparty" | |
require "nokogiri" | |
require "base64" | |
require "murmurhash3" |
Image: https://nahamsec.net/Nahamsec_CTF_Giveaway.jpg
No usefull metadata:
date:create: 2020-01-12T11:09:18+00:00
date:modify: 2020-01-07T00:53:58+00:00
Domain nahamsec.net