Techbrunch

## favicon-shodan.rb
# Initial code by Matt Harzewski
# https://gist.github.com/mattvh/6692349
# Read more: http://www.webmaster-source.com/2013/09/25/finding-a-websites-favicon-with-ruby/
# https://github.com/hajimes/mmh3

require "httparty"
require "nokogiri"
require "base64"
require "murmurhash3"

## bounty.txt
18f.gov
acorns.com
airbnb.com
airtable.com
algolia.com
alienvault.com
amazonaws.com
ambo.io
amitree.com
appspot.com

## app_proxy.rb
# ENDPOINT="host.com" ruby app_proxy.rb
# curl -i localhost:4567/capture # => "<TIMEOUT>" or regular response every 2 calls

require 'sinatra'
require 'net/http'

$request_settings = { host: ENV["ENDPOINT"] }
$headers = { "Content-Type" => "application/json" }
$counter = 0

## proxy.rb
require 'sinatra'
require 'openssl'
require 'base64'
require 'httparty'
require 'json'
require 'sinatra/custom_logger'
require 'logger'
require 'active_support/all'

set :logger, Logger.new(STDOUT)

## CVE-2017-9506.rb
require 'httparty'
require 'colorize'
File.readlines(ARGV[0]).each do |ip|
  ip.strip!

  begin
    print "ip: #{ip} - "
    response = HTTParty.get("http://#{ip}/plugins/servlet/oauth/users/icon-uri?consumerUri=http://remote",
                            {timeout: 5, verify: false, headers: { "User-Agent" => "POC" }})
    if response.code != 200 && response.code != 404

## pixel.rb
require 'chunky_png'

i = ChunkyPNG::Image.from_file(ARGV[0])
p = ChunkyPNG::Canvas.from_io(StringIO.new(i.to_blob))
p.crop(452,1600,61,63).save('test.png')

## intercal_decode.rb
arr = [238,140,120,0,112,154,194,172,72,32,24,240,160,232,26,52]
def decode(pos = 0, array)
  array.map { |x|
    pos = (256 + pos - x) % 256
    pos.to_s(2)
       .rjust(8, '0')
       .reverse
       .to_i(2)
       .chr
  }.join

## gist:d2e1a0539be4a561d9d6a62a31a04027
### Keybase proof

I hereby claim:

  * I am techbrunch on github.
  * I am techbrunch (https://keybase.io/techbrunch) on keybase.
  * I have a public key ASDcuKPV4Qvr8MkodHAlIjpCzi3vd6kZhspB_K5IgZTjrwo

To claim this, I am signing this object:

## s3_downloader.py
import boto3

prefix = ""
bucket = ""

client = boto3.client('s3')
paginator = client.get_paginator('list_objects')
operation_parameters = {'Bucket': bucket,
                        'Prefix': prefix}
page_iterator = paginator.paginate(**operation_parameters)

## redis-server
#!/bin/sh
# From - http://www.codingsteps.com/install-redis-2-6-on-amazon-ec2-linux-ami-or-centos/
#      - https://github.com/saxenap/install-redis-amazon-linux-centos/blob/master/redis-server
#
# redis - this script starts and stops the redis-server daemon
# Originally from - https://raw.github.com/gist/257849/9f1e627e0b7dbe68882fa2b7bdb1b2b263522004/redis-server
#
# chkconfig:   - 85 15
# description:  Redis is a persistent key-value database
# processname: redis-server
	# Initial code by Matt Harzewski
	# https://gist.github.com/mattvh/6692349
	# Read more: http://www.webmaster-source.com/2013/09/25/finding-a-websites-favicon-with-ruby/
	# https://github.com/hajimes/mmh3

	require "httparty"
	require "nokogiri"
	require "base64"
	require "murmurhash3"
	18f.gov
	acorns.com
	airbnb.com
	airtable.com
	algolia.com
	alienvault.com
	amazonaws.com
	ambo.io
	amitree.com
	appspot.com
	# ENDPOINT="host.com" ruby app_proxy.rb
	# curl -i localhost:4567/capture # => "<TIMEOUT>" or regular response every 2 calls

	require 'sinatra'
	require 'net/http'

	$request_settings = { host: ENV["ENDPOINT"] }
	$headers = { "Content-Type" => "application/json" }
	$counter = 0
	require 'sinatra'
	require 'openssl'
	require 'base64'
	require 'httparty'
	require 'json'
	require 'sinatra/custom_logger'
	require 'logger'
	require 'active_support/all'

	set :logger, Logger.new(STDOUT)
	require 'httparty'
	require 'colorize'
	File.readlines(ARGV[0]).each do \|ip\|
	ip.strip!

	begin
	print "ip: #{ip} - "
	response = HTTParty.get("http://#{ip}/plugins/servlet/oauth/users/icon-uri?consumerUri=http://remote",
	{timeout: 5, verify: false, headers: { "User-Agent" => "POC" }})
	if response.code != 200 && response.code != 404
	require 'chunky_png'

	i = ChunkyPNG::Image.from_file(ARGV[0])
	p = ChunkyPNG::Canvas.from_io(StringIO.new(i.to_blob))
	p.crop(452,1600,61,63).save('test.png')
	arr = [238,140,120,0,112,154,194,172,72,32,24,240,160,232,26,52]
	def decode(pos = 0, array)
	array.map { \|x\|
	pos = (256 + pos - x) % 256
	pos.to_s(2)
	.rjust(8, '0')
	.reverse
	.to_i(2)
	.chr
	}.join
	### Keybase proof

	I hereby claim:

	* I am techbrunch on github.
	* I am techbrunch (https://keybase.io/techbrunch) on keybase.
	* I have a public key ASDcuKPV4Qvr8MkodHAlIjpCzi3vd6kZhspB_K5IgZTjrwo

	To claim this, I am signing this object:
	import boto3

	prefix = ""
	bucket = ""

	client = boto3.client('s3')
	paginator = client.get_paginator('list_objects')
	operation_parameters = {'Bucket': bucket,
	'Prefix': prefix}
	page_iterator = paginator.paginate(**operation_parameters)
	#!/bin/sh
	# From - http://www.codingsteps.com/install-redis-2-6-on-amazon-ec2-linux-ami-or-centos/
	# - https://github.com/saxenap/install-redis-amazon-linux-centos/blob/master/redis-server
	#
	# redis - this script starts and stops the redis-server daemon
	# Originally from - https://raw.github.com/gist/257849/9f1e627e0b7dbe68882fa2b7bdb1b2b263522004/redis-server
	#
	# chkconfig: - 85 15
	# description: Redis is a persistent key-value database
	# processname: redis-server