Tony36 Tony3-sec
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| ''' | |
| RC4 encryptor / decryptor | |
| ''' | |
| import argparse | |
| import binascii | |
| from Crypto.Cipher import ARC4 |
Tony3-sec
/ my_xor02.py
Created
November 25, 2018 23:33
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| ''' | |
| This script will XOR the data. | |
| The key and the payload must be in hex format | |
| The script is simplified from my_xor.py | |
| ''' | |
| import binascii |
Tony3-sec
/ objdump command tips
Created
July 17, 2018 15:03
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| When running objdump command and got error like this: | |
| ''' | |
| $ objdump -D out | |
| objdump: out: File format not recognized | |
| ''' | |
| Use -b option with value "binary" | |
| ''' |
Tony3-sec
/ convertpcap.sh
Created
January 25, 2018 13:20
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ## This script will convert packet caputre file (in current directory) to tcpdump capture format. | |
| echo "converting pcap to tcpdump file format...." | |
| pcap_exts=$(ls | grep "\.pcap\|\.flow\|\.cap\|\.pcapng") #list of possible pcap files | |
| header="converted_" | |
| for pcapfile in $pcap_exts |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| ''' | |
| zlib compress or decompress the payload | |
| ''' | |
| import sys | |
| import argparse | |
| import zlib | |
| import binascii |
Tony3-sec
/ xor-file-encryptor.py
Created
November 23, 2017 13:01
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| This script will XOR encrypt the files in specified directory. | |
| If you want to recover the encrypted files, simply run the script again with same XOR key. | |
| ''' | |
| import os | |
| import binascii | |
| key = "This is the key" | |
| key = binascii.hexlify(key) |
Tony3-sec
/ my_xor_crypto.py
Last active
October 24, 2017 14:40
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| ''' | |
| This script will XOR the data. | |
| The key and the payload must be in hex format | |
| ''' | |
| #from binascii import unhexlify ##for python3 | |
| enc = "2dec09e50aa932e617e501a8" |
Tony3-sec
/ python-network-memo.py
Last active
September 17, 2017 16:35
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| Memo for network programming by python | |
| ''' | |
| import socket | |
| host = "foo.bar.com" | |
| port = 12345 | |
| msg = "Hello" | |
| buffersize = 4096 |
Tony3-sec
/ Extract a single SSL certificate from a PCAP with a nice healthy one liner
Last active
May 9, 2017 09:26
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| tshark -nr example.pcap -Y ssl.handshake.certificates -T fields -e ssl.handshake.certificate | xxd -r -p | openssl x509 -inform DER -text | |
| ## Extract raw SSL certificate from Wireshark | |
| 1. Select Server Hello packet | |
| 2. Open Secure Socket Layer tab and choose "Certificate". Make sure not to include "Certificate Length:". Only need the data below | |
| 3. Right click and choose "Export Packet Bytes" |
Tony3-sec
/ PKZIP cheat sheet
Last active
April 28, 2017 11:44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## reference | |
| https://pkware.cachefly.net/webdocs/APPNOTE/APPNOTE-6.2.2.TXT | |
| 4.3.7 Local file header: | |
| local file header signature 4 bytes (0x04034b50) | |
| version needed to extract 2 bytes | |
| general purpose bit flag 2 bytes | |
| compression method 2 bytes | |
NewerOlder