Skip to content

Instantly share code, notes, and snippets.

Avatar
💭
It's complicated

WJDigby

💭
It's complicated
View GitHub Profile
@WJDigby
WJDigby / copypasta.py
Created Sep 19, 2021
Simple insecure webserver for transferring text and files between hosts
View copypasta.py
import base64
from datetime import datetime
from hashlib import md5
from math import ceil
import os
import web
from jinja2 import Environment, BaseLoader
# Tool is not designed for security, but might as disable this unless needed
View install_docker.sh
apt-get update
apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg-agent \
software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
View shellcode_utils.py
#! /usr/bin/python
# Requries at least Python 3.6
# Reads from stdin or file ( -i / --input-file), writes to stdout or file ( -o / --output-file)
# Supports XORing with provided key (-x / --xor)
# Supports output formats of C, C#, Java, VB, and B64 string ( -f / --format)
# Change shellcode output variable name with -n / --name
# Examples:
# Read shellcode from stdin, XOR with key 'secret!', format in C byte array, and write to file "sc.txt":
@WJDigby
WJDigby / dtf.py
Created Apr 2, 2019
Check domains for frontability
View dtf.py
# based on https://github.com/rvrsh3ll/FindFrontableDomains by Steve Borosh (rvrsh3ll)
# no subdomain enumeration functionality.
import argparse
import dns.resolver
resolver = dns.resolver.default_resolver = dns.resolver.Resolver(configure=False)
resolver.nameservers = ['8.8.8.8']
frontable = {'cloudfront': 'Cloudfront',
'appspot.com': 'Google',
@WJDigby
WJDigby / reconcile.py
Last active Jan 3, 2019
Identify correct casing of password given all-caps LM password and NTLM hash
View reconcile.py
# reconcile.py
"""Given an all-capital password (from a cracked LM hash) and an NTLM hash,
identify the correct capitalization."""
import argparse
import hashlib
import itertools
def all_cases(password):
@WJDigby
WJDigby / friendly-reverse.py
Created Oct 2, 2018
Make reverse DNS output of host command more friendly.
View friendly-reverse.py
#!/usr/bin/python
'''Pipe output of host command into this script when performing reverse lookups to get a more friendly output:
while read i; do host $i | ./friendly-reverse.py; done < list.txt '''
import sys
for lookup in sys.stdin:
ip = lookup.split('.', 4)[:4]
domain = lookup.rsplit(' ', 1)[1]
@WJDigby
WJDigby / ip extractor
Created Jul 30, 2018
Extract IP addresses from a packet capture
View ip extractor
tcpdump -r <filename>.pcap 'ip' -n | grep -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' -o | sort -u
View lengthen.py
import requests
import argparse
def lengthen(url):
if not url.lower().startswith(("http://", "https://")):
url = "http://" + url
http_req = requests.get(url)
return http_req.url
def main():
@WJDigby
WJDigby / sendmail.py
Last active Apr 5, 2022
python3 send email via gmail API
View sendmail.py
from apiclient.discovery import build
from apiclient import errors
from httplib2 import Http
from oauth2client import file, client, tools
from email.mime.text import MIMEText
from base64 import urlsafe_b64encode
SENDER = <sender>
RECIPIENT = <recipient>
View off-by-one.py
import argparse
from subprocess import call
# Useful for Bluetooth device discovery when Bluetooth device addresses may be one off from wireless MAC addresses
# See, for example, "Hacking Exposed: Wireless", 3rd edition, by Joshua Wright and Johnny Cache, pages 211-214.
# To generate the list of addresses and test using hcitool (or another command line tool):
# python3 off-by-one.py -l macs.lst | while read -r line; do hcitool name "$line"; done
def off_by_one(mac_list, flag):