Skip to content

Instantly share code, notes, and snippets.

View WJDigby's full-sized avatar
💭
It's complicated

WJDigby

💭
It's complicated
View GitHub Profile
@WJDigby
WJDigby / copypasta.py
Created September 19, 2021 16:23
Simple insecure webserver for transferring text and files between hosts
import base64
from datetime import datetime
from hashlib import md5
from math import ceil
import os
import web
from jinja2 import Environment, BaseLoader
# Tool is not designed for security, but might as disable this unless needed
apt-get update
apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg-agent \
software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
#! /usr/bin/python
# Requries at least Python 3.6
# Reads from stdin or file ( -i / --input-file), writes to stdout or file ( -o / --output-file)
# Supports XORing with provided key (-x / --xor)
# Supports output formats of C, C#, Java, VB, and B64 string ( -f / --format)
# Change shellcode output variable name with -n / --name
# Examples:
# Read shellcode from stdin, XOR with key 'secret!', format in C byte array, and write to file "sc.txt":
@WJDigby
WJDigby / dtf.py
Created April 2, 2019 15:02
Check domains for frontability
# based on https://github.com/rvrsh3ll/FindFrontableDomains by Steve Borosh (rvrsh3ll)
# no subdomain enumeration functionality.
import argparse
import dns.resolver
resolver = dns.resolver.default_resolver = dns.resolver.Resolver(configure=False)
resolver.nameservers = ['8.8.8.8']
frontable = {'cloudfront': 'Cloudfront',
'appspot.com': 'Google',
@WJDigby
WJDigby / reconcile.py
Last active January 3, 2019 22:08
Identify correct casing of password given all-caps LM password and NTLM hash
# reconcile.py
"""Given an all-capital password (from a cracked LM hash) and an NTLM hash,
identify the correct capitalization."""
import argparse
import hashlib
import itertools
def all_cases(password):
@WJDigby
WJDigby / friendly-reverse.py
Created October 2, 2018 18:02
Make reverse DNS output of host command more friendly.
#!/usr/bin/python
'''Pipe output of host command into this script when performing reverse lookups to get a more friendly output:
while read i; do host $i | ./friendly-reverse.py; done < list.txt '''
import sys
for lookup in sys.stdin:
ip = lookup.split('.', 4)[:4]
domain = lookup.rsplit(' ', 1)[1]
@WJDigby
WJDigby / ip extractor
Created July 30, 2018 22:22
Extract IP addresses from a packet capture
tcpdump -r <filename>.pcap 'ip' -n | grep -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' -o | sort -u
@WJDigby
WJDigby / lengthen.py
Created July 22, 2018 23:35
URL Lengthener
import requests
import argparse
def lengthen(url):
if not url.lower().startswith(("http://", "https://")):
url = "http://" + url
http_req = requests.get(url)
return http_req.url
def main():
@WJDigby
WJDigby / sendmail.py
Last active August 3, 2023 13:21
python3 send email via gmail API
from apiclient.discovery import build
from apiclient import errors
from httplib2 import Http
from oauth2client import file, client, tools
from email.mime.text import MIMEText
from base64 import urlsafe_b64encode
SENDER = <sender>
RECIPIENT = <recipient>
import argparse
from subprocess import call
# Useful for Bluetooth device discovery when Bluetooth device addresses may be one off from wireless MAC addresses
# See, for example, "Hacking Exposed: Wireless", 3rd edition, by Joshua Wright and Johnny Cache, pages 211-214.
# To generate the list of addresses and test using hcitool (or another command line tool):
# python3 off-by-one.py -l macs.lst | while read -r line; do hcitool name "$line"; done
def off_by_one(mac_list, flag):