Skip to content

Instantly share code, notes, and snippets.

View pickle.py
import argparse
import pickle
import sys
if sys.version_info < (3, 0, 0):
_exec = None
buff = sys.stdout # Buffer to write binary strings to
else:
import builtins
@ajxchapman
ajxchapman / chrome_screenshot.js
Created Jul 11, 2017
Node script to screenshot web pages using chrome debugging protocol
View chrome_screenshot.js
// npm install chrome-remote-interface minimist
const CDP = require('chrome-remote-interface');
const argv = require('minimist')(process.argv.slice(2));
const file = require('fs');
const spawn = require('child_process').spawn;
const net = require('net');
const crypto = require('crypto');
const url = argv.url || 'https://www.google.com';
const id = argv.id || crypto.createHash('sha256').update(url).digest("hex");
@ajxchapman
ajxchapman / burp_extract.py
Created Jan 15, 2019
Extract files from Burp Suite "Save Items" save file
View burp_extract.py
import base64
import os
import sys
search = " ".join(sys.argv[2:]) or None
path = None
with open(sys.argv[1]) as f:
for line in f:
if '<path>' in line:
@ajxchapman
ajxchapman / README.md
Created Jan 15, 2019
Linux Gateway with WPAD and PAC
View README.md

Linux Gateway with WPAD and PAC

Simple setup to create a Linux gateway on Ubuntu 18.04 that provides WPAD settings via DHCP option 252.

systemctl disable systemd-resolved.service
systemctl stop systemd-resolved
apt update
apt install dnsmasq
unlink /etc/resolv.conf
echo "nameserver 8.8.8.8" > /etc/resolv.conf
@ajxchapman
ajxchapman / wordlist_generator.py
Created Mar 8, 2019
Wordlist generator based on observed words from given URLs
View wordlist_generator.py
import re
import requests
import inflect
seed_urls = [
"http://www.example.com",
]
cookies = {"session" : "2eyhsb2dnZxWRJ9biI6dHJ1ZXr0"}
prefixes = ["get", "set", "get_", "set_"]
@ajxchapman
ajxchapman / blind_sqli.py
Created Apr 2, 2019
MySQL / MariaDB blind SQLi exploitation script
View blind_sqli.py
import argparse
import binascii
import math
import requests
import sys
import urllib.parse
import zlib
session = requests.session()
def get_boolean(query):
@ajxchapman
ajxchapman / README.md
Last active Apr 29, 2019
Installing Apache Guacamole
View README.md
  1. Install Docker
# https://docs.docker.com/install/linux/docker-ce/ubuntu/
apt-get update
apt-get install -y apt-transport-https ca-certificates curl gnupg-agent software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
apt-get update
apt-get install -y docker-ce docker-ce-cli containerd.io
docker run hello-world
@ajxchapman
ajxchapman / README.md
Last active May 7, 2019
Install Windows on Digital Ocean droplet
View README.md
@ajxchapman
ajxchapman / gist:e88adeed1b1bb1582ac46ed2ed0b1b97
Last active Jun 4, 2019
Wfuzz a host that keeps timing out
View gist:e88adeed1b1bb1582ac46ed2ed0b1b97
#!/bin/bash
WORDLIST="wordlist.txt"
OUTPUT="output.txt"
TARGET="https://example.com/FUZZ"
if [ ! -f _wordlist.txt ] || [ `wc -l _wordlist.txt | cut -f 1 -d " "` -eq 0 ]
then
sort -u $WORDLIST > _wordlist.txt
if [ -f $OUTPUT ]
then
@ajxchapman
ajxchapman / README.md
Last active Apr 17, 2020
CVE-2019-5418 Demo
View README.md

CVE-2019-5418 Demo

Build Docker container: Dockerfile

FROM ruby:2.5
RUN apt-get update -qq && apt-get install -y nodejs postgresql-client
RUN mkdir /myapp
WORKDIR /myapp
COPY Gemfile /myapp/Gemfile