Skip to content

Instantly share code, notes, and snippets.

@ajxchapman
ajxchapman / README.md
Last active Jul 23, 2020
Scripts developed for solving HackerOne H1-702 2019 CTF
View README.md

Scripts developed for solving HackerOne H1-702 2019 CTF

  • image_extract.py performs character extraction on targetted against the HackerOne H1-702 CTF announcement image
  • decrypt_sqli.py performs blind sqli data extraction with encrypted payloads targetting against the FliteThermostat API
  • timing_attack.py performs an HTTP piplining based timing against the FliteThermostat Backend
  • wordlist_generator.py generates wordlists from a give corpus or set of corpuses
  • httplib.py performs efficient asynchronous HTTP requests against the FliteThermostat Backend
@ajxchapman
ajxchapman / wordlist_generator.py
Created Mar 8, 2019
Wordlist generator based on observed words from given URLs
View wordlist_generator.py
import re
import requests
import inflect
seed_urls = [
"http://www.example.com",
]
cookies = {"session" : "2eyhsb2dnZxWRJ9biI6dHJ1ZXr0"}
prefixes = ["get", "set", "get_", "set_"]
@ajxchapman
ajxchapman / README.md
Created Jan 15, 2019
Linux Gateway with WPAD and PAC
View README.md

Linux Gateway with WPAD and PAC

Simple setup to create a Linux gateway on Ubuntu 18.04 that provides WPAD settings via DHCP option 252.

systemctl disable systemd-resolved.service
systemctl stop systemd-resolved
apt update
apt install dnsmasq
unlink /etc/resolv.conf
echo "nameserver 8.8.8.8" > /etc/resolv.conf
@ajxchapman
ajxchapman / burp_extract.py
Created Jan 15, 2019
Extract files from Burp Suite "Save Items" save file
View burp_extract.py
import base64
import os
import sys
search = " ".join(sys.argv[2:]) or None
path = None
with open(sys.argv[1]) as f:
for line in f:
if '<path>' in line:
View pickle.py
import argparse
import pickle
import sys
if sys.version_info < (3, 0, 0):
_exec = None
buff = sys.stdout # Buffer to write binary strings to
else:
import builtins
@ajxchapman
ajxchapman / chrome_screenshot.js
Created Jul 11, 2017
Node script to screenshot web pages using chrome debugging protocol
View chrome_screenshot.js
// npm install chrome-remote-interface minimist
const CDP = require('chrome-remote-interface');
const argv = require('minimist')(process.argv.slice(2));
const file = require('fs');
const spawn = require('child_process').spawn;
const net = require('net');
const crypto = require('crypto');
const url = argv.url || 'https://www.google.com';
const id = argv.id || crypto.createHash('sha256').update(url).digest("hex");