I hereby claim:
- I am bcoles on github.
- I am bcoles (https://keybase.io/bcoles) on keybase.
- I have a public key whose fingerprint is A2F9 D7FB E728 71FF AC5B 9967 3EB7 00FC FBA8 99B5
To claim this, I am signing this object:
bcoles
/ cain-wifi-export-to-csv.rb
Created
August 5, 2017 17:47
Cain Wireless Scanner export to CSV
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| ################################################################################ | |
| # Cain Wireless Scanner export to CSV # | |
| # ----------------------------------- # | |
| # This script takes a text file of wireless networks exported from Cain # | |
| # and converts it to CSV. # | |
| ################################################################################ | |
| # ~ bcoles | |
| require 'csv' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| ################################################################################ | |
| # BearWare TeamTalk login brute force # | |
| # # | |
| # Tested on TeamTalk versions 5.2.2.4885 and 5.2.3.4893 # | |
| # # | |
| # Note: SSL support is implemented but untested # | |
| ################################################################################ | |
| # ~ bcoles |
bcoles
/ miller-fuzz.rb
Created
July 9, 2017 21:19
A Ruby port of Charlie Miller's infamous 5 line Python dumb fuzzer
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| # | |
| # A Ruby port of Charlie Miller's infamous 5 line Python dumb fuzzer | |
| # ~ bcoles | |
| =begin | |
| # Original Python code: | |
| numwrites = random.randrange(math.ceil((float(len(buf)) / FuzzFactor))) + 1 | |
| for j in range(numwrites): | |
| rbyte = random.randrange(256) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| ################################################### | |
| # ----------------------------------------------- # | |
| # Fuzz pdf-reader Ruby gem with mutated PDF files # | |
| # ----------------------------------------------- # | |
| # # | |
| # Each test case is written to 'fuzz.pdf' in the # | |
| # current working directory. # | |
| # # | |
| # Crashes and the associated backtrace are saved # |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| # | |
| # MSF RPC login brute force | |
| # | |
| require 'msfrpc-client' | |
| require 'thread' | |
| MAX_THREADS = 3 | |
| puts 'MSF RPC login brute force' |
bcoles
/ msfrpcd-rce.rb
Created
July 5, 2017 14:55
Metasploit RPC post-auth command execution exploit
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| ################################################################################ | |
| # Metasploit RPC post-auth command execution exploit # | |
| ################################################################################ | |
| # ~ bcoles | |
| require 'msfrpc-client' # gem install msfrpc-client | |
| require 'base64' | |
| @host = '127.0.0.1' |
bcoles
/ keybase.md
Created
June 29, 2017 13:49
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ################################################################################ | |
| # VMware Workstation Local Privilege Escalation exploit (CVE-2017-4915) # | |
| # - https://www.vmware.com/security/advisories/VMSA-2017-0009.html # | |
| # - https://www.exploit-db.com/exploits/42045/ # | |
| # # | |
| # Affects: # | |
| # - VMware Workstation Player <= 12.5.5 # | |
| # - VMware Workstation Pro <= 12.5.5 # | |
| ################################################################################ |
bcoles
/ msfrpc-client-search.rb
Last active
January 14, 2018 14:13
Searches Metasploit modules for a keyword using msfrpc-client Ruby library
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| # [ Example code - Don't use in production ] | |
| # | |
| # Searches Metasploit modules for a keyword using msfrpc-client Ruby library | |
| # | |
| # Start msfrpcd from msfconsole like this, but with a more secure password: | |
| # load msgrpc ServerHost=127.0.0.1 Pass=abc123 SSL=y | |
| # | |
| require 'msfrpc-client' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| # Reverse /etc/services | |
| # Returns Hash of services and ports with service names as Hash keys | |
| services = {} | |
| File.read('/etc/services').each_line do |line| | |
| next if line.strip == '' # remove blank lines | |
| next if line.start_with?('#') # remove comment lines |