bcoles

## linux-pam-backdoor-detect.sh
#!/bin/bash
# Detect PAM backdoors created by linux-pam-backdoor:
#   https://github.com/zephrax/linux-pam-backdoor
#
# Note: this will likely only work with PAM version 1.3.0.
# ---
# $ ./backdoor.sh -v 1.3.0 -p some_s3cr3t_p455word
# Automatic PAM Backdoor
# PAM Version: 1.3.0
# Password: some_s3cr3t_p455word

## 7zip-jtr.sh
#!/bin/bash
# 7zip-JTR Decrypt Script
#
# Clone of JTR Decrypt Scripts by synacl modified for 7zip
# - RAR-JTR Decrypt Script - https://synacl.wordpress.com/2012/02/10/using-john-the-ripper-to-crack-a-password-protected-rar-archive/
# - ZIP-JTR Decrypt Script - https://synacl.wordpress.com/2012/08/18/decrypting-a-zip-using-john-the-ripper/

echo "7zip-JTR Decrypt Script";
if [ $# -ne 2 ]
then

## http-vivotek-camera-info.nse
description = [[
Attempts to retrieve the configuration settings from a Vivotek network camera.
The information is retrieved from "/cgi-bin/admin/getparamjs.cgi" which is not
available on all models.

The web administration interface runs on port 80 by default.
]]

---
-- @usage

## Life.HC.Z
// Conway's Game of Life in HolyC for TempleOS
// Ported from Rosetta Code. Original C Source:
// - http://rosettacode.org/wiki/Conway's_Game_of_Life#C

#define WIDTH  60
#define HEIGHT 40
#define SLEEP  100

U32 Universe[HEIGHT][WIDTH];
U64 COUNT;

## nntp-options.nse
description = [[
Retrieves the available commands and banners from a listening NNTP daemon.

The Network News Transfer Protocol (NNTP) is an Internet application protocol used for transporting Usenet news articles (netnews) between news servers and for reading and posting articles by end user client applications.

For more information about NNTP, see:
http://tools.ietf.org/html/rfc3977
http://tools.ietf.org/html/rfc6048
http://en.wikipedia.org/wiki/Network_News_Transfer_Protocol
]]

## http-polycom-soundpoint-info.nse
description = [[
Attempts to retrieve the configuration settings from a Polycom SoundPoint VoIP
phone. The information is retrieved from "/reg_1.htm" and "/reg_2.htm" which is
only available when authentication is disabled.

The web administration interface runs on port 80 by default.
]]

---
-- @usage

## http-carel-data-server-users.nse
description = [[
Attempts to retrieve all valid usernames from the HTTP component of Carel
Pl@ntVisor (CarelDataServer.exe).
]]

---
-- @usage
-- nmap --script http-carel-data-server-users -p <port> <host>
--
-- @output

## http-server.nse
description = [[
Retrieves all HTTP "server" headers.
]]

---
-- @usage
-- nmap --script http-server -p <port> <host>
--
-- @output
-- PORT   STATE SERVICE REASON

## acarsd-info.nse
description = [[
Retrieves information from a listening acarsd daemon.

acarsd is an ACARS decoder for a Linux or Windows PC which attempts to decode ACARS transmissions in real-time. The information retrieved includes the daemon version, API version, administrator e-mail address and listening frequency.

For more information about acarsd, see:
* http://www.acarsd.org/
]]

---

## crt.sh
#!/bin/bash
# List sub-domains using crt.sh
set -euo pipefail
IFS=$'\n\t'

error() {
  echo "[ERROR] $*"
  exit 1
}
	#!/bin/bash
	# Detect PAM backdoors created by linux-pam-backdoor:
	# https://github.com/zephrax/linux-pam-backdoor
	#
	# Note: this will likely only work with PAM version 1.3.0.
	# ---
	# $ ./backdoor.sh -v 1.3.0 -p some_s3cr3t_p455word
	# Automatic PAM Backdoor
	# PAM Version: 1.3.0
	# Password: some_s3cr3t_p455word
	#!/bin/bash
	# 7zip-JTR Decrypt Script
	#
	# Clone of JTR Decrypt Scripts by synacl modified for 7zip
	# - RAR-JTR Decrypt Script - https://synacl.wordpress.com/2012/02/10/using-john-the-ripper-to-crack-a-password-protected-rar-archive/
	# - ZIP-JTR Decrypt Script - https://synacl.wordpress.com/2012/08/18/decrypting-a-zip-using-john-the-ripper/

	echo "7zip-JTR Decrypt Script";
	if [ $# -ne 2 ]
	then
	description = [[
	Attempts to retrieve the configuration settings from a Vivotek network camera.
	The information is retrieved from "/cgi-bin/admin/getparamjs.cgi" which is not
	available on all models.

	The web administration interface runs on port 80 by default.
	]]

	---
	-- @usage
	// Conway's Game of Life in HolyC for TempleOS
	// Ported from Rosetta Code. Original C Source:
	// - http://rosettacode.org/wiki/Conway's_Game_of_Life#C

	#define WIDTH 60
	#define HEIGHT 40
	#define SLEEP 100

	U32 Universe[HEIGHT][WIDTH];
	U64 COUNT;
	description = [[
	Retrieves the available commands and banners from a listening NNTP daemon.

	The Network News Transfer Protocol (NNTP) is an Internet application protocol used for transporting Usenet news articles (netnews) between news servers and for reading and posting articles by end user client applications.

	For more information about NNTP, see:
	http://tools.ietf.org/html/rfc3977
	http://tools.ietf.org/html/rfc6048
	http://en.wikipedia.org/wiki/Network_News_Transfer_Protocol
	]]
	description = [[
	Attempts to retrieve the configuration settings from a Polycom SoundPoint VoIP
	phone. The information is retrieved from "/reg_1.htm" and "/reg_2.htm" which is
	only available when authentication is disabled.

	The web administration interface runs on port 80 by default.
	]]

	---
	-- @usage
	description = [[
	Attempts to retrieve all valid usernames from the HTTP component of Carel
	Pl@ntVisor (CarelDataServer.exe).
	]]

	---
	-- @usage
	-- nmap --script http-carel-data-server-users -p <port> <host>
	--
	-- @output
	description = [[
	Retrieves all HTTP "server" headers.
	]]

	---
	-- @usage
	-- nmap --script http-server -p <port> <host>
	--
	-- @output
	-- PORT STATE SERVICE REASON
	description = [[
	Retrieves information from a listening acarsd daemon.

	acarsd is an ACARS decoder for a Linux or Windows PC which attempts to decode ACARS transmissions in real-time. The information retrieved includes the daemon version, API version, administrator e-mail address and listening frequency.

	For more information about acarsd, see:
	* http://www.acarsd.org/
	]]

	---
	#!/bin/bash
	# List sub-domains using crt.sh
	set -euo pipefail
	IFS=$'\n\t'

	error() {
	echo "[ERROR] $*"
	exit 1
	}