Skip to content

Instantly share code, notes, and snippets.

@bonsaiviking
bonsaiviking / tls-hellofirst.nse
Created Mar 25, 2015
tls-hellofirst - Audit TLS implementations for handshake reversal. https://twitter.com/bonsaiviking/status/580727089944518656
View tls-hellofirst.nse
local nmap = require "nmap"
local shortport = require "shortport"
local stdnse = require "stdnse"
local table = require "table"
local bin = require "bin"
local tls = require "tls"
description = [[
Tries to confuse a TLS server into sending a ClientHello by first sending a HelloRequest.
@bonsaiviking
bonsaiviking / ssl-poodle.md
Last active Aug 29, 2015
Nmap NSE script for detecting POODLE-vulnerable servers (SSLv3 with CBC ciphersuites)
View ssl-poodle.md
@bonsaiviking
bonsaiviking / service_fp.nse
Created Oct 1, 2014
turn a service_fp blob into binary blob
View service_fp.nse
local lpeg = require "lpeg"
local U = require "lpeg-utility"
local getquote = U.escaped_quote()
local unescape = lpeg.P ( {
lpeg.Cs((lpeg.V "simple_char" + lpeg.V "unesc")^0),
esc = lpeg.P "\\",
simple_char = lpeg.P(1) - lpeg.V "esc",
unesc = (lpeg.V "esc" * lpeg.Cs( lpeg.V "esc" + lpeg.V "specials" + lpeg.V "code" + lpeg.P(1) ))/"%1",
specials = lpeg.S "trn0" / {t="\t", r="\r", n="\n", ["0"]="\0"},
@bonsaiviking
bonsaiviking / progress.sh
Created Jun 6, 2014
Display progress reading/writing a file according to position information on the file descriptor.
View progress.sh
#!/bin/bash
# Usage: progress.sh $(pgrep myprocess) $FD_NUMBER
# Find $FD_NUMBER by doing: ls -l /proc/$(pgrep myprocess)/fd/
fd=/proc/$1/fd/$2
fdinfo=/proc/$1/fdinfo/$2
name=$(readlink $fd)
size=$(wc -c $fd | awk '{print $1}')
while [ -e $fd ]; do
@bonsaiviking
bonsaiviking / NmapHeartbleed.md
Last active Jan 25, 2019
Guide to using Nmap to scan for the Heartbleed bug.
View NmapHeartbleed.md

Requirements

  1. Nmap. The script requires version 6.25 or newer. The latest version, 6.47, already includes the next 3 dependencies, so you can skip directly to the Scanning section below.
    • An easy way to get the latest Nmap release is to use Kali Linux.
    • Binary installers are available for Windows.
    • RPM installer available for Linux, or install from source.
    • .dmg installer available for Mac OS X.
  2. tls.lua. The script requires this Lua library for TLS handshaking.
  3. ssl-heartbleed.nse. This is the script itself.
@bonsaiviking
bonsaiviking / nmap-check.sh
Created Apr 9, 2014
Check for bugs and code quality issues in Nmap source files.
View nmap-check.sh
#!/bin/bash
PEP8=$(which pep8)
if [ -z $PEP8 ]; then
echo "No pep8 in your path. Skipping Python checks"
else
for file in $(find "$@" -name '*.py'); do
OUTPUT=$(mktemp)
"$PEP8" -r "$file" > "$OUTPUT"
@bonsaiviking
bonsaiviking / tls-extended-random.nse
Last active Aug 29, 2015
Nmap NSE script to check for TLS Extended Random support. Requires Nmap (http://nmap.org) and the latest version of the tls.lua library from https://svn.nmap.org/nmap/nselib/tls.lua
View tls-extended-random.nse
local nmap = require "nmap"
local shortport = require "shortport"
local stdnse = require "stdnse"
local bin = require "bin"
local tls = require "tls"
description = [[
Checks for server support of the Extended Random TLS extension, which was
allegedly created to make exploitation of the Dual EC DRBG weakness easier. The
extension was never widely adopted, and IANA did not assign an ExtensionType
@bonsaiviking
bonsaiviking / lua.vim
Last active Dec 10, 2018
A Vim indent file for the Lua scripting language. Install as ~/.vim/indent/lua.vim
View lua.vim
" Vim indent file
" Language: Lua
" Maintainer: Daniel Miller <daniel@bonsaiviking.com>
" Original Author: Daniel Miller <daniel@bonsaiviking.com>
" Last Change: 2014 Feb 6
" Only load this indent file when no other was loaded.
if exists("b:did_indent")
finish
endif
@bonsaiviking
bonsaiviking / pre-commit
Last active Jan 4, 2016
Pre-commit git hook for Nmap (WIP)
View pre-commit
#!/bin/bash
#
# An example hook script to verify what is about to be committed.
# Called by "git commit" with no arguments. The hook should
# exit with non-zero status after issuing an appropriate message if
# it wants to stop the commit.
#
if git rev-parse --verify HEAD >/dev/null 2>&1
then
@bonsaiviking
bonsaiviking / cli_zenmap_png.py
Created Dec 20, 2013
YMMV, but this should export a PNG of a zenmap topology from a Nmap XML file
View cli_zenmap_png.py
#!/usr/bin/env python
import sys
if len(sys.argv) != 4:
print """{0} - Output a PNG from Nmap XML
Usage: {0} <scan.xml> <out.png> <width_in_pixels>""".format(sys.argv[0])
sys.exit(1)
try:
You can’t perform that action at this time.