Skip to content

Instantly share code, notes, and snippets.

@bonsaiviking
bonsaiviking / sha2.py
Created Jun 13, 2013
Pure-python SHA-2 implementation, including all FIPS 180-2 specified variants (SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, and SHA-512/256)
View sha2.py
#!/usr/bin/env python
import struct
def rightrotate(i, n, wsize):
return ((i << (wsize-n)) & (2**wsize-1)) | (i >> n)
class SHA2(object):
"""Abstract class for SHA-2 variants"""
def __init__(self):
@bonsaiviking
bonsaiviking / md4.py
Created May 24, 2013
Simple MD4 digest implementation in pure Python
View md4.py
#!/usr/bin/env python
import struct
def leftrotate(i, n):
return ((i << n) & 0xffffffff) | (i >> (32 - n))
def F(x,y,z):
return (x & y) | (~x & z)
def G(x,y,z):
@bonsaiviking
bonsaiviking / sha1.py
Created May 23, 2013
SHA1 implementation in pure Python
View sha1.py
#!/usr/bin/env python
import struct
def leftrotate(i, n):
return ((i << n) & 0xffffffff) | (i >> (32 - n))
class SHA1(object):
def __init__(self, data=""):
self.h = [
@bonsaiviking
bonsaiviking / aes.py
Last active Nov 15, 2019
A simple/simplistic implementation of AES in pure Python.
View aes.py
#My AES implementation
# By Daniel Miller
def xor(s1, s2):
return tuple(a^b for a,b in zip(s1, s2))
class AES(object):
class __metaclass__(type):
def __init__(cls, name, bases, classdict):
cls.Gmul = {}
@bonsaiviking
bonsaiviking / test.nse
Created Feb 1, 2013
Minimal test script for Nmap's NSE script testing. Can be run simply with `nmap --script=test.nse` and no further arguments.
View test.nse
description = [[Minimal framework for testing NSE scripts. Modify as needed.]]
author = "Daniel Miller"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"testing"}
prerule = function() return true end
@bonsaiviking
bonsaiviking / headless.pl
Created Jan 31, 2013
Finding headless shells
View headless.pl
#!/usr/bin/perl -an
# One-liner version:
# lsof -d txt,0,1,2 | perl -anE'push@g,$F[1]if$F[4]eq"CHR"and$F[8]=~/^.dev.[pt]t[sy]/;$t{$F[1]}=$_ if$F[3]eq"txt"and$F[8]=~/^.(usr.)?bin.((b|d)?a|z|k|c|tc)*sh/;END{delete$t{$_}for@g;say values%t}'
# store the PID of processes that use a PTY/TTY for STDIN, STDOUT, or STDERR
push @g, $F[1] if $F[4] eq "CHR" and $F[8]=~/^.dev.[pt]t[sy]/;
# Store the whole line if the txt file descriptor is a shell
$t{$F[1]}=$_ if $F[3] eq "txt" and $F[8]=~/^.(usr.)?bin.((b|d)?a|z|k|c|tc)*sh/;
@bonsaiviking
bonsaiviking / printbomb.nse
Created Oct 5, 2012
NSE script for printing crap to PJL printers. Don't run this, please. Lots of improvements possible, too.
View printbomb.nse
description = [[
Print a bunch of pages.
]]
author = "Daniel Miller"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"intrusive", "dos"}
@bonsaiviking
bonsaiviking / cipherstrength.pl
Created Jul 17, 2012
Rate TLS ciphers similar to ssllabs.com's ranking system
View cipherstrength.pl
#!/usr/bin/perl
use strict;
use warnings;
use 5.012;
my %kex_scores = (
NULL => 0,
anon => 0,
EXPORT => 40,
@bonsaiviking
bonsaiviking / slammer.nse
Created Jul 16, 2012
Nmap script launcher for SQL Slammer worm
View slammer.nse
local nmap = require "nmap"
local shortport = require "shortport"
local bin = require "bin"
description = [[Sends the SQL Slammer worm to a host.
If vulnerable, it will attempt to propagate to other IP addresses.
DO NOT RUN THIS SCRIPT ON THE INTERNET. For use in closed environments
for educational purpose only.]]
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
@bonsaiviking
bonsaiviking / gist:3077294
Created Jul 9, 2012
Nmap's dns-zone-transfer meets zonetransfer.me
View gist:3077294
$ nmap --script dns-zone-transfer --script-args dns-zone-transfer.domain=zonetransfer.me -p 53 -Pn $(dig +short zonetransfer.me NS | head -1)
Starting Nmap 6.02 ( http://nmap.org ) at 2012-07-09 10:50 CDT
Nmap scan report for ns12.zoneedit.com. (209.62.64.46)
Host is up (0.033s latency).
rDNS record for 209.62.64.46: ns12.zoneedit.com
PORT STATE SERVICE
53/tcp open domain
| dns-zone-transfer:
| zonetransfer.me. SOA ns16.zoneedit.com. soacontact.zoneedit.com.
You can’t perform that action at this time.