Skip to content

Instantly share code, notes, and snippets.

Daniel Miller bonsaiviking

Block or report user

Report or block bonsaiviking

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
bonsaiviking /
Created Jun 13, 2013
Pure-python SHA-2 implementation, including all FIPS 180-2 specified variants (SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, and SHA-512/256)
#!/usr/bin/env python
import struct
def rightrotate(i, n, wsize):
return ((i << (wsize-n)) & (2**wsize-1)) | (i >> n)
class SHA2(object):
"""Abstract class for SHA-2 variants"""
def __init__(self):
bonsaiviking /
Created May 24, 2013
Simple MD4 digest implementation in pure Python
#!/usr/bin/env python
import struct
def leftrotate(i, n):
return ((i << n) & 0xffffffff) | (i >> (32 - n))
def F(x,y,z):
return (x & y) | (~x & z)
def G(x,y,z):
bonsaiviking /
Created May 23, 2013
SHA1 implementation in pure Python
#!/usr/bin/env python
import struct
def leftrotate(i, n):
return ((i << n) & 0xffffffff) | (i >> (32 - n))
class SHA1(object):
def __init__(self, data=""):
self.h = [
bonsaiviking /
Last active Nov 15, 2019
A simple/simplistic implementation of AES in pure Python.
#My AES implementation
# By Daniel Miller
def xor(s1, s2):
return tuple(a^b for a,b in zip(s1, s2))
class AES(object):
class __metaclass__(type):
def __init__(cls, name, bases, classdict):
cls.Gmul = {}
bonsaiviking / test.nse
Created Feb 1, 2013
Minimal test script for Nmap's NSE script testing. Can be run simply with `nmap --script=test.nse` and no further arguments.
View test.nse
description = [[Minimal framework for testing NSE scripts. Modify as needed.]]
author = "Daniel Miller"
license = "Same as Nmap--See"
categories = {"testing"}
prerule = function() return true end
bonsaiviking /
Created Jan 31, 2013
Finding headless shells
#!/usr/bin/perl -an
# One-liner version:
# lsof -d txt,0,1,2 | perl -anE'push@g,$F[1]if$F[4]eq"CHR"and$F[8]=~/^.dev.[pt]t[sy]/;$t{$F[1]}=$_ if$F[3]eq"txt"and$F[8]=~/^.(usr.)?bin.((b|d)?a|z|k|c|tc)*sh/;END{delete$t{$_}for@g;say values%t}'
# store the PID of processes that use a PTY/TTY for STDIN, STDOUT, or STDERR
push @g, $F[1] if $F[4] eq "CHR" and $F[8]=~/^.dev.[pt]t[sy]/;
# Store the whole line if the txt file descriptor is a shell
$t{$F[1]}=$_ if $F[3] eq "txt" and $F[8]=~/^.(usr.)?bin.((b|d)?a|z|k|c|tc)*sh/;
bonsaiviking / printbomb.nse
Created Oct 5, 2012
NSE script for printing crap to PJL printers. Don't run this, please. Lots of improvements possible, too.
View printbomb.nse
description = [[
Print a bunch of pages.
author = "Daniel Miller"
license = "Same as Nmap--See"
categories = {"intrusive", "dos"}
bonsaiviking /
Created Jul 17, 2012
Rate TLS ciphers similar to's ranking system
use strict;
use warnings;
use 5.012;
my %kex_scores = (
NULL => 0,
anon => 0,
EXPORT => 40,
bonsaiviking / slammer.nse
Created Jul 16, 2012
Nmap script launcher for SQL Slammer worm
View slammer.nse
local nmap = require "nmap"
local shortport = require "shortport"
local bin = require "bin"
description = [[Sends the SQL Slammer worm to a host.
If vulnerable, it will attempt to propagate to other IP addresses.
DO NOT RUN THIS SCRIPT ON THE INTERNET. For use in closed environments
for educational purpose only.]]
license = "Same as Nmap--See"
bonsaiviking / gist:3077294
Created Jul 9, 2012
Nmap's dns-zone-transfer meets
View gist:3077294
$ nmap --script dns-zone-transfer --script-args -p 53 -Pn $(dig +short NS | head -1)
Starting Nmap 6.02 ( ) at 2012-07-09 10:50 CDT
Nmap scan report for (
Host is up (0.033s latency).
rDNS record for
53/tcp open domain
| dns-zone-transfer:
You can’t perform that action at this time.