Jonathan Claudius claudijd

## gist:2625441
##Current Wiki Content

$ curl -L get.rvm.io | bash -s stable
$ source ~/.rvm/scripts/rvm
$ rvm install 1.9.3-p125


##Suggestions for Wiki Content

#Set default manually

## gist:2641442
alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS PHP-CGI query string parameter vulnerability"; flow:to_server,established; content:"?"; http_uri; content:"-"; http_uri; distance:0; content:!"="; http_raw_uri; pcre:"/(\.php|\/)\?[\s\+]*\-[A-Za-z]/Ui"; reference:cve,2012-1823; reference:url,eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/; reference:url,varanoid.com/research-alerts/us-cert/vu520827-php-cgi-query-string-parameter-vulnerability/; classtype:web-application-attack; sid:2014704; rev:4;)

## German Translator
def translate_2_german(string)
 string.upcase
end

## DEFCON 20 Slides, Demo Video and Whitepaper Links
#Slide Deck
http://www.slideshare.net/claudijd/defcon-20-stamp-out-hash-corruption-crack-all-the-things

#Video Demonstration
http://www.youtube.com/watch?v=YoD8ebKEiKg&feature=youtu.be

#White Paper
https://t.co/u1zhoJOk

These materials were created by and presented by @reynoldsrb and @claudijd

## sync_fork_with_r7.rb
#Just a simple script to sync master with upstream-master

#Set rapid7 as remote upstream
puts "[+] Setting Rapid7 as upstream remote"
`git remote add upstream git://github.com/rapid7/metasploit-framework.git`

#Get all the upstream changes
puts "[+] Grabbing upstream remote changes"
`git fetch upstream`

## rails_rce.rb
#!/usr/bin/env ruby
#
# Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0156)
#
# ## Advisory
#
#   https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
#
# ## Caveats
#

## gist:5006429
#Testing Code

require 'resolv'
require 'set'

def lookup
p Resolv.getaddress "www.aloharubyconf.com"
end

ips = Set.new

## ssh_bruteforcer.rb
require 'net/ssh'
require 'thread'
require 'timeout'

ips = [
  "192.168.1.80",
  "192.168.1.81",
  "192.168.1.82",
  "192.168.1.83",
]

## export_msf_exploits_to_xml.rb
#!/usr/bin/env ruby
# This code melds together some boiler plate documentation code
# from MSF (1), darkoperator's export to XML resource script (2)
# and a little Nokogiri fun to allow you to export the MSF exploit
# data to XML from outside of MSF console.
#
# References:
# (1) https://github.com/rapid7/metasploit-framework/blob/a731efa5ce43763cb4ee0873bc40140b61f3928a/documentation/samples/framework/dump_module_info.rb
# (2) https://github.com/darkoperator/Meterpreter-Scripts/blob/a38e001c2d50eaaddc82f4397b8074e29621bf83/scripts/resource/exploit_info.rc
#

## barry_dns.rb
# Low-down DNS/HTTP/HTTPS Bruteforcing Script for Barry

require 'resolv'
require 'rest_client'

# SETUP ##############
#
# You need two gems 'resolv' and 'rest_client'
#
# gem install resolv (may be a default in ruby, can't remember)
	##Current Wiki Content

	$ curl -L get.rvm.io \| bash -s stable
	$ source ~/.rvm/scripts/rvm
	$ rvm install 1.9.3-p125


	##Suggestions for Wiki Content

	#Set default manually
	#Slide Deck
	http://www.slideshare.net/claudijd/defcon-20-stamp-out-hash-corruption-crack-all-the-things

	#Video Demonstration
	http://www.youtube.com/watch?v=YoD8ebKEiKg&feature=youtu.be

	#White Paper
	https://t.co/u1zhoJOk

	These materials were created by and presented by @reynoldsrb and @claudijd
	#Just a simple script to sync master with upstream-master

	#Set rapid7 as remote upstream
	puts "[+] Setting Rapid7 as upstream remote"
	`git remote add upstream git://github.com/rapid7/metasploit-framework.git`

	#Get all the upstream changes
	puts "[+] Grabbing upstream remote changes"
	`git fetch upstream`
	#!/usr/bin/env ruby
	#
	# Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0156)
	#
	# ## Advisory
	#
	# https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
	#
	# ## Caveats
	#
	#Testing Code

	require 'resolv'
	require 'set'

	def lookup
	p Resolv.getaddress "www.aloharubyconf.com"
	end

	ips = Set.new
	require 'net/ssh'
	require 'thread'
	require 'timeout'

	ips = [
	"192.168.1.80",
	"192.168.1.81",
	"192.168.1.82",
	"192.168.1.83",
	]
	#!/usr/bin/env ruby
	# This code melds together some boiler plate documentation code
	# from MSF (1), darkoperator's export to XML resource script (2)
	# and a little Nokogiri fun to allow you to export the MSF exploit
	# data to XML from outside of MSF console.
	#
	# References:
	# (1) https://github.com/rapid7/metasploit-framework/blob/a731efa5ce43763cb4ee0873bc40140b61f3928a/documentation/samples/framework/dump_module_info.rb
	# (2) https://github.com/darkoperator/Meterpreter-Scripts/blob/a38e001c2d50eaaddc82f4397b8074e29621bf83/scripts/resource/exploit_info.rc
	#
	# Low-down DNS/HTTP/HTTPS Bruteforcing Script for Barry

	require 'resolv'
	require 'rest_client'

	# SETUP ##############
	#
	# You need two gems 'resolv' and 'rest_client'
	#
	# gem install resolv (may be a default in ruby, can't remember)