This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# using phusion/baseimage as base image. | |
FROM phusion/baseimage | |
# Set correct environment variables. | |
ENV HOME /root | |
# Regenerate SSH host keys. baseimage-docker does not contain any | |
RUN /etc/my_init.d/00_regen_ssh_host_keys.sh | |
# Use baseimage-docker's init system. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
extern crate getopts; | |
extern crate redis; | |
extern crate time; | |
use redis::RedisResult; | |
use redis::Value as RV; | |
use redis::Commands; | |
use std::io::BufferedReader; | |
use std::char::{is_digit}; | |
use std::collections::HashMap; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import pickle, idc | |
def accumulate_names_from_filename (filename): | |
data = [i.strip().strip("`vtable for'") for i in open(filename).readlines()] | |
results = [] | |
for i in data: | |
address = i.split()[-1] | |
name = i.split(address)[0].strip() | |
name = name.replace("`vtable for'", '') | |
results.append((name, int(address, 16))) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import sys, libvirt, paramiko, subprocess, time, os, threading, select | |
DATE_FORMAT = "%Y-%m-%d_%H.%M.%S" | |
# ah the beauty of NFS and circular redirects | |
# your FS is my FS is the NFS! | |
BASE_DIR = "/srv/nfs/cortana/logs/" | |
CMD_DIR = "cmd/" | |
OUTPUT_DIR = "output" | |
DATA_DIR = "data" | |
DUMPS_DIR = "ssldumps" | |
DEF_HOSTLIST = "hostlist_all_medium.txt" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# basic recreation of the connections | |
# command using Volatility Framework | |
# as a Library | |
import volatility.conf as conf | |
import volatility.registry as registry | |
import volatility.commands as commands | |
import volatility.win32.network as network | |
import volatility.utils as utils |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import paramiko, re, time, sys | |
def ssh_to_target (hostname, username, password): | |
client = paramiko.SSHClient() | |
client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) | |
client.connect(hostname, username=username, password=password) | |
return client | |
def setup_nfs (client, password, cmds): | |
for cmd in cmds: | |
transport = client.get_transport() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import paramiko, re, time, sys | |
def ssh_to_target (hostname, username, password): | |
client = paramiko.SSHClient() | |
client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) | |
client.connect(hostname, username=username, password=password) | |
return client | |
def set_hostname(client, password, cmds): | |
for cmd in cmds: | |
transport = client.get_transport() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from multiprocessing import Process | |
import sys, libvirt, paramiko, subprocess, time, os, threading, select, errno | |
import binascii, subprocess, json, shutil, random, urllib, multiprocessing, re | |
from datetime import datetime, timedelta | |
from datetime import datetime | |
def time_str(): | |
return str(datetime.now().strftime("%H:%M:%S.%f %m-%d-%Y")) | |
WORKING_LIST = [] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from multiprocessing import Process | |
import os, urllib, json | |
import sys, re, libvirt, paramiko, subprocess, time, os, threading, select, errno | |
import binascii, subprocess, json, shutil | |
import multiprocessing | |
from datetime import datetime | |
WIRESHARK_PMS_FMT = "PMS_CLIENT_RANDOM {pms} {crandom} {ms}" | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
new_host = 'python-workx64-{:02d}' | |
new_mac = '52:55:00:00:00:{:02d}' | |
file_fmt = "python-workx64-{:02d}.xml" | |
new_uuid = "<uuid>{}</uuid>" | |
mac_target = '52:55:00:00:00:7f' | |
file_replacement = "python-workx64-replaceme" | |
uuid_replacement = "<uuid>e048e39c-270d-1219-dba5-303b127d443e</uuid>" | |
data = open(file_replacement+'.xml').read() |