dso deeso
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # using phusion/baseimage as base image. | |
| FROM phusion/baseimage | |
| # Set correct environment variables. | |
| ENV HOME /root | |
| # Regenerate SSH host keys. baseimage-docker does not contain any | |
| RUN /etc/my_init.d/00_regen_ssh_host_keys.sh | |
| # Use baseimage-docker's init system. |
deeso
/ general_redis_import_program.rs
Created
December 11, 2014 22:52
Practical example of how to use redis-rust and rust multi-tasks to import data into redis. If you use cargo, simple add: "https://github.com/mitsuhiko/redis-rs.git" as a dependency.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| extern crate getopts; | |
| extern crate redis; | |
| extern crate time; | |
| use redis::RedisResult; | |
| use redis::Value as RV; | |
| use redis::Commands; | |
| use std::io::BufferedReader; | |
| use std::char::{is_digit}; | |
| use std::collections::HashMap; |
deeso
/ extract_bytes_from_vtable_names.py
Created
January 25, 2015 01:58
File for extracting bytes from IDA locations. In this case, the IDA names come from copy and pasting from the names window, since I could not figure out a programmatic way to grab the info via IDA Python.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import pickle, idc | |
| def accumulate_names_from_filename (filename): | |
| data = [i.strip().strip("`vtable for'") for i in open(filename).readlines()] | |
| results = [] | |
| for i in data: | |
| address = i.split()[-1] | |
| name = i.split(address)[0].strip() | |
| name = name.replace("`vtable for'", '') | |
| results.append((name, int(address, 16))) |
deeso
/ virsh_dump_script.py
Last active
August 29, 2015 14:19
This script will ssh to a client and execute a command, and then proceed to memory snapshots using the "virsh" command.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys, libvirt, paramiko, subprocess, time, os, threading, select | |
| DATE_FORMAT = "%Y-%m-%d_%H.%M.%S" | |
| # ah the beauty of NFS and circular redirects | |
| # your FS is my FS is the NFS! | |
| BASE_DIR = "/srv/nfs/cortana/logs/" | |
| CMD_DIR = "cmd/" | |
| OUTPUT_DIR = "output" | |
| DATA_DIR = "data" | |
| DUMPS_DIR = "ssldumps" | |
| DEF_HOSTLIST = "hostlist_all_medium.txt" |
deeso
/ connections_example_lib.py
Created
April 27, 2015 17:57
Basic usage of volatility as a library (from way back when, http://dsocon.blogspot.com/2012/08/using-volatility-framework-as-library.html)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # basic recreation of the connections | |
| # command using Volatility Framework | |
| # as a Library | |
| import volatility.conf as conf | |
| import volatility.registry as registry | |
| import volatility.commands as commands | |
| import volatility.win32.network as network | |
| import volatility.utils as utils |
deeso
/ setup_nfs.py
Created
May 4, 2015 01:28
Script that can be used to set-up nfs on a remote host using paramiko
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import paramiko, re, time, sys | |
| def ssh_to_target (hostname, username, password): | |
| client = paramiko.SSHClient() | |
| client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) | |
| client.connect(hostname, username=username, password=password) | |
| return client | |
| def setup_nfs (client, password, cmds): | |
| for cmd in cmds: | |
| transport = client.get_transport() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import paramiko, re, time, sys | |
| def ssh_to_target (hostname, username, password): | |
| client = paramiko.SSHClient() | |
| client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) | |
| client.connect(hostname, username=username, password=password) | |
| return client | |
| def set_hostname(client, password, cmds): | |
| for cmd in cmds: | |
| transport = client.get_transport() |
deeso
/ start_ssl.py
Created
June 5, 2015 23:28
Start or stop SSL VMS, if no parameter is provided start, otherwise stop
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from multiprocessing import Process | |
| import sys, libvirt, paramiko, subprocess, time, os, threading, select, errno | |
| import binascii, subprocess, json, shutil, random, urllib, multiprocessing, re | |
| from datetime import datetime, timedelta | |
| from datetime import datetime | |
| def time_str(): | |
| return str(datetime.now().strftime("%H:%M:%S.%f %m-%d-%Y")) | |
| WORKING_LIST = [] |
deeso
/ keyinfo_to_wireshark.py
Created
June 9, 2015 05:08
this file will convert my custom output to a wireshark input that can be used for TLS decryption.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from multiprocessing import Process | |
| import os, urllib, json | |
| import sys, re, libvirt, paramiko, subprocess, time, os, threading, select, errno | |
| import binascii, subprocess, json, shutil | |
| import multiprocessing | |
| from datetime import datetime | |
| WIRESHARK_PMS_FMT = "PMS_CLIENT_RANDOM {pms} {crandom} {ms}" | |
deeso
/ simple_kvm_mod.py
Created
August 29, 2015 01:22
simple script to build clones of a standard machine
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| new_host = 'python-workx64-{:02d}' | |
| new_mac = '52:55:00:00:00:{:02d}' | |
| file_fmt = "python-workx64-{:02d}.xml" | |
| new_uuid = "<uuid>{}</uuid>" | |
| mac_target = '52:55:00:00:00:7f' | |
| file_replacement = "python-workx64-replaceme" | |
| uuid_replacement = "<uuid>e048e39c-270d-1219-dba5-303b127d443e</uuid>" | |
| data = open(file_replacement+'.xml').read() |