dso deeso

## simple_kvm_mod.py
new_host = 'python-workx64-{:02d}'
new_mac = '52:55:00:00:00:{:02d}'
file_fmt = "python-workx64-{:02d}.xml"
new_uuid = "<uuid>{}</uuid>"

mac_target = '52:55:00:00:00:7f'
file_replacement = "python-workx64-replaceme"
uuid_replacement = "<uuid>e048e39c-270d-1219-dba5-303b127d443e</uuid>"

data = open(file_replacement+'.xml').read()

## rename_hosts.py
import paramiko, re, time

script_target = '/srv/nfs/cortana/logs/cmd/modify_host.py'
script_data= '''data = open('/etc/hosts').read()
name = open('/etc/hostname').read().strip()
new_data = data.replace('python-workx64-replaceme', name)
open('/etc/hosts', 'w').write(new_data)'''

open(script_target, 'w').write(script_data)

## r2_walk_fcn_bbs.py
def flush(c):
    k = c.cons
    k.flush()

def exec_(c, cmd):
    c.cmd0(cmd)
    k = c.cons
    k.flush()

import ctypes

## basic_cmtlt_test.r2
wx cafebabe0000003200310700020100167261646172652f53696d706c654c54436f6d706172650700040100106a6176612f6c616e672f4f626a65637401000178010001490100083c636c696e69743e010003282956010004436f6465090001000b0c0005000601000f4c696e654e756d6265725461626c650100124c6f63616c5661726961626c655461626c650100063c696e69743e0a000300100c000e0008010004746869730100184c7261646172652f53696d706c654c54436f6d706172653b01000c73696d706c655f6c74636d7001000528494929490100036c6873010003726873010001750100017001000d537461636b4d61705461626c6501001073696d706c655f6c74636d705f73657401001b73696d706c655f6c74636d705f7365745f6e6f745f73746174696301001773696d706c655f6c74636d705f7365745f7374617469630100046d61696e010016285b4c6a6176612f6c616e672f537472696e673b295609002000220700210100106a6176612f6c616e672f53797374656d0c002300240100036f75740100154c6a6176612f696f2f5072696e7453747265616d3b0a000100260c001300140a0028002a0700290100136a6176612f696f2f5072696e7453747265616d0c002b002c0100077072696e746c6e01000428492956010004617267730100135b4c6a6176612f6c616e672f537472696

## Basic R2 Util Call
use std::libc::c_int;
use std::io::println;

#[link(name= "r_util")]

extern {
        fn r_file_exists(str: &'static str) -> c_int;
}

fn main() {

## server.rs
extern crate getopts;
use getopts::{optflag,getopts,OptGroup, usage, reqopt, optopt};
use std::string::{String};
use std::os;


use std::io::{TcpListener, TcpStream};
use std::io::{Acceptor, Listener};


## vmkit.docker
# using phusion/baseimage as base image.
FROM phusion/baseimage

# Set correct environment variables.
ENV HOME /root

# Regenerate SSH host keys. baseimage-docker does not contain any
RUN /etc/my_init.d/00_regen_ssh_host_keys.sh

# Use baseimage-docker's init system.

## extract_bytes_from_vtable_names.py
import pickle, idc

def accumulate_names_from_filename (filename):
    data = [i.strip().strip("`vtable for'") for i in open(filename).readlines()]
    results = []
    for i in data:
        address = i.split()[-1]
        name = i.split(address)[0].strip()
        name = name.replace("`vtable for'", '')
        results.append((name, int(address, 16)))

## virsh_dump_script.py
import sys, libvirt, paramiko, subprocess, time, os, threading, select
DATE_FORMAT = "%Y-%m-%d_%H.%M.%S"
# ah the beauty of NFS and circular redirects
# your FS is my FS is the NFS!
BASE_DIR = "/srv/nfs/cortana/logs/"
CMD_DIR = "cmd/"
OUTPUT_DIR = "output"
DATA_DIR = "data"
DUMPS_DIR = "ssldumps"
DEF_HOSTLIST = "hostlist_all_medium.txt"

## connections_example_lib.py
# basic recreation of the connections
# command using Volatility Framework
# as a Library

import volatility.conf as conf
import volatility.registry as registry
import volatility.commands as commands
import volatility.win32.network as network
import volatility.utils as utils
	new_host = 'python-workx64-{:02d}'
	new_mac = '52:55:00:00:00:{:02d}'
	file_fmt = "python-workx64-{:02d}.xml"
	new_uuid = "<uuid>{}</uuid>"

	mac_target = '52:55:00:00:00:7f'
	file_replacement = "python-workx64-replaceme"
	uuid_replacement = "<uuid>e048e39c-270d-1219-dba5-303b127d443e</uuid>"

	data = open(file_replacement+'.xml').read()
	import paramiko, re, time

	script_target = '/srv/nfs/cortana/logs/cmd/modify_host.py'
	script_data= '''data = open('/etc/hosts').read()
	name = open('/etc/hostname').read().strip()
	new_data = data.replace('python-workx64-replaceme', name)
	open('/etc/hosts', 'w').write(new_data)'''

	open(script_target, 'w').write(script_data)
	def flush(c):
	k = c.cons
	k.flush()

	def exec_(c, cmd):
	c.cmd0(cmd)
	k = c.cons
	k.flush()

	import ctypes
	use std::libc::c_int;
	use std::io::println;

	#[link(name= "r_util")]

	extern {
	fn r_file_exists(str: &'static str) -> c_int;
	}

	fn main() {
	extern crate getopts;
	use getopts::{optflag,getopts,OptGroup, usage, reqopt, optopt};
	use std::string::{String};
	use std::os;


	use std::io::{TcpListener, TcpStream};
	use std::io::{Acceptor, Listener};
	# using phusion/baseimage as base image.
	FROM phusion/baseimage

	# Set correct environment variables.
	ENV HOME /root

	# Regenerate SSH host keys. baseimage-docker does not contain any
	RUN /etc/my_init.d/00_regen_ssh_host_keys.sh

	# Use baseimage-docker's init system.
	import pickle, idc

	def accumulate_names_from_filename (filename):
	data = [i.strip().strip("`vtable for'") for i in open(filename).readlines()]
	results = []
	for i in data:
	address = i.split()[-1]
	name = i.split(address)[0].strip()
	name = name.replace("`vtable for'", '')
	results.append((name, int(address, 16)))
	import sys, libvirt, paramiko, subprocess, time, os, threading, select
	DATE_FORMAT = "%Y-%m-%d_%H.%M.%S"
	# ah the beauty of NFS and circular redirects
	# your FS is my FS is the NFS!
	BASE_DIR = "/srv/nfs/cortana/logs/"
	CMD_DIR = "cmd/"
	OUTPUT_DIR = "output"
	DATA_DIR = "data"
	DUMPS_DIR = "ssldumps"
	DEF_HOSTLIST = "hostlist_all_medium.txt"
	# basic recreation of the connections
	# command using Volatility Framework
	# as a Library

	import volatility.conf as conf
	import volatility.registry as registry
	import volatility.commands as commands
	import volatility.win32.network as network
	import volatility.utils as utils