$ ip addr | awk '/: /{sub(":","--",$2); print $2}'
lo--
ens33--
docker0--
haxxinen
haxxinen
/ dll_security_check.py
Created
August 4, 2020 21:22
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import argparse | |
| import os | |
| import pefile | |
| class DllCharacteristics(): | |
| def __init__(self): | |
| self.IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE = False | |
| self.IMAGE_DLLCHARACTERISTICS_WDM_DRIVER = False | |
| self.IMAGE_DLLCHARACTERISTICS_NO_BIND = False |
haxxinen
/ Spotify hosts.
Created
August 4, 2020 13:45
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Spotify | |
| 0.0.0.0 spclient.wg.spotify.com | |
| 0.0.0.0 video-ad-stats.googlesyndication.com | |
| 0.0.0.0 googleads.g.doubleclick.net | |
| 0.0.0.0 partner.googleadservices.com | |
| 0.0.0.0 c.betrad.com | |
| 0.0.0.0 pixel.mathtag.com | |
| 0.0.0.0 cm.g.doubleclick.net | |
| 0.0.0.0 partnerad.l.doubleclick.net | |
| 0.0.0.0 server.adformdsp.net |
haxxinen
/ usernames_gen.py
Created
February 26, 2020 14:24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import sys | |
| if __name__ == "__main__": | |
| if len(sys.argv) != 2: | |
| print("usage: %s names.txt" % (sys.argv[0])) | |
| sys.exit(0) | |
| for line in open(sys.argv[1]): | |
| name = ''.join([c for c in line if c == " " or c.isalpha()]) |
haxxinen
/ ip_all_interfces.md
Created
February 15, 2020 16:03
haxxinen
/ python_xpath.md
Last active
February 15, 2020 16:03
- even root can be privileged and unprivileged
- super-user does not always imply root (
uid == 0) - can run a process as root w/o any capabilities (and the other way around)
- process capabilities have been around for a while (file capabilities is something more recent)
- capabilities are enabled by default in all modern Linux distros (nobody uses them :D - "but the man in the box does...")
- management tools installed by default
- it's really easy to lose file capabilities when moving files around the system (bugs, bugs, bugs...)
$ cat SimpleHTTPServerv6.py
import BaseHTTPServer, SimpleHTTPServer, socket
class SimpleHTTPServer6(BaseHTTPServer.HTTPServer):
address_family=socket.AF_INET6
SimpleHTTPServer.test(ServerClass=SimpleHTTPServer6)
$ SimpleHTTPServerv6.py
$ http http://[::1]:8888
println(hudson.util.Secret.fromString("1234").getEncryptedValue())
Output: {AQAAABAAAAAQc//GkWTtyO8B5f1re53AX+8S0yCRKA8h7ean+y/sQig=}
println(hudson.util.Secret.decrypt('{AQAAABAAAAAQc//GkWTtyO8B5f1re53AX+8S0yCRKA8h7ean+y/sQig=}'))
Output: 1234
# curl -sO https://raw.githubusercontent.com/sleventyeleven/linuxprivchecker/master/linuxprivchecker.py
# pip install 2to3 && 2to3 -w linuxprivchecker.py >/dev/null 2>/dev/null
# apt-get install python-autopep8 -yqq && autopep8 -i linuxprivchecker.py
# sed -i 's/results = out.*/results = out.decode("utf-8").split("\\n")/g' linuxprivchecker.py
# python3 linuxprivchecker.py
haxxinen
/ powershell-is_admin
Created
February 10, 2020 21:16
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator") |
NewerOlder