joswr1ght

" Insert the template file for an Asciidoc listing. This file is essentially
" this text:
" .Caption
" [[listing-]]
" [subs="+quotes,+replacements"]
" ----
" 
" ----
" Customize the file and the file path as needed.
function! InsertAsciidocListing()

joswr1ght

grep -v '^#' /usr/local/Cellar/nmap/7.92/share/nmap/nmap-services | grep '/tcp' | sort -r -k3 | awk '{print $2}' | sed 's,/tcp,,' | head -40 | sort -n | gsed -z 's/\n/,/g;s/,$/\n/'

joswr1ght

#!/usr/bin/env python3
# MLA Style: Capitalization
#
# ref: https://libguides.pvcc.edu/citationstyles/mla9-capitalization
#
# In a title or a subtitle, capitalize the first word, the last word, and all
# principal words, including those that follow hyphens in compound terms.
# Therefore, capitalize the following parts of speech:
#
# Nouns (e.g., flowers, as in The Flowers of Europe)

joswr1ght

#!/usr/bin/env python3
import csv
import sys
import os

if (len(sys.argv) == 1):
    sys.stderr.write(
        f"Usage: {os.path.basename(sys.argv[0])} <nessus-csv-file>\n")
    sys.exit(1)

joswr1ght

#!/usr/bin/env python3
# Using one or more adoc files, build a list of all document attributes,
# then search for typo'd or undefined references to the attributes.
#
# 2022-03-18
# Copyright (c) 2022 Joshua Wright <jwright@hasborg.com>
# LICENSE: GPL 3.0

import sys
import os

joswr1ght

MIFARE DESFire AID Mapping

Entered here for prosperity and so I don't have to search for this ever again.

The MIFARE DESFire Application Identifier (AID) is a 3-byte value that represents the application ID used for RFID functionality that holds files. This can be a MIFARE Classic AID structure (2 bytes) adapted for use with the expanded MIFARE DESFire AID (3 bytes).

https://www.nxp.com/docs/en/application-note/AN10787.pdf

A 2-byte MIFARE Classic AID adapted to MIFARE DESFire uses a leading nibble of 0xf and a trailing nibble of 0x0 - 0xf. The middle 2 bytes are the MIFARE Classic AID. ex., 0x7009 is the Timelox AB MIFARE Classic AID; 0xf7009x is the adapted AID for MIFARE DESFire.

joswr1ght

#!/bin/sh
# Specify a starting directory as the first command-line argument to search for
# log4shell-style attack patterns.
grep -E -i -r '\$\{jndi:(ldap[s]?|rmi|dns):/[^\n]+' $1

joswr1ght

Yule Log4Jack Help

Hi, Josh Wright here. I'm the technical director for the Holiday Hack Challenge. We don't normally break the 4th wall like this, but we think this Log4j vulnerability calls for special measures to give you the information you need to assess, identify, and mitigate this vulnerability.

In this challenge, Icky McGoop asks for your help in exploiting a Java Solr server at http://solrpower.kringlecastle.com:8983. This server is vulnerable to the Log4shell vulnerability. Your goal is to exploit the server and get a

joswr1ght

#!/bin/bash

REQUIREDUTILS="jq zcat mktemp sort uniq rm"

# Run program and test exit status to ensure success
function runtst {
    "$@"
    local status=$?
    if (( status != 0 )); then
        echo "error running command" >&2

joswr1ght

$ aws --profile falsimentis --region us-west-1 ec2 describe-instances | jq -jr '.Reservations[] | .Instances[] | "\"", (.PublicIpAddress), "\":\"", (.Tags[] | select(.Key=="Name")|.Value),"\",\n"'
"54.183.200.32":"Web Server 3",
"13.56.160.248":"VPC NAT Backup",
"13.57.148.101":"VPC NAT",
"54.153.36.229":"Dev Webserver",
"52.52.159.114":"Web Server 2",
"null":"DB Server 1",
"54.241.78.206":"Web Server 1",
"54.219.245.27":"Web Server 4",
$ cat ec2-describe-instances.json | jq -jr '.Reservations[] | .Instances[] | "\"", (.NetworkInterfaces[] | .PrivateIpAddress), "\":\"", (.Tags[] | select(.Key=="Name")|.Value),"\",\n"'