Skip to content

Instantly share code, notes, and snippets.

Avatar
[hip, hip]

Leon Jacobs leonjza

[hip, hip]
View GitHub Profile
@leonjza
leonjza / h1.sh
Created February 15, 2023 19:59
Search HackerOne for Bounty Programs
View h1.sh
# search h1 bounty programs
#
# 2023 @leonjza
#
# you need to grab a cookie and x-csrf-token value.
# one way to do that is (without auth):
#
# 1. browse to https://hackerone.com/directory/programs
# 2. open the console
# 3. search something
@leonjza
leonjza / patch.diff
Created September 30, 2022 13:21
tun2socks debug patch
View patch.diff
diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh
index 78571d9..765b13f 100644
--- a/docker/entrypoint.sh
+++ b/docker/entrypoint.sh
@@ -1,55 +1,28 @@
#!/bin/sh
+# Modified version of
+# https://github.com/xjasonlyu/tun2socks/blob/main/docker/entrypoint.sh
+
@leonjza
leonjza / countips.py
Created August 24, 2022 09:15 — forked from joswr1ght/countips.py
Read a file of network + CIDR masks, one per line; count the number of IP addresses it represents
View countips.py
#!/usr/bin/env python3
#
# original: https://gist.github.com/joswr1ght/595d49d5a7914cf7305b73512f37186a
import sys
def countips(netblock):
v = netblock.split('/')
# nothing?
@leonjza
leonjza / README.md
Last active August 5, 2022 10:20
Forward a remote iOS device, locally.
View README.md

fwd_ios.sh

Forwards a remote iOS device, exposed via usbmuxd on Linux to a local macOS client.
The inverse (aka ssh -R) is left as an excercise to the reader, but shouldn't be too hard :)

This is basically a simple usbfluxd that only depends on socat.

install

Copy the bash script to a local file, say fwd_ios.sh and make it executable with chmod +x fwd_ios.sh.

@leonjza
leonjza / enable_vnc.sh
Created May 28, 2022 13:02
macOS enable vnc remotely via ssh
View enable_vnc.sh
#!/bin/bash
# simple script to enable remote management via an ssh
set -e
if [ "$EUID" -ne 0 ]
then echo "please run as root (eg: sudo $0)"
exit
fi
@leonjza
leonjza / DOCKER-IN-AN-HOUR.md
Last active January 30, 2023 10:55
Docker in an hour Workshop
View DOCKER-IN-AN-HOUR.md

docker-in-an-hour

@leonjza

Welcome to docker-in-an-hour! This is a "JIT" for docker, with many explanations being just enough to defend yourself. It is highly recommended that you go and at least Google some of the stuff here after doing the workshop. Read the official docs with real explanations.

toc

@leonjza
leonjza / picker.patch
Created January 30, 2022 08:29
objection boot target picker poc
View picker.patch
diff --git a/objection/console/cli.py b/objection/console/cli.py
index f9738d1..4814eff 100644
--- a/objection/console/cli.py
+++ b/objection/console/cli.py
@@ -3,6 +3,8 @@ import time
from pathlib import Path
import click
+from prompt_toolkit import prompt
+from prompt_toolkit.completion import FuzzyCompleter, WordCompleter
@leonjza
leonjza / clone-and-write.ps1
Created October 29, 2021 05:29
Cobalt Strike Clone Executable Signature for code-signer Malleable Profile block
View clone-and-write.ps1
# clone the certificate for SysInternals TCPView.exe and save
# it as cert.pfx
$o = Get-PfxCertificate -FilePath .\tcpview.exe
$cl = New-SelfSignedCertificate -CloneCert $o
$p = ConvertTo-SecureString -String "password" -Force -AsPlainText
Export-PfxCertificate -FilePath cert.pfx -Cert $cl -Password $p
@leonjza
leonjza / README.md
Created September 23, 2021 15:46
SenseCon '21 Announce Challenge
View README.md

Hello world!

This was the internal @sensepost SenseCon 2021 announcement email (stripped), together with the supporting challenge.

Have phun!

@leonjza
leonjza / README.md
Last active October 12, 2022 19:40
A PHP eval() reverse shell.
View README.md

php eval shell

A reverse shell that lets you evaluate PHP.
This is not an OS command reverse shell per-se but you could eval a function like system("id") for that if you wanted to.

Useful to poison an existing PHP file and explore the currently loaded environment.

example