Skip to content

Instantly share code, notes, and snippets.

@miketweaver
miketweaver / cleanup.bat
Last active Dec 20, 2018
Windows VM Cleanup before Snapshot
View cleanup.bat
REM # -----------------------------------------------------------------
REM # This requires ultradefrag, and sdelete installed.
REM # cinst ultradefrag sysinternals -y
REM # run as Admin
REM # -----------------------------------------------------------------
net stop wuauserv
rmdir /S /Q C:\Windows\SoftwareDistribution\Download
mkdir C:\Windows\SoftwareDistribution\Download
net start wuauserv
@miketweaver
miketweaver / PassswordCTF2017.md
Last active Oct 24, 2019
PCrack CTF Post-Mortem - 2017
View PassswordCTF2017.md

PCrack CTF Post-Mortem - 2017

Thank you to everyone who played this year at @SAINTCON! We had an awesome time and loved seeing everyone heat up their rooms and test their skills. As far as I'm aware, there was only one graphics card killed in this endeavor (sorry about that @d4rkm4tter).

Scores

SAINTCON Players:

1st - 53,371,688 - leeroy

@miketweaver
miketweaver / mangler.py
Created Oct 16, 2017
PasswordCTF.com Mangler
View mangler.py
import random
import os
import sys
import hashlib
import thread
leetrandomness = 1;
temppassword = ""
use = False
View SecondValidationMethod.md

So, for validation, here is my suggestion. Works for however people want to submit (separate hashes.txt, password.txt or combined "hash:pass" file).

  • grab a copy of mdxfind/mdsplit from http://hashes.org . Ensure you have the contest-orginal pcrack.master.hashed.txt file (it will be read-only).

  • If separate files:

     mdxfind -f pcrack.master.hashed.txt -h ^sha1$ plaintext.txt >result
     mdsplit -f result hashes.txt

You will be left with hashes.txt and hashes.SHA1x01. The hashes.SHA1x01 are the validated number of cracks (wc -l to get number), and any invalid hash submissions will be in hashes.txt. If this file is empty, all hashes validated.

View NewValidator.py
#!/usr/bin/env python
import hashlib
import binascii
score = 0
hashfile = "newformat.txt"
# Notes:
# Chars 0-39 are the first 40 chars of the hash
View validate.py
#!/usr/bin/env python
import hashlib
score = 0
plaintext = "plaintext.txt"
hashes = "hashes.txt"
plainfile = open(plaintext)
hashfile = open(hashes)
View API.md

Command:

curl -X POST   https://api.passwordctf.com/hashes   -d '{
"data": {
"user_name": "USERNAME GOES HERE",
"api_key": "API KEY GOES HERE",
"hashes": [
"a2477e96493f08578eac08f015ec74ead449cd04:73f1e0a2254a21f094652b8b82b2f586"
]
}
@miketweaver
miketweaver / upload.sh
Last active Sep 15, 2017
UploadX Upload via Bash Script
View upload.sh
#!/bin/bash
#Copyright 2017 Mike Weaver
#Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
#The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
#THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
@miketweaver
miketweaver / install-nightshade.md
Created Jul 7, 2017
NightShade Install Instructions
View install-nightshade.md

Install NightShade

Get NightShade Files

git clone https://github.com/UnrealAkama/NightShade
cd NightShade

Setup Pip and Postgres

sudo apt update
You can’t perform that action at this time.