Skip to content

Instantly share code, notes, and snippets.

View netscylla's full-sized avatar

Netscylla netscylla

View GitHub Profile

Keybase proof

I hereby claim:

  • I am netscylla on github.
  • I am netscylla (https://keybase.io/netscylla) on keybase.
  • I have a public key whose fingerprint is 5224 94C5 C060 4472 8AAE C269 CBF2 E5EF 52FF DF91

To claim this, I am signing this object:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCigItCboOO9fp4ZLDkXKo+bGqvv9nJV/ZghmWRbY9FMRaMatDBfgPenIQSOX3uAoyfl2JFObiaZBJ3V/cNvIlkjFDZJUa/ttg28fHo8a3kRL45wTud4WRVNcpP1JBTUnDtRPInsvlWm5w0Yde1YVi1wxWPs85l9Kn4Wqro5ckFQmLmY+G9XKlHiXrKmOwCeYBI/yCFWrAKXAl2c3T0Ab6jFXUGuSdAWWUWqw+nWp+K3B6TDH8Q30YKIcAYYl5G8zoMbfgjGDH6p1tboG6psX9HCeI1GG+uqrlEfBfR1QaMAFlbHP+TPor9j/XKgShIo3fDWlV07dq9kEOzbCpGmByL
@netscylla
netscylla / install-postfix.sh
Last active March 25, 2017 11:26
install-postfix.sh
#!/bin/sh
echo "postfix postfix/mailname string smtp.example.com" | debconf-set-selections
echo "postfix postfix/main_mailer_type string 'Internet Site'" | debconf-set-selections
DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::='--force-confdef' -o Dpkg::Options::='--force-confold' -f -q -y install postfix postfix-mysql dovecot-core dovecot-imapd dovecot-lmtpd dovecot-mysql
@netscylla
netscylla / Build Nginx & Naxsi [Redhat]
Last active June 17, 2018 14:14
Build script for building Nginx with Naxsi Module on Redhat
#!/usr/bin/env bash
yum install -y pcre.x86_64 pcre-devel.x86_64 openssl-devel.x86_64 unzip make \
gperftools-devel.x86_64 gperftools.x86_64 jq.x86_64
mkdir /tmp/ngxbuild
cd /tmp/ngxbuild
latestNginx=$(curl -s http://hg.nginx.org/nginx/tags |
grep "^ *release-" | head -1 | cut -c 9-)
latestNaxsi=$(curl -s https://api.github.com/repos/nbs-system/naxsi/releases |
jq -r .[].tag_name | grep -v rc | head -1)
@netscylla
netscylla / Hackaday OTP 1407981609 Lambda
Created April 27, 2018 18:25
Hackday OTP 1407981609 toolkit as a AWS Lambda function on Node JS 6.10
exports.handler = (event, context, callback) => {
console.log('Received event:', JSON.stringify(event, null, 2));
if (event.a === undefined || event.b === undefined || event.c === undefined|| event.code === undefined) {
callback("400 Invalid Input");
}
var res = {};
res.a = Number(event.a);
res.b = Number(event.b);
res.c = Number(event.c);
@netscylla
netscylla / aws-logs-setup.py
Last active June 1, 2018 08:15
aws-logs-setup.py patched to support Kali Linux
#!/usr/bin/python
# Copyright 2014 Amazon.com, Inc. or its affiliates. All Rights Reserved.
#
# Licensed under the Amazon Software License (the "License"). You may not use
# this file except in compliance with the License. A copy of the License is
# located at http://aws.amazon.com/asl/ or in the "license" file accompanying
# this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
# CONDITIONS OF ANY KIND, either express or implied. See the License for the specific
# language governing permissions and limitations under the License.
@netscylla
netscylla / oracle-set-logfile.sh
Created June 15, 2018 13:38
Oracle TNS Listener Log File Rewrite Exploit
#!/bin/sh
PORT=1521;
if [ $# != 2 ] && [ $# != 3 ]; then
echo Sets Oracle TNS Listener log file to a new value using tnscmd.pl
echo
echo Usage: $0 new-log-file-name host [port]
echo
echo port default to $PORT
#!/usr/bin/env bash
apt-get install -y libpcre3 libpcre3-dev libssl-dev unzip make \
libgoogle-perftools-dev google-perftools jq gcc zlib1g-dev
mkdir /tmp/ngxbuild
cd /tmp/ngxbuild
ng_cookies=$(curl -s http://hg.nginx.org/nginx/tags|grep cookie|cut -f 2 -d '"'|tr -d '\n')
latestNginx=$(curl --cookie ${ng_cookies} -s http://hg.nginx.org/nginx/tags|grep "^ *release-" | head -1 | cut -c 9-)
echo "found: ${latestNginx}"
latestNaxsi=$(curl -s https://api.github.com/repos/nbs-system/naxsi/releases |
@netscylla
netscylla / ExtractAWSRoleBasedKeys.sh
Created July 3, 2018 09:44 — forked from kananlanginhooper/ExtractAWSRoleBasedKeys.sh
Shell script to extract Temporary AWS keys (Access Key Id and Secret Access Key) from Role Based EC2 instance using 169.254.169.254 and dynamic role names
#!/bin/sh
ROLENAME=$(curl http://169.254.169.254/latest/meta-data/iam/security-credentials/ -s)
KeyURL="http://169.254.169.254/latest/meta-data/iam/security-credentials/"$ROLENAME"/"
wget $KeyURL -q -O Iam.json
KEYID=$(grep -Po '.*"AccessKeyId".*' Iam.json | sed 's/ //g' | sed 's/"//g' | sed 's/,//g' | sed 's/AccessKeyId://g')
SECRETKEY=$(grep -Po '.*"SecretAccessKey".*' Iam.json | sed 's/ //g' | sed 's/"//g' | sed 's/,//g' | sed 's/SecretAccessKey://g')
SECURITYTOKEN=$(grep -Po '.*"Token".*' Iam.json | sed 's/ //g' | sed 's/"//g' | sed 's/,//g' | sed 's/Token://g')
rm Iam.json -f
{
"template": "brologs*",
"mappings": {
"capture_loss": {
"properties": {
"ts_delta": {
"type": "double"
},
"peer": {
"type": "keyword"