nickpopovich
nickpopovich
/ ssh_wizardry.sh
Last active
September 21, 2021 14:33
use ssh with password natively without expect/sshpass from non-interactive shell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # in a scenario where you have a non-interactive shell, and need to use discovered SSH credentials (not private keys) from cli and don't | |
| # want to/can't install expect/sshpass | |
| # usage would be create script on target host, and use the non interactive shell to chmod +x/execute script from target | |
| # if calling with bash need to give full path to script even if operating in same directory | |
| #video at https://www.youtube.com/watch?v=-YlG9M9X2Oc | |
| #!/bin/bash | |
| SSH_USER=testuser | |
| SSH_PASS="password123" | |
| SSH_HOST=127.0.0.1 |
nickpopovich
/ random_user-agent.py
Created
January 1, 2020 21:04
Script that goes with Python Scripter Burp Extension - every request passed through burp has a random User-Agent. Inspired by Marcin Wielgoszewski (@marcin) https://portswigger.net/bappstore/eb563ada801346e6bdb7a7d7c5c52583. Also inspired by Tim Tomes' (@lanmaster53) example scripts for Python Scripter https://gist.github.com/lanmaster53/3d86836…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import random | |
| header_names = ['User-Agent'] | |
| ua = ['Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.62 Safari/537.36', 'Mozilla/5.0 (Linux; Android 6.0; CAM-L21 Build/HUAWEICAM-L21; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/62.0.3202.84 Mobile Safari/537.36', 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36'] | |
| if (messageIsRequest): | |
| request = helpers.analyzeRequest(messageInfo) | |
| headers = request.getHeaders() | |
| for header_name in header_names: |