Skip to content

Instantly share code, notes, and snippets.

View notdodo's full-sized avatar
☁️
randomASDF' or '1'='1

Edoardo Rosa notdodo

☁️
randomASDF' or '1'='1
79 followers · 60 following
View GitHub Profile
@notdodo
notdodo / install_printer
Last active February 7, 2024 09:07
Install a printer on Arch Linux with cups using command line
#!/bin/bash
################################################################
# Install a printer on Arch Linux with cups using command line #
# Used for a HP PSC 1510 with default driver #
################################################################
sudo pacman -S cups
sudo systemctl start org.cups.cupsd
@notdodo
notdodo / AWSCLI-Cheat-Sheet.md
Last active September 8, 2023 20:31

AWSCLI Cheat Sheet

  • Export credentials to be imported in environment shell:

    aws configure export-credentials --profile default --format env

  • List all user in the organization:

    aws iam list-users
@notdodo
notdodo / reoder_deobfuscator.py
Last active June 20, 2023 10:33
Deobfuscate a powershell script with re-ordering obfuscation
#!/usr/bin/env python3
#
# AUTHOR: Edoardo Rosa notdodo https://github.com/notdodo
# https://twitter.com/_d_0_d_o_
#
# Sample: ("{0}{1}{4}{3}{5}{2}" -f 'CONv','er','G','R','tTo-SecURest','In')
# Decoded output: CONvertTo-SecURestRInG
#
try:
@notdodo
notdodo / gen_loader.py
Created May 9, 2021 19:41
Generate a VBA list of GUIDS to copy-paste into a Macro
#!/usr/bin/env python3
import sys
import uuid
def read_shellcode(filename):
shellcode = ""
ctr = 1
maxlen = 16
for b in open(sys.argv[1], "rb").read():
@notdodo
notdodo / main.tf
Last active July 19, 2022 12:51
Minimum viable Terraform deployment to test AWS EC2 Auto Scaling privilege escalation https://notdodo.medium.com/aws-ec2-auto-scaling-privilege-escalation-d518f8e7f91b
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
}
}
}
provider "aws" {
region = "eu-west-1"
@notdodo
notdodo / extractrsa.py
Last active March 8, 2022 18:46
Old script use to extract shared prime from a number of public RSA keys (i.e. generated by malware)
#!/usr/bin/env python3
#
# author: notdodo
#
import os
import sqlite3
import itertools
from multiprocessing import Pool
try:
@notdodo
notdodo / list.txt
Last active November 7, 2021 21:57
List of `username&&password` collected from personal honeypots
&&
0&&0
1&&1
119.18.20.137&&22022
1234&&1234
12345&&12345
154.29.178.51&&22
192.185.196.181&&22
24online&&24online
2Wire&&2Wire
@notdodo
notdodo / fortissl_parse_dump.py
Last active September 19, 2021 16:12
Dumb script to bulk parse the output of CVE-2018-13379 (https://gist.github.com/code-machina/bae5555a771062f2a8225fd4731ae3f7) (SSLVPN Fortigate)
import re
import mmap
CHECKING = re.compile("\[Checking: .*\]\n")
IPADDR = re.compile(
r"((?:(0|1)\d{2}|2[0-4]\d|25[0-5]|\d{1,2})\.(?:(0|1)\d{2}|2[0-4]\d|25[0-5]|\d{1,2})\.(?:(0|1)\d{2}|2[0-4]\d|25[0-5]|\d{1,2})\.(?:(0|1)\d{2}|2[0-4]\d|25[0-5]|\d{1,2}))"
)
DOTS = re.compile(".*\.{2,}.*")
@notdodo
notdodo / notdodo-burp.json
Last active July 28, 2021 12:28
Burp Suite User Configuration
{
"user_options":{
"connections":{
"platform_authentication":{
"credentials":[],
"do_platform_authentication":true,
"prompt_on_authentication_failure":false
},
"socks_proxy":{
"dns_over_socks":false,
@notdodo
notdodo / settings.json
Last active July 24, 2021 09:47
Windows Terminal Settings
{
"$schema": "https://aka.ms/terminal-profiles-schema",
// Add custom actions and keybindings to this array.
// To unbind a key combination from your defaults.json, set the command to "unbound".
// To learn more about actions and keybindings, visit https://aka.ms/terminal-keybindings
"actions": [
// Copy and paste are bound to Ctrl+Shift+C and Ctrl+Shift+V in your defaults.json.
// These two lines additionally bind them to Ctrl+C and Ctrl+V.
// To learn more about selection, visit https://aka.ms/terminal-selection
{