Skip to content

Instantly share code, notes, and snippets.

View packetchef's full-sized avatar

william packetchef

4 followers · 4 following
  • 01060
View GitHub Profile
@packetchef
packetchef / unquoteURLString
Created July 6, 2015 12:33
Unquote a URL-encoded string
from urllib2 import unquote
# Quoted string seen in POST requests attempting to use PHP file includes
quotedString = (
"%63%67%69%2D%62%69%6E/%70%68%70?%2D%64+%61%6C%6C%6F%77%5F%75%72%6C%5F%69"
"%6E%63%6C%75%64%65%3D%6F%6E+%2D%64+%73%61%66%65%5F%6D%6F%64%65%3D%6F%66"
"%66+%2D%64+%73%75%68%6F%73%69%6E%2E%73%69%6D%75%6C%61%74%69%6F%6E%3D%6F"
"%6E+%2D%64+%64%69%73%61%62%6C%65%5F%66%75%6E%63%74%69%6F%6E%73%3D%22%22+"
"%2D%64+%6F%70%65%6E%5F%62%61%73%65%64%69%72%3D%6E%6F%6E%65+%2D%64+%61%75"
"%74%6F%5F%70%72%65%70%65%6E%64%5F%66%69%6C%65%3D%70%68%70%3A%2F%2F%69%6E"
@packetchef
packetchef / xorder.py
Last active August 29, 2015 14:24
Encode and decode XOR encryption
# From https://gist.github.com/revolunet/2412240
def xor_crypt_string(data, key, encode=False, decode=False):
from itertools import izip, cycle
import base64
if decode:
data = base64.decodestring(data)
xored = ''.join(chr(ord(x) ^ ord(y)) for (x,y) in izip(data, cycle(key)))
if encode:
return base64.encodestring(xored).strip()
@packetchef
packetchef / handle_opts.py
Last active August 29, 2015 14:24
Demonstrate handling of command line options using optparse
import optparse
import sys
global debug
progDesc = (
'Welcome to %prog. It\'s meant for frobbing foozles, and otherwise'
'making for better frognosticators.'
)
@packetchef
packetchef / print_dictionary.py
Created July 11, 2015 16:51
Pythonic printing of a dictionary and its contents
def prettyDictionary(**kwargs):
for name, value in kwargs.items():
print('{name} :: {value}'.format(name=name, value=value))
import urllib2
import simplejson as json
url = 'http://ipinfo.io/json'
ipinfo = urllib2.urlopen(url).read()
jipinfo = json.loads(ipinfo)
@packetchef
packetchef / splunk_asynch_search
Created July 13, 2015 00:00
Example of asynchronous search in Splunk with loop to check job status and default output in JSON.
@packetchef
packetchef / splunk_synch_search
Created July 13, 2015 00:01
Example of synchronous search in Splunk with default output in JSON
@packetchef
packetchef / myVariableClass.py
Created July 19, 2015 16:57
Define a class that accepts a variable number of arguments at instantiation time and sets them as attributes
class myVariableClass:
def __init__(self, name, **kwargs):
self.name = name
self.classType = 'Variable class'
for key, value in kwargs.items():
setattr(self, key, value)
from pprint import pprint
myVar = myVariableClass('test class', string1='abc', int1=999, string2='end this')
@packetchef
packetchef / rot13.py
Created July 21, 2015 21:14
Demonstrate rot13 encoding
import string
rot13 = string.maketrans(
"ABCDEFGHIJKLMabcdefghijklmNOPQRSTUVWXYZnopqrstuvwxyz",
"NOPQRSTUVWXYZnopqrstuvwxyzABCDEFGHIJKLMabcdefghijklm"
)
encodedString = string.translate('Hypatia', rot13)
decodedString = string.translate(encodedString, rot13)
print('Encoded string is {string}'.format(string=encodedString))
@packetchef
packetchef / mask_ip_subnet.py
Created July 23, 2015 22:59
For a given subnet and salt, mask each IP
# Rumor has it that in newer releases of Python v3, ipaddr objects are not iterable
import ipaddr
import hashlib
salt = 'NN'
subnet = ipaddr.IPNetwork('192.168.100.0/24')
for ip in subnet:
# Try md5 or sha512
maskedIP = hashlib.md5(str(ip) + salt).hexdigest()
print('{ip:<15} :: {maskedIP}'.format(ip=ip, maskedIP=maskedIP))
@packetchef
packetchef / chargen.py
Created August 4, 2015 23:55
Generate a block of text based on a salt and static string - do not consider to be random
# Future print lets us easily remove trailing newlines
from __future__ import print_function
import hashlib
i=0
salt = "N"
while i < 5000:
print(hashlib.md5('thisismystring' + (salt * i)).hexdigest(), end='')
i += 1