Roland Bracewell Shoemaker rolandshoemaker
🏴
rolandshoemaker
/ de-strip.py
Last active
November 20, 2021 11:17
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Ghidra script for re-populating (naively) stripped function names from | |
| # Go >1.2 binaries using the pclntab. Should work with both the initial | |
| # 1.2 format pclntab as well as the 1.16 format. | |
| # | |
| # Author: roland@golang.org | |
| from ghidra.program.model.symbol.SourceType import * | |
| start = None | |
| for section in getMemoryBlocks(): |
rolandshoemaker
/ cryptobyte-ocsp.go
Created
May 25, 2020 21:31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| type ocspRequest struct { | |
| TBSRequest tbsRequest | |
| } | |
| type certID struct { | |
| HashAlgorithm pkix.AlgorithmIdentifier | |
| NameHash []byte | |
| IssuerKeyHash []byte | |
| SerialNumber *big.Int | |
| } |
rolandshoemaker
/ gen_certs.sh
Created
April 15, 2020 16:28
/usr/share/doc/openssl-blacklist/examples/gen_certs.sh.gz from openssl-blacklist_0.5-3_all.deb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # | |
| # Author: Jamie Strandboge <jamie@canonical.com> | |
| # Copyright (C) 2008 Canonical Ltd. | |
| # | |
| # This program is free software; you can redistribute it and/or | |
| # modify it under the terms of the GNU General Public License | |
| # as published by the Free Software Foundation; either version 2 | |
| # of the License, or (at your option) any later version. |
rolandshoemaker
/ crl.go
Created
January 29, 2020 17:25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // CRLTemplate contains the fields used to create an X.509 v2 Certificate | |
| // Revocation list. | |
| type CRLTemplate struct { | |
| RevokedCertificates []pkix.RevokedCertificate | |
| Number int | |
| ThisUpdate time.Time | |
| NextUpdate time.Time | |
| Extensions []pkix.Extension | |
| } |
rolandshoemaker
/ grab-ct-roots.go
Created
April 26, 2017 15:32
Grab a CT logs roots in a format Trillian with accept
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "encoding/base64" | |
| "encoding/json" | |
| "flag" | |
| "fmt" | |
| "io/ioutil" | |
| "net/http" | |
| "os" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Cert details can be viewed by prepending https://crt.sh/?q= to the cert hash | |
| # EV | |
| 45/363389 bad (41 skipped) | |
| # SHA256 hash # GSB threats | |
| 182eae7d907f92607a398d6b073c463b1725befe7c439bcd5923fc846adef766: [[{gxja86.com/ {MALWARE ANY_PLATFORM URL}}]] | |
| f1da0c3aea8fc31be893bddea2dd5066672b3a6f3bb08f2851acfe3148e51381: [[{lexuncoin.com/ {MALWARE ANY_PLATFORM URL}}]] | |
| a1dc0b61501d0f95f6b9ff3bbd6e594751c8c0cae189f807917ab3cae802f65d: [[{refilldoctors.com/ {MALWARE ANY_PLATFORM URL}}]] |
rolandshoemaker
/ gen.py
Created
April 19, 2016 18:40
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import OpenSSL | |
| key_str = """-----BEGIN PRIVATE KEY----- | |
| MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDKcAkiny4Sgt0p | |
| 7yzaVWsgBMgB1YsZLrID66AD2UQR9FQKIP6+CTn6CXs+wAYmdmSF1wNoIOuf9OR5 | |
| BjZfcMPrGtBGPHgrcv/FnB8as2n1J8lziWbizDyY2idqIgb/9wTOz2YKRc8jWdP9 | |
| GbkSnRRrRGPr1/Rl2VFdAN7MWTDqXHtJYRwIgZP7zQEScjNvjvnGe1o82e0dU/Zs | |
| gMsbbBYVst0GLyMIilVRd5Q6dyl5T2f+8AYVSAXFUpNG84bHqLclJyoPmi+amSHg | |
| dXIuyE+agP+gtf27AkiUm0OYJ0MCENImlFf0oFAaSjamG5p0nWZg8b71vBc4bi+i | |
| Ugy3wUdpAgMBAAECggEBAI6q1JVUz5h2J73E9LxOlLe1Buvb/jLaKNUAev4bYZCx |
rolandshoemaker
/ natural-sort.txt
Created
April 7, 2016 21:00
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| MariaDB [testing]> CREATE TABLE `new_table` (`testing` varchar(255) NOT NULL, `inserted` datetime NOT NULL,PRIMARY KEY (`testing`)) ENGINE=InnoDB; | |
| Query OK, 0 rows affected (0.02 sec) | |
| MariaDB [testing]> INSERT INTO new_table (`testing`, `inserted`) VALUES('e', NOW()); | |
| Query OK, 1 row affected (0.00 sec) | |
| MariaDB [testing]> INSERT INTO new_table (`testing`, `inserted`) VALUES('a', NOW()); | |
| Query OK, 1 row affected (0.01 sec) | |
| MariaDB [testing]> INSERT INTO new_table (`testing`, `inserted`) VALUES('d', NOW()); |
rolandshoemaker
/ bad-uas.txt
Created
March 25, 2016 20:30
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ua # affected total % | |
| -- ---------- ----- - | |
| LetsEncryptPythonClient/0.2.0 (CentOS Linux 7.2.1511) Authenticator/webroot Installer/none 2645 2645 100.00 | |
| simp_le/0 44 944 4.66 | |
| Faraday v0.9.2 39 210 18.57 | |
| python-requests/2.8.1 38 40 95.00 | |
| LetsEncryptPythonClient/0.2.0 (CentOS 6.5) Authenticator/manual Installer/none |
rolandshoemaker
/ 20160213_dnsrecords_all-caa
Created
February 22, 2016 01:36
All CAA records from the 20160213_dnsrecords_all scan (https://scans.io/study/sonar.fdns)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0day.net,caa,0,issue,"digicert.com" | |
| 0x4a42.net,caa,0,iodef,"mailto:security@0x4a42.net" | |
| 0x4a42.net,caa,128,issue,"letsencrypt.org" | |
| akademiaf2p.com,caa,0,iodef,"mailto:adm@tensquaregames.com" | |
| akademiaf2p.com,caa,128,issue,"startssl.com" | |
| akademiaf2p.com,caa,128,issuewild,"startssl.com" | |
| akademiaf2p.pl,caa,0,iodef,"mailto:adm@tensquaregames.com" | |
| akademiaf2p.pl,caa,128,issue,"startssl.com" | |
| akademiaf2p.pl,caa,128,issuewild,"startssl.com" | |
| arrakis.tv,caa,2,auth,"0>09\006\010+\006\001\004\001\214y\002\003\001\006 `\134H\001e\003\004\002\001\004 \183\0223\134te\156;\171z\196\164DL\246J_.\229\176\229.\231f\148\030\2253\222/\177\229\002\001\000" |
NewerOlder