Skip to content

Instantly share code, notes, and snippets.

View ropnop's full-sized avatar

Ronnie Flathers ropnop

794 followers · 1 following
View GitHub Profile
@ropnop
ropnop / Dockerfile
Created July 18, 2019 01:02
centos5 devel dockerfile
ARG CENTOSIMAGE=astj/centos5-vault
FROM ${CENTOSIMAGE}
RUN yum install -y perl curl wget gcc c++ make glibc-devel glibc-devel.i386
@ropnop
ropnop / cors_poc_test.html
Last active November 14, 2018 07:01
Quick tester for CORS misconfigurations
<html>
<script src="https://code.jquery.com/jquery-3.2.1.min.js"></script>
<h1>CORS Test PoC</h1>
<label for="target_url">Endpoint to test: </label><input type="url" id="target_url" size=100 placeholder="Target URL"><br/>
<input type="checkbox" id="with_creds_checkbox" value="with_creds"><label for="with_creds_checkbox">With Credentials?</label><br/>
<input type="submit" id="submit_btn" value="Make Request">
<hr>
<p>If the site is vulnerable to an overly permissive CORS policy, the response of the above request will appear in the box below</p>
<div id="test_data" style="border:1px solid darkred; color: red">
@ropnop
ropnop / find_moles.py
Created January 9, 2018 04:11
A Python script for SANS Holiday Hack 2017
#!/usr/bin/env python2
# load the infraction json data
import json
with open('infractions.json', 'r') as fp:
data = json.loads(fp.read())
infractions = data['infractions']
# get all the names and generate the naughty list from the CSV
names = []
@ropnop
ropnop / opennms_check_password.py
Created June 21, 2017 23:11
Script to check a plaintext password against an OpenNMS password digest
#!/usr/bin/env python
import sys
from hashlib import sha256
def checkPassword(encrypted, plaintext, iterations=100000, verbose=False):
hexstring = encrypted.decode('base64').encode('hex') # i hate working with bytes
salt = hexstring[:32]
correct = hexstring[32:]
if verbose:
@ropnop
ropnop / helloworld
Created February 1, 2013 15:45
#!/usr/bin/python
print 'Hello World'