Instantly share code, notes, and snippets.

💭
:cheeeeeese:

Royce Williams roycewilliams

View GitHub Profile
View clientside-software-update-verification-failures.md

Client-side software update verification failures

Exploitable vulnerabilities in client-side software update mechanisms that could have been mitigated by secure transport (TLS). Contributions welcome. All text taken from the vulnerability descriptions themselves, with additional emphasis mine.

And to be clear, I'm a fan of both verification and transport encryption. I feel that each can help mitigate potential issues with the other. Both are necessary, but neither is sufficient.

View extension-IDs-from-Somé-INRIA-paper.txt
# References:
#
# Cimpanu article: https://www.zdnet.com/article/websites-can-steal-browser-data-via-extensions-apis/
# Testing tool: https://www-sop.inria.fr/members/Doliere.Some/empoweb/extsanalyzer/
# Paper: https://www-sop.inria.fr/members/Doliere.Some/papers/empoweb.pdf
#
abenhehmjmoifipfpjeaejpbeeihnokp
aclhfmpoahihmhhacaekgcbjaeojnifa
aefmgkhgcmdljpfijlohmbhkhflmbmfi
afddmpnodjaifgjibafjcbfaplnoipei
View crude-diceware-acceleration.sh
#!/bin/bash
#-----------------------------------------------------------------------
# Crude example of using rules for the fourth word to accelerate
# performance of hashcat attack on a four-word Diceware passphrase,
# separated by spaces
#-----------------------------------------------------------------------
TEST_PLAIN="vine embalm blood micro"
TEST_MD5=$(echo -n ${TEST_PLAIN} | md5sum | awk '{print $1}')
pp64() { /usr/local/bin/pp64.bin $*; }
View firefox-adult-inadjacency-cracked.txt
# Cracks of Firefox's adult/inadjacency list
# https://gist.github.com/roycewilliams/04ed6eb9509b83ce4d85873861c7f7b4
#
# Hash source is base64-encoded binary MD5:
# https://dxr.mozilla.org/mozilla-central/source/browser/components/newtab/lib/FilterAdult.jsm
#
# Converted with: for item in $(cat hashes-base64.list); do echo $item | base64 -d | xxd -p; done
#
# Cracked by @tychotithonus and associates
# Last few tricky ones cracked by @s3inlc
View firefox-adult-inadjacency-analysis.txt
# ----------------------------------------------------------------------------------
# Firefox list (base64-encoded binary MD5):
# https://dxr.mozilla.org/mozilla-central/source/browser/components/newtab/lib/FilterAdult.jsm
# Convert with: for item in $(cat hashes-base64.list); do echo $item | base64 -d | xxd -p; done
#
# Firefox inadjacency commit:
# https://hg.mozilla.org/mozilla-central/log/default/browser/base/content/newtab/newTab.inadjacent.json
#
# Ruttley list (apparent original source for the Firefox list):
# https://github.com/matthewruttley/contentfilter/blob/master/sites.json
View dmarc-parser-csv.py
#!/usr/bin/python
# Via: https://github.com/prbinu/dmarc-report-processor/blob/master/bin/dmarc-parser.py
#
# Copyright (c) 2014, Yahoo! Inc.
# Copyrights licensed under the New BSD License. See the
# accompanying LICENSE.txt file for terms.
#
# Author Binu P. Ramakrishnan
# Created 09/12/2014
#
View mta-sts_scans-io_dns-any_2018-08-24.txt
mta-sts.0xdeadbeef600ddecafbad.de,cname,sb33.not-your-server.de
mta-sts.123apps.net,cname,mta-sts.luteijn.email
mta-sts.79p.de,cname,79p.de
mta-sts.abel-battenberg.de,a,78.46.137.164
mta-sts.abel-fkb.de,a,78.46.137.164
mta-sts.adrien-martin.net,cname,adrien-martin.net
mta-sts.akademeia.moe,cname,mta-sts.luteijn.email
mta-sts.akademiaf2p.pl,cname,ha.hetzner.tensquaregames.com
mta-sts.alainwolf.ch,cname,mta-sts.urown.net
mta-sts.alainwolf.net,cname,mta-sts.urown.net
View insidepro-hashmanager-rules.txt
# Source: http://www.insidepro.team/HM.zip
# Distribution path: ./Help/En/Rules.txt
# Distribution timestamp: 2018-04-27
# Verified: 2018-06-14
#
# comment
: no-op: do nothing to the input password
l convert to lower case (PASSWORD -> password)
u convert to upper case (password -> PASSWORD)
c capitalize (password -> Password)
View ntpmemlog.txt
# grep ntpstats /etc/fstab
tmpfs /var/log/ntpstats tmpfs defaults,noatime,nodiratime,nosuid,mode=0755,size=200m 0 0
# cat /etc/init.d/ntpmemlog
#!/bin/sh
### BEGIN INIT INFO
# Provides: ntpmemlog
# Required-Start: $local_fs $time
# X-Stop-After: $time
# Required-Start: $local_fs $time
View ntp-scratch.txt
● systemd-timesyncd.service - Network Time Synchronization
Loaded: loaded (/lib/systemd/system/systemd-timesyncd.service; enabled; vendor preset: enabled)
Drop-In: /lib/systemd/system/systemd-timesyncd.service.d
└─disable-with-time-daemon.conf
Active: active (running) since Tue 2018-04-03 07:02:47 UTC; 6s ago
Docs: man:systemd-timesyncd.service(8)
Main PID: 8724 (systemd-timesyn)
Status: "Synchronized to time server 192.111.144.114:123 (0.debian.pool.ntp.org)."
CGroup: /system.slice/systemd-timesyncd.service
└─8724 /lib/systemd/systemd-timesyncd