Skip to content

Instantly share code, notes, and snippets.

View roycewilliams's full-sized avatar
💭
:cheeeeeese:

Royce Williams roycewilliams

💭
:cheeeeeese:
View GitHub Profile
@roycewilliams
roycewilliams / dotslider.rule
Created April 13, 2024 16:06
hashcat rule to only insert non-contiguous dots/periods
This file has been truncated, but you can view the full file.
# hashcat rule to only insert non-contiguous dots/periods
# Created 2024-04-13 by TychoTithonus (Royce Williams)
# Source:
:
i1.
i2.
i2.i1.
i3.
i3.i1.
@roycewilliams
roycewilliams / unssz.py
Created March 20, 2024 20:07 — forked from dfirfpi/unssz.py
Decrypt Samsung / Seagate Secure Zone crypto container (without knowing the password... uao...).
#!/usr/bin/python
# -*- coding: utf-8 -*-
#
# Copyright 2017, Francesco "dfirfpi" Picasso <francesco.picasso@gmail.com>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
@roycewilliams
roycewilliams / keytrap.md
Last active February 15, 2024 23:06
keytrap.md

(mirror snapshot of: https://infosec.exchange/@tychotithonus/111924626712765292)

summary: new DNSSEC validation DoS vulnerabilities CVE-2023-50387 ("KeyTrap"), CVE-2023-50868 (NSEC3 vuln)

(living doc, updated regularly - if you prefer a low-edit post to boost, use https://infosec.exchange/@tychotithonus/111926621712441626)

Looks like DNS-OARC coordinated fixes in advance, but I don't see a centralized analysis, other than this announcement from the team who discovered KeyTrap: https://www.athene-center.de/en/news/press/key-trap ... and their technical paper: https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf

@roycewilliams
roycewilliams / mdxfind-sha256-empty-10k.txt
Last active February 9, 2024 21:37
mdxfind-sha256-empty-10k.txt
# 10,000 iterations of SHA256 hash of an "empty" password (zero-length string).
# Generated with: echo "" | mdxfind -h '^SHA256$' -i 10000 -z -f /dev/null stdin
# MDXfind version: $Header: /home/dlr/src/mdfind/RCS/mdxfind.c,v 1.120 2024/01/22 20:41:23 dlr Exp dlr $
# Source: https://gist.github.com/roycewilliams/35a015f3914541ce829e2718dd4af871
SHA256x01 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855:
SHA256x02 cd372fb85148700fa88095e3492d3f9f5beb43e555e5ff26d95f5a6adc36f8e6:
SHA256x03 e67e72111b363d80c8124d28193926000980e1211c7986cacbd26aacc5528d48:
SHA256x04 f7d062d662826ed95869851db06bb539b402047baee53a00e0aa35bfbe98265d:
SHA256x05 2a132dbfe4784627b86aa3807cd19cfeff487aab3dd7a60d0ab119a72e736936:
SHA256x06 bdca9e8dbca354e824e67bfe1533fa4a238b9ea832f23fb4271ebeb3a5a8f720:
@roycewilliams
roycewilliams / mdxfind-sha1-empty-10k.txt
Last active February 9, 2024 21:36
mdxfind-sha1-empty-10k.txt
# 10,000 iterations of SHA1 hash of an "empty" password (zero-length string).
# Generated with: echo "" | mdxfind -h '^SHA1$' -i 10000 -z -f /dev/null stdin
# MDXfind version: $Header: /home/dlr/src/mdfind/RCS/mdxfind.c,v 1.120 2024/01/22 20:41:23 dlr Exp dlr $
# Source: https://gist.github.com/roycewilliams/2b071bb9f6f73d0968583de3509d9525
SHA1x01 da39a3ee5e6b4b0d3255bfef95601890afd80709:
SHA1x02 10a34637ad661d98ba3344717656fcc76209c2f8:
SHA1x03 3e6c06b1a28a035e21aa0a736ef80afadc43122c:
SHA1x04 3c7435cfd4e31b9be3991041c9a4f8292b752e5b:
SHA1x05 63027d7630360e4203c0e3f970ec2ffcfe5f8f1b:
SHA1x06 ecc1978dca2e31d10751ede8d8753f1cbded832e:
@roycewilliams
roycewilliams / mdxfind-md5-empty-10k.txt
Last active February 9, 2024 21:33
mdxfind-md5-empty-10k.txt
# 10,000 iterations of MD5 hash of an "empty" password (zero-length string).
# Generated with: echo "" | mdxfind -h '^MD5$' -i 10000 -z -f /dev/null stdin
# MDXfind version: $Header: /home/dlr/src/mdfind/RCS/mdxfind.c,v 1.120 2024/01/22 20:41:23 dlr Exp dlr $
# Source: https://gist.github.com/roycewilliams/bcb1b6b59f107c228bd4eca72862044d
MD5x01 d41d8cd98f00b204e9800998ecf8427e:
MD5x02 74be16979710d4c4e7c6647856088456:
MD5x03 acf7ef943fdeb3cbfed8dd0d8f584731:
MD5x04 5a8dccb220de5c6775c873ead6ff2e43:
MD5x05 76682f743ae018364a082b2e87f2d2f5:
MD5x06 0f62265227df1b6d6deec36ab4bc5e76:
@roycewilliams
roycewilliams / mdxfind-empty.txt
Last active February 9, 2024 21:29
mdxfind-empty.txt
# Various hashes of an "empty" password (zero-length string).
# Generated with: echo "" | mdxfind -h ALL -h '!salt' -z -f /dev/null stdin
# MDXfind version: $Header: /home/dlr/src/mdfind/RCS/mdxfind.c,v 1.120 2024/01/22 20:41:23 dlr Exp dlr $
# Source: https://gist.github.com/roycewilliams/845c6105ef359976e1e884260aeda7aa
BLAKE224x01 7dc5313b1c04512a174bd6503b89607aecbee0903d40a8a569c94eed:
BLAKE256x01 716f6e863f744b9ac22c97ec7b76ea5f5908bc5b2f67c61510bfc4751384ea7a:
BLAKE384x01 c6cbd89c926ab525c242e6621f2f5fa73aa4afe3d9e24aed727faaadd6af38b620bdb623dd2b4788b1c8086984af8706:
BLAKE512x01 a8cfbbd73726062df0c6864dda65defe58ef0cc52a5625090fa17601e1eecd1b628e94f396ae402a00acc9eab77b4d4c2e852aaaa25a636d80af3fc7913ef5b8:
BMW224x01 e57c183da7e2cd3e90258ca04499b222420f9b6797bbab131b4d286e:
BMW256x01 82cac4bf6f4c2b41fbcc0e0984e9d8b76d7662f8e1789cdfbd85682acc55577a:
@roycewilliams
roycewilliams / tycho-mastodon-filter_temperatures.json
Last active September 11, 2023 16:14
tycho-mastodon-filter_temperatures.json
{
"_comment1": "Tycho Mastodon filter: Temperatures",
"_comment2": "as of 2023-09-11",
"_comment3": "https://gist.github.com/roycewilliams/86d110141d45439fa7b9da5ae2445219",
"_comment4": "Note: leading and trailing spaces in keywords are usually deliberate",
"context": [
"home",
"public"
],
@roycewilliams
roycewilliams / tycho-mastodon-filter_weather.json
Last active September 11, 2023 16:14
tycho-mastodon-filter_weather.json
{
"_comment1": "Tycho Mastodon filter: Weather",
"_comment2": "as of 2023-09-11",
"_comment3": "https://gist.github.com/roycewilliams/ca24a766bede8a185264734e99668a01",
"_comment4": "Note: leading and trailing spaces in keywords are usually deliberate",
"context": [
"home",
"public"
],
@roycewilliams
roycewilliams / tychotithonus-mastodon-follows.csv
Last active August 24, 2023 18:50
Royce's Mastodon follows
# Royce's Mastodon follows
# 2023-08-24
# https://gist.github.com/roycewilliams/33eeda52bce671f145967ab98b54ba54
Account address Show boosts Notify on new posts Languages
0Xiphorus@infosec.exchange true false
0ddj0bb@infosec.exchange true false
0ray@infosec.exchange true false
0x58@infosec.exchange true false
0x7eff@infosec.exchange true false
0x90NOP@infosec.exchange true false