mtigas

Client-side SSL

For excessively paranoid client authentication.

---

Updated Apr 5 2019:

because this is a gist from 2011 that people stumble into and maybe you should AES instead of 3DES in the year of our lord 2019.

some other notes:

codeincontext

require 'OpenSSL';require 'Base64';c = 'A9owhIxrZX3kHFGKqn0dOoybYZWBQxGygOviG1ane9/aDwezVW/AzDDoD6ZZTdLkjd3RAxbkHD9rHSa+Z7js6QzylYBnMsPjZYVzEE//g4/2anuBI9aWwKjqj45T1UkO4cxKtziUzwPB5rXt5Rx1AnwzUeI0brlqcqNctzLp4aVZbfbW4p0gHUTAej3wk4uD3+ioqMe4hDGUQWiUp9p7IDHancMhhQg60O9990TFev54YUBokJxj09Wo8SsMbw7M/Xy/xJ3gbc9tx9fBGGASJcTkCdHqYYU4kOieogC9AtHM54xsfhKu5s5okyFPHaN9ylboEmB0IlZnwf7GhG6IOuOAC9o7jI31mrRbjTiyYglcNPf5yrVepPpZOlJ+sjNKIf6meDdrmIdv2iyMAvIVfoVEOmnzyFAE6r7sCQ3nyAHHtdDKErSWkhWsPgLg5Gl5b3pEazHVrafB2aeqYKeTzNGejxjVXMId2K2v1I0MqUgTLlJ2gyAWHtUcV63yX6DplqCph4vylwap0JH+dp8kltUimeC/qKYSFZL45lhFlNoMDF4O89ekizZmljCMtVgll1Amzt5/xDAcHMXoEz7iZ3xTArDbt0FbX6HjABPvcCJTAhl8kDV0BqILXfJycJ8rKvlXJ5pqoryYZJoNqTOvaiRiRHokX5xM07ej8japZeYZq2F20ejJL1oB13Q11LuGS2YnjlcDtxbdDcHJikUj28GmI19/lZenj1IiktoO1zPlPyFXO8GZXTM5y8RbVM/WyUBNPh3Peae7PcAfD6SPZLJAbOd6Xe46H4yNv2kuxV3HJVQc37+Sp5ALWxEIdDA+GLNbLvTdLo9T1mUJbO/vHn0iHHIrwccfaY6IyFVQQW/9TSVUka7ulL7QuSu8gsD1/5BYhZJAX4Un6ZOl35UR4onoTGnP1DTrOa7yp9RLAfvrd0iaSXNF3aZkLO8n7X6LmqUr2krCtEb2uVANeUfr3+wU

jwebcat

wget --no-check-certificate --content-disposition https://github.com/joyent/node/tarball/v0.7.1
# --no-check-cerftificate was necessary for me to have wget not puke about https
curl -LJO https://github.com/joyent/node/tarball/v0.7.1

compermisos

# Java static analysis (very simple) functions
# by Enrique Alfonso Sanchez Montellano
# http://security-dojo.com/programming-bits/static-source-code-audit-on-terminal-aka-glorified-greps-part-2/

auditjava ()
{
	if [ -z "$1" ]; then
		echo "Missing directory to audit!"
		echo "Usage: auditjava <directory>"
	else

schnell18

#!/bin/sh
# script to automate the creation of chroot jail
# w/ minimal executables to run git

export CHROOT=/var/chroot

function copy_binary() {
    for i in $(ldd $*|grep -v dynamic|cut -d " " -f 3|sed 's/://'|sort|uniq)
      do
        cp --parents $i $CHROOT

mitchwongho

# Assuming an Ubuntu Docker image
$ docker run -it <image> /bin/bash

n3dst4

1. Open Conemu

2. Open Settings -> Tasks or go to new tab button -> Setup tasks.

3. Click + to add a new task

4. Enter the name as Git Bash or whatever you like

5. Task parameters:

    /icon "C:\Program Files (x86)\Git\etc\git.ico" /dir "C:\_git"
   

6. Command:

carnal0wnage

PS C:\users\user\desktop\PowerSploit\PowerSploit\Exfiltration> Get-Command -Module Exfiltration

CommandType     Name                                               ModuleName
-----------     ----                                               ----------
Function        Get-GPPPassword                                    Exfiltration
Function        Get-Keystrokes                                     Exfiltration
Function        Get-TimedScreenshot                                Exfiltration
Function        Get-VaultCredential                                Exfiltration
Function        Get-VolumeShadowCopy                               Exfiltration
Function        Invoke-CredentialInjection                         Exfiltration

vitalyp

#!/usr/bin/python
#
# Copyright (C) 2012 Itzik Kotler
#
# scraper.py is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# scraper.py is distributed in the hope that it will be useful,

hluk

[Command]
Automatic=true
Command="
    copyq:
    var tabName = '&url'
    
    function lower(data) {
      return str(data).toLowerCase()
    }