Skip to content

Instantly share code, notes, and snippets.

View shayanb's full-sized avatar
💭
\-=-=|=-=-/

Shayan Eskandari shayanb

💭
\-=-=|=-=-/
368 followers · 276 following
View GitHub Profile
@shayanb
shayanb / documentation.md
Created July 17, 2014 07:05 — forked from josephwegner/documentation.md

My router has been hacked. Here's what I know:

I'm unaware of how my router became infected, but the password has definitely been changed. I admittedly had not done any firmware updates in quite some time, which could be related to the infection.

The router was setting a custom DNS for google-analytics.com, which pointed to their apparently malicious server. Unfortunately, I did not realize it was DNS manipulation before I reset my router (I thought google-analytics.com was an invalid domain), so I did not get the original IP address. It servers up the script that spearheads this whole thing. The source for that script at the time of writing can be found in the file google-analytics.js

Once google-analytics runs, it inserts an iFrame that directs to http://storage.com/storage.html. The ad serving script is clever in that it will only serve you ads so many times in a given period, so that you won't be able to debug and you might not really think anything is wrong. It stores timed cookies on the storage.com

@shayanb
shayanb / keyUtils.py
Last active August 29, 2015 14:07 — forked from dims/keyUtils.py
import ecdsa
import ecdsa.der
import ecdsa.util
import hashlib
import os
import re
import struct
b58 = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz'
@shayanb
shayanb / gist:ab30abe3f61423e08a54
Created December 6, 2014 23:58
XSS ghetto collection
_____ _ _ _ __ _______ _____ _____ _ _ _ _
| __ \ | | | | | \ \ / / ___/ ___| / __ \ | | | | | | |
| | \/ |__ ___| |_| |_ ___ \ V /\ `--.\ `--. | / \/ |__ ___ __ _| |_ ___| |__ ___ ___| |_
| | __| '_ \ / _ \ __| __|/ _ \ / \ `--. \`--. \ | | | '_ \ / _ \/ _` | __/ __| '_ \ / _ \/ _ \ __|
| |_\ \ | | | __/ |_| |_| (_) | / /^\ |\__/ /\__/ / | \__/\ | | | __/ (_| | |_\__ \ | | | __/ __/ |_
\____/_| |_|\___|\__|\__|\___/ \/ \|____/\____/ \____/_| |_|\___|\__,_|\__|___/_| |_|\___|\___|\__|
A ghetto collection of XSS payloads that I find to be useful during penetration tests, especially when faced with WAFs or application-based black-list filtering, but feel free to disagree or shoot your AK-74 in the air.
Simple character manipulations.
@shayanb
shayanb / gist:3be7a26a8f5849364c0d
Created December 25, 2014 08:28
### Keybase proof
I hereby claim:
* I am shayanb on github.
* I am btctalk (https://keybase.io/btctalk) on keybase.
* I have a public key whose fingerprint is D13A 960E E450 547B 0943 9A21 47DD 5589 4339 49E7
To claim this, I am signing this object:
@shayanb
shayanb / getUDID.m
Last active August 29, 2015 14:13 — forked from sag333ar/getUDID.m
- (NSString*)UDID {
NSString *uuidString = nil;
// get os version
NSUInteger currentOSVersion = [[[[[UIDevice currentDevice] systemVersion] componentsSeparatedByString:@"."] objectAtIndex:0] integerValue];
if(currentOSVersion <= 5) {
if([[NSUserDefaults standardUserDefaults] valueForKey:@"udid"]) {
uuidString = [[NSUserDefaults standardDefaults] valueForKey:@"udid"];
} else {
CFUUIDRef uuidRef = CFUUIDCreate(kCFAllocatorDefault);
@shayanb
shayanb / gist:b0c5f427d117bf8fabfb
Created January 23, 2015 03:35
Import MYSQL dump to Heroku (cleardb)
<?php
/*
PHP script to import MYSQL database dump in Heroku cleardb
By Shayan Eskandari 2015
export your mysql dump from phpmyadmin or with sqldump commandline -> database_scheme.sql
you have to modify the dump and remove the create database and schema details
here is one example
//database_schema.sql
@shayanb
shayanb / gist:70217da4701a124a027f
Last active December 8, 2015 02:11
Bibtex_to_SAFBuilder
#python script to convert bibtex for SAFBuilder CSV
#Make Papers bibtex export available to be used with SAFBuilder to make a Simple Archive Format to be able to import in dSpace (I know! lol)
import bibtexparser
import csv
import urllib2
with open('cryptolibrary.bib') as bibtex_file:
bibtex_str = bibtex_file.read()
@shayanb
shayanb / gist:9dd8dc5c6d79b9ff6a09
Created November 10, 2015 15:39
Get multisig RedeemScript and address
from pycoin.tx.pay_to import address_for_pay_to_script, build_hash160_lookup, build_p2sh_lookup, ScriptMultisig
from pycoin.key import Key
def generate_multisig_address(priv_keys, N=3, M=2, netcode = COIN_NETWORK):
'''
Generate a multisig address from a list of pycoin keys (addresses public or private)
multisig N out of M
'''
#keys = sorted(keys, key=lambda k: k.sec_as_hex()) #sort keys to have the same multisig address from any similar list of keys
keys = []
@shayanb
shayanb / testnet_fork_data_readme
Last active November 11, 2015 08:48
Testnet blocksize fork data
MOVED TO [GitHub](https://github.com/shayanb/Testnet-blocksize-fork-data-Raw)
apparently gist trims the big files.
@shayanb
shayanb / eventListener.js
Created September 15, 2016 22:26
simple NodeJS app to display triggered events on a smart contract
// This is a simple NodeJS app to display triggered events on a smart contract
// you need your contract ABI and deployed address and also a synced geth running
// github.com/shayanb
var optionsABI = [YOUR_CONTRACT_ABI]
var contractAddress = "0xYOUR_CONTRACT_ADDRESS"
var Web3 = require('web3');