Skip to content

Instantly share code, notes, and snippets.

View singe's full-sized avatar

Dominic White singe

271 followers · 0 following
View GitHub Profile
@singe
singe / hc-to-john-utf8.sh
Created February 11, 2022 13:25
Hashcat Wordlist Stuff
#!/bin/bash
# Convert hashcat.pot to john.pot and merge them
# Usage: hc-to-john.sh <hashcat pot> <john pot>
# NB: Make sure the hashcat pot only contains 16
# and 32 character hashes that are LM and NT hashes
tmp1=$(mktemp -t pot-port)
tmp2=$(mktemp -t pot-port)
hashpot=$1
LC_ALL=UTF-8 sed 's/^\([a-f0-9]\{32\}:[^:]*\)$/$NT$\1/' $hashpot | grep '^\$NT\$' > $tmp1
@singe
singe / README.md
Last active March 19, 2022 03:15
Windows Arabic Code Page (1265) for hashcat

A Windows Arabic Code Page (CP1256) hashcat charset file. Its use is described by hashcat here. The original blog post describing it can be found at NTHashes and Encodings.

@singe
singe / macos_perf_notes.md
Last active January 16, 2022 16:05
macOS Perf Approaches

Remember to compile with debug.

Use DTrace - onCPU

  1. Clone https://github.com/brendangregg/FlameGraph

  2. Trace command sudo dtrace -c '<command>' -o out.stacks -n 'profile-997 /execname == "<command name>"/ { @[ustack(100)] = count(); }' > /dev/null

  3. Create Graph

@singe
singe / get-shift.sh
Created August 11, 2021 21:17
Display the commands required to merge to packet captures and align their time stamps
#!/bin/bash
one=$1
two=$2
if [[ $one == "" || $two == "" ]]; then
echo Display commands to merge two packet captures to the same time
echo $0 "<cap one> <cap two> <offset>"
exit 1
fi
offset=$3
if [[ ! $offset > 0 ]]; then
@singe
singe / sources.md
Last active September 28, 2020 10:59
Richard Serra & Carlota Fay Schoolman's "Television Delivers People" from March 1973
@singe
singe / Dockerfile
Last active May 29, 2020 19:49
Simple canary token binary wrapper
FROM alpine:latest as builder
LABEL maintainer="@singe at SensePost <research@sensepost.com>"
RUN apk update && apk --no-cache add \
build-base \
&& rm -rf /var/cache/apk/*
WORKDIR /
COPY yellow.c canary32.c canary32.h /
RUN gcc -o yellow yellow.c canary32.c
@singe
singe / allowed.txt
Last active May 28, 2019 06:07
LinkedIn Top 10k Passwords Compared to Twitter Password Blacklist
123456789:allowed
linkedin:allowed
000000:allowed
linked:allowed
1234567890:allowed
222222:allowed
555555:allowed
pakistan:allowed
chocolate:allowed
Linkedin:allowed
@singe
singe / xe.sh
Created May 8, 2018 13:11
A super simple script to pull currency info from xe.com
#!/bin/sh
UA="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.1 Safari/605.1.15"
url="https://www.xe.com/currencyconverter/convert/"
amount="$1"
fromcur="$2"
tocur="$3"
if [ "$fromcur" == "" ]; then #Use default currencies
fromcur="ZAR"
tocur="GBP"
fi
@singe
singe / docker-for-mac-linuxkit-build.sh
Created March 14, 2018 21:01
A simple script to rebuild the linuxkit image used in Docker for Mac.
git clone https://github.com/linuxkit/linuxkit
cd linuxkit
currdir=$(pwd)
make
export PATH=$PATH:$currdir/bin
foo=$(grep isoEfi\ $currdir/src/cmd/linuxkit/vendor/github.com/moby/tool/src/moby/output.go|cut -d\" -f2)
docker pull $foo
cd examples
linuxkit build --format iso-efi docker-for-mac.yml
mv /Applications/Docker.app/Contents/Resources/linuxkit/docker-for-mac.iso /Applications/Docker.app/Contents/Resources/linuxkit/docker-for-mac.iso.orig
@singe
singe / aes-ccm-noncense.py
Created October 18, 2017 18:58
Simple demonstration of how you can recover plaintext from a stream cipher when the nonce is reused.
#!/usr/bin/env python3
from Cryptodome.Cipher import AES
from Cryptodome.Random import get_random_bytes
pairwiseTransientKey = b'pairwiseTransKey'
EAPOLheader = b'Unencrypted Frame Stuff'
plaintext1 = b'Attack at dawn'
nonce1 = get_random_bytes(11)