srozb

## dhcp_request.py
#!/usr/bin/python2

from scapy.all import *
from sys import argv

IFACE='wlan0'

def myMAC(iface):
    fam,hw = get_if_raw_hwaddr(IFACE)
    hw = hw.encode("hex")

## sh_targets.sh
#!/bin/bash

grep TARGET $1 | xargs -n 1 | egrep '([0-9]+[.]){3,}' | cut -d '/' -f 1 | xargs -n1 host

## mal_embed.ps1
$Base64 = "Put base64 of .jse file here"
$Content = [System.Convert]::FromBase64String($Base64)
Set-Content -Path C:\malware.jse -Value $Content -Encoding Byte
wscript.exe c:\malware.jse

## clone_magic.sh
#!/bin/bash

FILENAME=`echo $1 | sed 's/\.qcow2//g'`

echo Clone $1 image $2 times.

for i in $(eval echo {0..$2})
do
        qemu-img create -f qcow2 -b $1 ${FILENAME}_${i}.qcow2
        virsh start ${FILENAME}_${i}

## js_deobf.py
#!/usr/bin/env python

import sys
import re
from base64 import b64decode

f = open(sys.argv[1], 'r')
buf = f.read()

var_pattern = """['"][a-zA-Z0-9=/]+['"]"""

## keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                srozb
                / keybase.md
            
            
              Created
              October 5, 2017 13:08
            
              
                keybase.md
              
          
    Keybase proof

I hereby claim:

I am srozb on github.
I am srozb (https://keybase.io/srozb) on keybase.
I have a public key ASC669FMStRNcLXjoZmAPEoA9rjvVUtqB3zTR9SAkSzJywo

To claim this, I am signing this object:

  
## attachment.py
#!/usr/bin/env python3

import email
import sys
import uuid

def print_usage():
	print("{} <filename>".format(sys.argv[0]))

def read_file(filename):

## create_bro_file.sh
#!/bin/bash

INFORM="DER"

echo @load base/protocols/ssl
echo
echo module SSL\;
echo redef root_certs += {

for f in *.cer

## check_deb.sh
#!/bin/bash

COPY_DIR="/tmp/integrity_check/$(date +%Y-%m-%d)"
ARCH_FILE="/root/susp_files-$(date +%Y-%m-%d).tgz"

# debsums bedzie nam potrzebny
dpkg -l | grep debsums >/dev/null || apt-get install -y debsums


# wykryj i staruj

## validate_iban.py
#!/usr/bin/env python

def _to_base10(number):
    """Prepare the number to its base10 representation."""
    try:
        return ''.join(
            str(int(x, 36)) for x in number)
    except Exception:
        raise Exception("Invalid Format")
	#!/usr/bin/python2

	from scapy.all import *
	from sys import argv

	IFACE='wlan0'

	def myMAC(iface):
	fam,hw = get_if_raw_hwaddr(IFACE)
	hw = hw.encode("hex")
	#!/bin/bash

	grep TARGET $1 \| xargs -n 1 \| egrep '([0-9]+[.]){3,}' \| cut -d '/' -f 1 \| xargs -n1 host
	$Base64 = "Put base64 of .jse file here"
	$Content = [System.Convert]::FromBase64String($Base64)
	Set-Content -Path C:\malware.jse -Value $Content -Encoding Byte
	wscript.exe c:\malware.jse
	#!/bin/bash

	FILENAME=`echo $1 \| sed 's/\.qcow2//g'`

	echo Clone $1 image $2 times.

	for i in $(eval echo {0..$2})
	do
	qemu-img create -f qcow2 -b $1 ${FILENAME}_${i}.qcow2
	virsh start ${FILENAME}_${i}
	#!/usr/bin/env python

	import sys
	import re
	from base64 import b64decode

	f = open(sys.argv[1], 'r')
	buf = f.read()

	var_pattern = """['"][a-zA-Z0-9=/]+['"]"""
	#!/usr/bin/env python3

	import email
	import sys
	import uuid

	def print_usage():
	print("{} <filename>".format(sys.argv[0]))

	def read_file(filename):
	#!/bin/bash

	INFORM="DER"

	echo @load base/protocols/ssl
	echo
	echo module SSL\;
	echo redef root_certs += {

	for f in *.cer
	#!/bin/bash

	COPY_DIR="/tmp/integrity_check/$(date +%Y-%m-%d)"
	ARCH_FILE="/root/susp_files-$(date +%Y-%m-%d).tgz"

	# debsums bedzie nam potrzebny
	dpkg -l \| grep debsums >/dev/null \|\| apt-get install -y debsums


	# wykryj i staruj
	#!/usr/bin/env python

	def _to_base10(number):
	"""Prepare the number to its base10 representation."""
	try:
	return ''.join(
	str(int(x, 36)) for x in number)
	except Exception:
	raise Exception("Invalid Format")