thomaspatzke’s gists

## Burp-CSRFRandomName.py
from burp import (IBurpExtender, IBurpExtenderCallbacks, ISessionHandlingAction, IHttpListener)
import re

class BurpExtender(IBurpExtender, ISessionHandlingAction, IHttpListener):
    def registerExtenderCallbacks(self, callbacks):
        self.callbacks = callbacks
        self.helpers = callbacks.getHelpers()
        callbacks.setExtensionName("Handling of CSRF Tokens with Random Names")
        self.callbacks.registerSessionHandlingAction(self)
        self.callbacks.registerHttpListener(self)

## proxy_http_connect-portscanner.sh
for (( p=0; p <= 65535; p++ )); do echo "Probing port $p"; echo -n "Port $p: " >> portscan.log; (echo CONNECT targethost:$p HTTP/1.1; echo) | nc -q 3 proxyhost proxyport | head -1 >> portscan.log; done

## nmap-open-ports.sh
xmlstarlet sel -t -m '//port/state[@state="open"]/parent::port' -v 'ancestor::host/address/@addr' -o : -v './@portid' -n nmap-output.xml

## create_deleter.py
#!/usr/bin/python3

from sys import argv, exit
import re

hashline_re = re.compile('^SHA1\((.*?)\)= (.*)$')

dsthashes = dict()

if len(argv) < 4:

## net-config.sh
#!/bin/bash

case "$1" in
router)
	sysctl -w net.ipv4.ip_forward=1
	iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
	systemctl start dnsmasq.service
	;;
router-stop)
	sysctl -w net.ipv4.ip_forward=0

## hexdump.py
print("\n".join([" ".join(["{:02x}".format(c) for c in bin[i:i+16]]) for i in range(0, len(bin), 16)]))

## CSRFToken.py
from burp import (IBurpExtender, IBurpExtenderCallbacks, ISessionHandlingAction, IHttpListener)
import re

class BurpExtender(IBurpExtender, ISessionHandlingAction, IHttpListener):
    def registerExtenderCallbacks(self, callbacks):
        self.callbacks = callbacks
        self.helpers = callbacks.getHelpers()
        callbacks.setExtensionName("Session CSRF Token Handling")
        self.callbacks.registerSessionHandlingAction(self)
        self.callbacks.registerHttpListener(self)

## Burp-SessionHandlingActionReplaceIDInResponse.py
from burp import (IBurpExtender, ISessionHandlingAction)
import re

class BurpExtender(IBurpExtender, ISessionHandlingAction):
    def registerExtenderCallbacks(self, callbacks):
        self.callbacks = callbacks
        self.helpers = callbacks.getHelpers()
        callbacks.setExtensionName("Path Parameter Session Handling Action")
        self.callbacks.registerSessionHandlingAction(self)
        self.out = callbacks.getStdout()

## .vimrc
set hidden
set ruler
set wildmenu
set showcmd
set nocompatible
set scrolloff=10
filetype plugin indent on
set smartindent
set sw=4
set expandtab

## extract_post_parameters_from_burpexport-without_xmlstarlet.sh
grep javax.faces.ViewState POSTs.xml | perl -mURI::Escape -ne '/javax\.faces\.ViewState=(.*?)&/; print URI::Escape::uri_unescape($1); print "\n"' | sort -u