Skip to content

Instantly share code, notes, and snippets.

View thomaspatzke's full-sized avatar

Thomas Patzke thomaspatzke

View GitHub Profile
@thomaspatzke
thomaspatzke / gist:9496625
Last active August 29, 2015 13:57
Convert Joomla J2XML export file into files containing the title of the content element in the first line and the HTML code afterwards (suitable for Blosxom)
xmlstarlet sel -T -t -m //content -v alias -o ';' -v created -o ';' -v title -n joomlaexport.xml | while IFS=';' read alias ts title; do echo $title > $alias.txt; xmlstarlet sel -T -t -m '//content[contains(alias,"'$alias'")]' -v introtext -n joomlaexport.xml | recode html >> $alias.txt; touch -d "$ts" $alias.txt; done
@thomaspatzke
thomaspatzke / openssl-heartbleed-server.py
Created April 9, 2014 15:10
Very quick&dirty TLS server for testing if client implementations are affected by the Heartbleed vulnerability, before crypto (key exchange etc.) is established.
#!/usr/bin/python3
# openssl-heartbleed-server.py
# Check TLS clients for OpenSSL Heartbleed vulnerability.
import socketserver
import struct
import random
class HeartbleedServer(socketserver.BaseRequestHandler):
@thomaspatzke
thomaspatzke / gist:e3dbbc7eba710874e7e3
Created September 12, 2014 11:29
Convert something into URL encoding
| hd | perl -ne 's/^\d+\s+//d; s/\s+\|.*?$//g; s/([\da-f]+)\s+/%$1/g; print;'
@thomaspatzke
thomaspatzke / keybase.md
Last active August 29, 2015 14:07
keybase.md

Keybase proof

I hereby claim:

  • I am thomaspatzke on github.
  • I am thomaspatzke (https://keybase.io/thomaspatzke) on keybase.
  • I have a public key whose fingerprint is ADDB 3A1A 80DE 4D0E 79B9 58AD 5F1A A4D8 C753 A286

To claim this, I am signing this object:

@thomaspatzke
thomaspatzke / extract_post_parameters_from_burpexport.sh
Last active August 29, 2015 14:11
Extract particular HTTP request parameter value (POST) from Burp XML save file without Base64 request/response encoding. Here I extract the NavigationTarget parameter of a SAP Portal application.
xmlstarlet sel -t -m '//items/item[contains(./request,"NavigationTarget")]' -v 'substring-before(substring-after(./request, "NavigationTarget="), "&")' -n Crawl-*.xml | perl -mURI::Escape -ne 'print URI::Escape::uri_unescape($_);' | sort -u
@thomaspatzke
thomaspatzke / find_unique.sh
Created January 7, 2015 13:59
Generate a list of files with unique content
find -type f -exec sha256sum {} \; | sort | perl -ne '($h, $f) = /^(\S+)\s+(.*)$/; if (defined $ph && $ph ne $h || !defined $ph) { print "$f\n" } $ph = $h; $pf = $f;'
@thomaspatzke
thomaspatzke / extract_post_parameters_from_burpexport-without_xmlstarlet.sh
Created January 19, 2015 13:24
Extract POST parameter (here javax.faces.ViewState) from files with saved HTTP requests
grep javax.faces.ViewState POSTs.xml | perl -mURI::Escape -ne '/javax\.faces\.ViewState=(.*?)&/; print URI::Escape::uri_unescape($1); print "\n"' | sort -u
@thomaspatzke
thomaspatzke / Burp-SessionHandlingActionReplaceIDInResponse.py
Created February 2, 2015 11:19
This is a template for a Burp extension that can be used as session handling macro action. It pulls an identifier (here: last part of location header from redirection response) from the first macro response and puts it in the given place of the current request (here: last URL path component). Adapt as needed at the places marked with "CONFIG" co…
from burp import (IBurpExtender, ISessionHandlingAction)
import re
class BurpExtender(IBurpExtender, ISessionHandlingAction):
def registerExtenderCallbacks(self, callbacks):
self.callbacks = callbacks
self.helpers = callbacks.getHelpers()
callbacks.setExtensionName("Path Parameter Session Handling Action")
self.callbacks.registerSessionHandlingAction(self)
self.out = callbacks.getStdout()
@thomaspatzke
thomaspatzke / hexdump.py
Last active August 29, 2015 14:20
Hex-only dump in Python in one line
print("\n".join([" ".join(["{:02x}".format(c) for c in bin[i:i+16]]) for i in range(0, len(bin), 16)]))
@thomaspatzke
thomaspatzke / gist:7445776
Created November 13, 2013 08:47
Extract HTTP URLs, Requests and Responses from Wireshark PDML file.
xmlstarlet sel -t -m '//proto[@name="http"]' --if 'descendant::field[@name="http.request"]' -o 'URL: ' -v 'descendant::field[@name="http.request.full_uri"]/@show' -n -o 'Request: ' -v 'following-sibling::proto[@name="data-text-lines"]/field/@value' -n --elif 'descendant::field[@name="http.response"]' -o 'Code: ' -v 'descendant::field[@name="http.response.code"]/@show' -o ' ' -v 'descendant::field[@name="http.response.phrase"]/@show' -n -o 'Response: ' -v 'following-sibling::proto[@name="data-text-lines"]/field/@value' -n file.pdml | perl -ne 'if (/^((?:Request|Response): )?([0-9a-f]+)$/i) { $p = $1; $e = $2; $e =~ s/([0-9a-f]{2})/$1 /ig; print "$p"; print map { chr(hex($_)) } (split / /, $e); print "\n" if ($e !~ /0[da].?$/i) } else { print }'