Skip to content

Instantly share code, notes, and snippets.

fhtagn unfo

Block or report user

Report or block unfo

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View how-to-oscp-final.md

How to pass the OSCP

  1. Recon
  2. Find vuln
  3. Exploit
  4. Document it

Recon

Unicornscans in cli, nmap in msfconsole to help store loot in database.

@unfo
unfo / enum.sh
Created Apr 7, 2017
Linux priv esc. Might be out-dated script versions
View enum.sh
#!/bin/bash
BLACK="\033[30m"
RED="\033[31m"
GREEN="\033[32m"
YELLOW="\033[33m"
BLUE="\033[34m"
PINK="\033[35m"
CYAN="\033[36m"
WHITE="\033[37m"
@unfo
unfo / crossword.prolog
Created Aug 20, 2012
Learn Prolog Now, Exercises 2.3 Crossword
View crossword.prolog
% 2.3
word(astante, a,s,t,a,n,t,e).
word(astoria, a,s,t,o,r,i,a).
word(baratto, b,a,r,a,t,t,o).
word(cobalto, c,o,b,a,l,t,o).
word(pistola, p,i,s,t,o,l,a).
word(statale, s,t,a,t,a,l,e).
crossword(V1, V2, V3, H1, H2, H3) :-
word(V1, _,V1H1,_,V1H2,_,V1H3,_),
View oscp-tips.md

A few tips for OSCP

  1. Doing all of the exercises is important since you will discover low-hanging fruit from the labs based on the recon you do with the different tools in the exercises.
  2. Be wary of doing full /24 range port scans, especially for anything more than a few TCP ports. The machines might be in all sorts of broken states left by students etc.
  3. When starting to recon a specific machine:
  • Revert
  • Port scan
  • Try to identify services

Those steps in that order are important. You want a fresh state for the machine and you want to do just simple port scanning first because doing nmap's service scanning or nse scripts might send payloads that actually crash services. So be careful.

@unfo
unfo / draw_graph.sh
Created Mar 16, 2015
simple awk script for drawing ascii graphs
View draw_graph.sh
# Should be used with | sort | uniq -c
# Example input:
# 2 0
# 3 1
# 46 2
# 6 3
# 20 4
# 115 5
function draw_graph() {
awk 'BEGIN { highest= -1 } { sum += $1; items += 1 ; if ($1 > highest) { highest = $1 } ; values[$2] = $1; } END { print highest; for (val in values) { print values[val] " " val } }' | \
View better-http.py
import SimpleHTTPServer
import SocketServer
import logging
import cgi
import sys
if len(sys.argv) > 2:
PORT = int(sys.argv[2])
View file-sizes-by-date.sh
#!/bin/bash
# Author: @unfo
# xargs ls --full-time output:
# -rw-rw---- 1 USER GROUP 458654 2015-08-09 11:12:37.000000000 +0300 ./path/2015/08/09/file.ext
# awk fields:
# 1 2 3 4 5 6 7 8 9
find . -type f -print0 \
| xargs -0 ls --full-time \
| awk '{ total[$6] += $5 } END { for (d in total) { printf("%s\t%6.2f MB\n",d,(total[d] / 1024 / 1024)) } }' \
View better-http.py
import SimpleHTTPServer
import SocketServer
import logging
import cgi
import sys
if len(sys.argv) > 2:
PORT = int(sys.argv[2])
View .ssh config
Host *.labs.overthewire.org
SendEnv WECHALLTOKEN
SendEnv WECHALLUSER
View snippets-2016-09-21.xml
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<folders>
<folder>
<title>oscp</title>
<snippets>
<snippet>
<title>spawn tty</title>
<content>python -c 'import pty;pty.spawn("/bin/bash")'</content>
</snippet>
<snippet>
You can’t perform that action at this time.