SeanPesce’s gists

SeanPesce / xp_cmdshell.py

Created June 10, 2022 00:04

Interactive pseudo-shell for executing shell commands on a remote MSSQL server via xp_cmdshell

	#!/usr/bin/env python3

	# Author: Sean Pesce

	# This script acts as a pseudo-shell by executing shell commands on a remote MSSQL server instance
	# using sqsh and xp_cmdshell.


	import argparse
	import os

SeanPesce / find_symbol.sh

Last active May 10, 2023 19:03

Linux shell command to find binaries that contain a specific symbol. Useful when searching for command injection and other vulnerabilities.

	#!/bin/bash
	SYMBOL_NAME="system"; find ./ -type f -exec printf "{}: " \; -exec sh -c "objdump -T \"{}\" 2>&1 \| grep -e \" $SYMBOL_NAME\" ; echo \"\"" \; \| grep -e " $SYMBOL_NAME"

SeanPesce / enum_ex.py

Last active March 18, 2022 16:02

Python 3 convenience class for checking if a value is a valid Enum value

	#!/usr/bin/env python3

	from enum import EnumMeta, Enum


	class EnumExMeta(EnumMeta):
	def __contains__(self, val):
	try:
	self(val)
	except ValueError:

SeanPesce / archive.py

Last active March 18, 2022 16:09

Deus Ex: Mankind Divided (DXMD) .archive file extractor

	#!/usr/bin/env python3
	# Author: Sean Pesce

	"""
	The classes in this file can be used to extract files from the *.archive files used by DXMD.
	Extraction of files that span multiple archives is also supported.
	"""

	import logging
	import os

SeanPesce / ping.py

Last active November 10, 2023 14:00

Platform-agnostic Python 3 function to safely check if a host responds to ICMP pings

	#!/usr/bin/env python3
	# Author: Sean Pesce

	import os
	import platform
	import socket

	def ping(host, timeout=1):
	"""
	Returns True if the target host sent an ICMP response within the specified timeout interval

SeanPesce / dup_ko.py

Created January 27, 2022 18:25

Linux kernel module duplicator

	#!/usr/bin/env python3

	# Author: Sean Pesce
	#
	# This script can be used to duplicate a loadable Linux kernel module file (*.ko).
	# The newly-created file will have unique export and module name strings to facilitate
	# patching and loading onto a system when normal module development isn't feasible
	# (e.g., when creating a PoC exploit for a proprietary system).
	#
	# Install prerequisites:

SeanPesce / wss_server.py

Last active October 27, 2023 13:07

Simple Python 3 Secure WebSocket Server (SSL/TLS)

	#!/usr/bin/env python3
	# Author: Sean Pesce

	# Shell command to create a self-signed TLS certificate and private key:
	# openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out cert.crt -keyout private.key

	import asyncio
	import ssl
	import sys
	import websockets

SeanPesce / run_http_capture.py

Last active September 11, 2024 16:14

HTTP Request Replay Script

	#!/usr/bin/env python3
	# Author: Sean Pesce

	"""
	This script takes in a captured (well-formed) HTTP request dump and runs the request.

	Example input:

	GET /test HTTP/1.1
	Accept:application/json

SeanPesce / m3u_to_mp3.py

Last active July 10, 2021 14:50

Script that downloads all items in an m3u playlist and merges the resulting files with ffpmpeg. Useful for downloading songs from SoundCloud, etc.

	#!/usr/bin/env python3
	# Author: Sean Pesce

	"""
	This script downloads all items in an m3u playlist and merges the resulting files with ffpmpeg. Useful for downloading
	songs from SoundCloud, etc.

	This script makes a lot of assumptions, and I've only used it for SoundCloud. I can't guarantee it will work with any
	other website.

SeanPesce / https_server.py

Last active February 17, 2025 13:48

Simple Python 3 HTTPS Server (SSL/TLS)

	#!/usr/bin/env python3
	# Author: Sean Pesce

	# References:
	# https://stackoverflow.com/questions/19705785/python-3-simple-https-server
	# https://docs.python.org/3/library/ssl.html
	# https://docs.python.org/3/library/http.server.html

	# Shell command to create a self-signed TLS certificate and private key:
	# openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out cert.crt -keyout private.key

Sean Pesce SeanPesce