Jeff Tong Wind010

Coder, hacker, gamer, martial artist.

Wind010 / generateJwtWithPublicKey.py

Created August 5, 2024 02:53

Forge a JWT with a RS256 public key to take advantage of CVE-2016-5431/CVE-2016-10555.

	from codecs import encode, decode
	import hashlib
	import hmac
	import json

	# https://github.com/FlorianPicca/JWT-Key-Recovery
	with open('pub.pem', 'rb') as f:
	key = f.read()

	header = b'{"typ":"JWT","alg":"HS256"}'

Wind010 / .zshrc

Last active July 29, 2024 06:22

ZSH, TMUX, and VIM configs

	# If you come from bash you might have to change your $PATH.
	# export PATH=$HOME/bin:/usr/local/bin:$PATH

	# Path to your oh-my-zsh installation.
	export ZSH="$HOME/.oh-my-zsh"

	# Set name of the theme to load --- if set to "random", it will
	# load a random theme each time oh-my-zsh is loaded, in which case,
	# to know which specific one was loaded, run: echo $RANDOM_THEME
	# See https://github.com/ohmyzsh/ohmyzsh/wiki/Themes

Wind010 / keyvault_secrets.ps1

Created July 3, 2024 23:05

List KeyVault secrets with Azure CLI.

	param(
	[Parameter(Mandatory=$true)]
	[string]$KeyVaultName,

	[Parameter(Mandatory=$true)]
	[string]$SubscriptionName
	)

	az account set -s "$SubscriptionName"

Wind010 / base64_urlsafe.py

Last active May 24, 2024 03:10

Just base 64 encoding and decoding with URL safe call with hex string output.

	import base64

	def base64_decode(encoded_str, url_safe=True):
	hexadecimal_hash = ''
	padding = 4 - (len(encoded_str) % 4)
	if padding and padding != 4: # Padding can be 1, 2, or 3
	encoded_str += '=' * padding
	print(encoded_str)

	if url_safe:

Wind010 / batch_delete.sql

Last active April 20, 2024 20:13

SQL to batch delete specific rows wrapped wrapped in transaction.

	/*
	SQL to batch delete specific rows wrapped wrapped in transaction.
	*/

	DECLARE @BatchSize INT = 1000;
	DECLARE @RowsAffected INT = 1;
	DECLARE @Batches INT = 10;
	DECLARE @BatchCount INT = 0;

	WHILE @RowsAffected > 0 AND @BatchCount < @Batches

Wind010 / sp_GenerateDateRangeSelectQuery.sql

Created April 17, 2024 21:27

SQL query to generate a selection of date ranges based off parameters specified.

	CREATE OR ALTER PROCEDURE sp_GenerateDateRangeSelectQuery
	@TimeInterval NVARCHAR(10), -- 'HOUR', 'DAY', 'WEEK', 'MONTH'
	@StartDate DATETIME,
	@EndDate DATETIME,
	@SchemaName NVARCHAR(128),
	@TableName NVARCHAR(128),
	@DateColumnName NVARCHAR(128)
	AS
	BEGIN
	DECLARE @SQL NVARCHAR(MAX)

Wind010 / jdbc_client.py

Created April 14, 2024 02:08

	from datetime import datetime
	from typing import Any, List, Tuple
	from pyspark.sql import DataFrame, SparkSession

	from jdbc_configuration import JdbcConfiguration

	# https://www.youtube.com/watch?v=_p73PZIDQuA
	NOT_PREPARED: str = "The prepared_statement param is None!"
	SQL_FORMAT: str = '%Y-%m-%d %H:%M:%S'

Wind010 / gist:6d800a9121fa30fbb33b64d62abcf023

Created March 16, 2024 02:05

Bash script to enumerate all users on a CMD+CTRL Cyber Range

	#!/bin/bash
	set -e

	# Endpoint URL
	#endpoint=""

	final_expected_response='{"profile":{"error":"invalid user id"}}'

	# Default values
	ids_to_enumerate=1

Wind010 / ascii_lord_oscar.txt

Created February 26, 2024 22:01

ASCII Lord Oscar

	. .
	++xx++;++++xxxxx+x+++;+++++++;++++++;++++;;;;;x+++++++x+++++++++++++++++x++xxxxXxxxxXXx+xxxxxxxxxxxx+xxxxxx++x+xXXXXXXxxXXxxXXxx+x++xxXxXXXXXXxxxxxXXXXXXXXxxxXXXXXXx+$X+XXXXXX$XXXXXXXxXXXxxX$xxX$$$$
	++++++;:;+++++xx++++;+++++++++++++++++;;+++;+++;+++++++x+++xxxx+xx++xxxx+++xXxxXxXXXx+++++xxxxxxxx+xxxxxxXxxXxxXXxxxxxxXXxXXxxXXXXXXxxxxXXXXXxxxXXXXXXXx+xxXXXXXXXXxXXxxXXX$$$XXXXXXXX$$$XxXXXX&$$$XX$
	xx;:::;;+++;++;+++++xx+x+++++++++++;;;+x++xxxxxx+++xx+xxxx++++;+x+++++++xxxXXXxxx+++++xxxXXxxXXx++xXxXXXXXxxx++xxXXxxxx+xXxXXXxXxxxxXXxxxXxxxxXXXxxXxxX$XxxXXXXXXxxXxxXXXXXXXXXxxXXXXXX+xXXXX$$$XxXXXX
	;:;;;++++++++xx+xxxxx;;;;;++x+++++;;++++;+++;;;+++++++x++++++++++++++++++++++x++++xxxXXXxxx++xxXXXXXxxx++x+xX$$XX+xxxXXXXXXXXXx+xxXXxxX$xXXxxxXXXXXXXXxxXXXxxXXXXxxxxXXXXXxxXx+$XXXXXXxXXxX$$XXXXXXXXx
	++++;;;+++;;+++++;

Wind010 / pass-butter_robot.txt

Created February 26, 2024 21:53

Pass butter robot