arall arall
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import subprocess | |
| import re | |
| devices = [] | |
| subprocess.Popen('btmgmt le on', stdout=subprocess.PIPE, shell=True) | |
| proc = subprocess.Popen('sudo btmgmt find', stdout=subprocess.PIPE, shell=True) | |
| output = proc.communicate() | |
| for line in str(output).split('\\n')[:-1]: | |
| if 'hci0 dev_found' in line: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2.7 | |
| # Based on :https://gist.github.com/LoranKloeze/6b713022619c2b32b32c6400a55a8433 | |
| import subprocess | |
| import re | |
| import time | |
| monitor_dev = "wlan1mon" | |
| while True: |
arall
/ log4j_rce_check.py
Last active
December 13, 2021 11:40
— forked from byt3bl33d3r/log4j_rce_check.py
Python script to detect if an HTTP server is potentially vulnerable to the log4j 0day RCE (https://www.lunasec.io/docs/blog/log4j-zero-day/)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /usr/bin/env python3 | |
| ''' | |
| Needs Requests (pip3 install requests) | |
| Author: Marcello Salvati, Twitter: @byt3bl33d3r | |
| License: DWTFUWANTWTL (Do What Ever the Fuck You Want With This License) | |
| This should allow you to detect if something is potentially exploitable to the log4j 0day dropped on December 9th 2021. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PAYLOAD="?class.module.classLoader.URLs%5B0%5D=0" | |
| while read site; do | |
| normalResponse=$(curl --write-out '%{http_code}' -L --silent --insecure --output /dev/null "$site") | |
| pocResponse=$(curl --write-out '%{http_code}' -L --silent --insecure --output /dev/null "$site$PAYLOAD") | |
| if [ $pocResponse == "400" ] && [ $normalResponse != $pocResponse ]; then | |
| echo "$pocResponse - $site$PAYLOAD" | |
| fi | |
| done <$1 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| First intall the pip modules: | |
| pip3 install peewee | |
| pip3 install pymysql | |
| Then run TruffleHog: | |
| docker run --rm -it -v "$PWD:/pwd" trufflesecurity/trufflehog:latest github file:///repo-dir --json > output.json | |
| docker run --rm -it -v "$PWD:/pwd" trufflesecurity/trufflehog:latest github --org=org-name --token=token --json > output.json |
OlderNewer