Skip to content

Instantly share code, notes, and snippets.

View ariary's full-sized avatar

Ariary ariary

View GitHub Profile
@gmurdocca
gmurdocca / socat_caesar_dpi.md
Last active June 28, 2024 15:53
Circumventing Deep Packet Inspection with Socat and rot13

Circumventing Deep Packet Inspection with Socat and rot13

I have a Linux virtual machine inside a customer's private network. For security, this VM is reachable only via VPN + Citrix + Windows + a Windows SSH client (eg PuTTY). I am tasked to ensure this Citrix design is secure, and users can not access their Linux VM's or other resources on the internal private network in any way outside of using Citrix.

The VM can access the internet. This task should be easy. The VM's internet gateway allows it to connect anywhere on the internet to TCP ports 80, 443, and 8090 only. Connecting to an internet bastion box on one of these ports works and I can send and receive clear text data using netcat. I plan to use good old SSH, listening on tcp/8090 on the bastion, with a reverse port forward configured to expose sshd on the VM to the public, to show their Citrix gateway can be circumvented.

Rejected by Deep Packet Inspection

I hit an immediate snag. The moment I try to establish an SSH or SSL connection over o

@WJWH
WJWH / gist:f3a196e65fdabd6eace5f89da430600e
Created October 1, 2021 14:16
Server that does no syscalls for handling connections
// Extremely hacky server program that will send a standard response
// to every client that connects, then closes the connection. Will
// issue no system calls (as measured by `strace`) after initial setup
// no matter how many requests are served.
// Yes, this program is sorely lacking in error checking. It's a toy
// and not meant to be taken seriously.
// compile with gcc no_syscall_server.c -luring
@tothi
tothi / usbgadget_razer.sh
Created August 22, 2021 09:52
Razer USB gadget on Android for Local Privilege Escalation on Windows
# MINIMAL USB gadget setup using CONFIGFS for simulating Razer Gaming HID
# devices for triggering the vulnerable Windows Driver installer
# credits for the Windows Driver install vuln: @j0nh4t
#
# https://twitter.com/j0nh4t/status/1429049506021138437
# https://twitter.com/an0n_r0/status/1429263450748895236
#
# the script was developed & tested on Android LineageOS 18.1
@YannBouyeron
YannBouyeron / Ipfs_tuto.md
Last active May 14, 2023 07:57
InterPlanetary File System - Tutoriel

IPFS tutoriel

L`IPFS ou InterPlanetary File System est un protocole pair à pair (p2p) de distribution de contenu adressable par hypermédia. Il permet de "stocker" des fichiers ou des arborescences de fichiers de manière décentralisée et permanente, et d’y accéder via un noeud ipfs ou via un navigateur web. Il permet aussi d’héberger un site web statistique.

Installer ipfs

Rendez vous sur le site de IPFS et suivez les instructions.

Pour une installation sur raspbian:
@narbehaj
narbehaj / python-scapy-http.py
Last active June 16, 2022 08:12
Python scapy to sniff HTTP
from scapy.all import *
def packet_callback(packet):
if packet[TCP].payload:
if packet[IP].dport == 80:
print("\n{} ----HTTP----> {}:{}:\n{}".format(packet[IP].src,
packet[IP].dst,
packet[IP].dport,
str(bytes(packet[TCP].payload))))
@markreid
markreid / gitflowrebasing.md
Created January 17, 2017 04:30
git flow with rebasing
@JamesMGreene
JamesMGreene / gitflow-breakdown.md
Last active November 5, 2024 15:51
`git flow` vs. `git`: A comparison of using `git flow` commands versus raw `git` commands.

Initialize

gitflow git
git flow init git init
  git commit --allow-empty -m "Initial commit"
  git checkout -b develop master

Connect to the remote repository