I hereby claim:
- I am bcoles on github.
- I am bcoles (https://keybase.io/bcoles) on keybase.
- I have a public key whose fingerprint is A2F9 D7FB E728 71FF AC5B 9967 3EB7 00FC FBA8 99B5
To claim this, I am signing this object:
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # 7zip-JTR Decrypt Script | |
| # | |
| # Clone of JTR Decrypt Scripts by synacl modified for 7zip | |
| # - RAR-JTR Decrypt Script - https://synacl.wordpress.com/2012/02/10/using-john-the-ripper-to-crack-a-password-protected-rar-archive/ | |
| # - ZIP-JTR Decrypt Script - https://synacl.wordpress.com/2012/08/18/decrypting-a-zip-using-john-the-ripper/ | |
| echo "7zip-JTR Decrypt Script"; | |
| if [ $# -ne 2 ] | |
| then |
bcoles
/ apache_modaccouting_postgresql_injection.rb
Created
August 23, 2015 09:32
This module exploits an SQL injection vulnerability in the mod_accounting module for Apache 1.3 when configured to use PostgreSQL. This module uses SQL injection in the HTTP 'Host' header to execute arbitrary commands as the database user. This module has been tested successfully on Apache 1.3.33 on Debian 3.1r8 Sarge with PostgreSQL 7.4.7.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # This module requires Metasploit: http://metasploit.com/download | |
| # Current source: https://github.com/rapid7/metasploit-framework | |
| ## | |
| require 'msf/core' | |
| class Metasploit3 < Msf::Exploit::Remote | |
| Rank = ManualRanking |
bcoles
/ Life.HC.Z
Last active
August 28, 2022 17:37
Conway's Game of Life in HolyC for TempleOS. Ported from Rosetta Code. Original C Source: http://rosettacode.org/wiki/Conway's_Game_of_Life#C
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Conway's Game of Life in HolyC for TempleOS | |
| // Ported from Rosetta Code. Original C Source: | |
| // - http://rosettacode.org/wiki/Conway's_Game_of_Life#C | |
| #define WIDTH 60 | |
| #define HEIGHT 40 | |
| #define SLEEP 100 | |
| U32 Universe[HEIGHT][WIDTH]; | |
| U64 COUNT; |
bcoles
/ decaptcha.sh
Last active
February 13, 2016 16:26
Cracks rudimentary CAPTCHA. Requires tesseract.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # decaptcha.sh - Cracks rudimentary CAPTCHA. Requires tesseract. | |
| # --- | |
| image="$1" | |
| output=`mktemp` | |
| charset="ABCDEFGHIJKLMNOPQRSTUVWXYZ" | |
| command -v tesseract >/dev/null 2>&1 || { echo "Tesseract is not installed - (apt-get install tesseract-ocr) - Aborting." >&2; exit 1; } |
bcoles
/ mvpower_dvr_shell_exec_telnet.rb
Created
February 25, 2017 11:52
This module exploits an unauthenticated remote command execution vulnerability in MVPower digital video recorders. The 'shell' file on the web interface executes arbitrary operating system commands in the query string. This module launches the BusyBox Telnet daemon on the port specified in the TelnetPort option to gain an interactive remote shel…
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # This module requires Metasploit: http://metasploit.com/download | |
| # Current source: https://github.com/rapid7/metasploit-framework | |
| ## | |
| class MetasploitModule < Msf::Exploit::Remote | |
| Rank = ExcellentRanking | |
| include Msf::Exploit::Remote::HttpClient |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| # Reverse /etc/services | |
| # Returns Hash of services and ports with service names as Hash keys | |
| services = {} | |
| File.read('/etc/services').each_line do |line| | |
| next if line.strip == '' # remove blank lines | |
| next if line.start_with?('#') # remove comment lines |
bcoles
/ msfrpc-client-search.rb
Last active
January 14, 2018 14:13
Searches Metasploit modules for a keyword using msfrpc-client Ruby library
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| # [ Example code - Don't use in production ] | |
| # | |
| # Searches Metasploit modules for a keyword using msfrpc-client Ruby library | |
| # | |
| # Start msfrpcd from msfconsole like this, but with a more secure password: | |
| # load msgrpc ServerHost=127.0.0.1 Pass=abc123 SSL=y | |
| # | |
| require 'msfrpc-client' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ################################################################################ | |
| # VMware Workstation Local Privilege Escalation exploit (CVE-2017-4915) # | |
| # - https://www.vmware.com/security/advisories/VMSA-2017-0009.html # | |
| # - https://www.exploit-db.com/exploits/42045/ # | |
| # # | |
| # Affects: # | |
| # - VMware Workstation Player <= 12.5.5 # | |
| # - VMware Workstation Pro <= 12.5.5 # | |
| ################################################################################ |
bcoles
/ keybase.md
Created
June 29, 2017 13:49
bcoles
/ msfrpcd-rce.rb
Created
July 5, 2017 14:55
Metasploit RPC post-auth command execution exploit
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| ################################################################################ | |
| # Metasploit RPC post-auth command execution exploit # | |
| ################################################################################ | |
| # ~ bcoles | |
| require 'msfrpc-client' # gem install msfrpc-client | |
| require 'base64' | |
| @host = '127.0.0.1' |