Skip to content

Instantly share code, notes, and snippets.

View claudijd's full-sized avatar
🦬

Jonathan Claudius claudijd

🦬
222 followers · 78 following
View GitHub Profile
@claudijd
claudijd / gist:2625441
Created May 7, 2012 02:05
Suggestions for Metasploit Dev Setup Environment Wiki
##Current Wiki Content
$ curl -L get.rvm.io | bash -s stable
$ source ~/.rvm/scripts/rvm
$ rvm install 1.9.3-p125
##Suggestions for Wiki Content
#Set default manually
@claudijd
claudijd / gist:2641442
Created May 9, 2012 02:57
PHP CGI Emerging Threat Snort Rule
alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS (msg:"ET WEB_SPECIFIC_APPS PHP-CGI query string parameter vulnerability"; flow:to_server,established; content:"?"; http_uri; content:"-"; http_uri; distance:0; content:!"="; http_raw_uri; pcre:"/(\.php|\/)\?[\s\+]*\-[A-Za-z]/Ui"; reference:cve,2012-1823; reference:url,eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/; reference:url,varanoid.com/research-alerts/us-cert/vu520827-php-cgi-query-string-parameter-vulnerability/; classtype:web-application-attack; sid:2014704; rev:4;)
@claudijd
claudijd / German Translator
Created July 20, 2012 20:39
Ruby-based German Translator
def translate_2_german(string)
string.upcase
end
@claudijd
claudijd / DEFCON 20 Slides, Demo Video and Whitepaper Links
Created July 29, 2012 17:14
DEFCON 20 Slides, Demo Video and Whitepaper Links
@claudijd
claudijd / sync_fork_with_r7.rb
Created September 10, 2012 03:52
Syncing my metasploit-framework fork with upstream-master
#Just a simple script to sync master with upstream-master
#Set rapid7 as remote upstream
puts "[+] Setting Rapid7 as upstream remote"
`git remote add upstream git://github.com/rapid7/metasploit-framework.git`
#Get all the upstream changes
puts "[+] Grabbing upstream remote changes"
`git fetch upstream`
@claudijd
claudijd / rails_rce.rb
Created January 10, 2013 04:06 — forked from postmodern/rails_rce.rb
#!/usr/bin/env ruby
#
# Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0156)
#
# ## Advisory
#
# https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
#
# ## Caveats
#
@claudijd
claudijd / gist:5006429
Created February 21, 2013 17:21
Investigating why Aloha Ruby Conf website 404's all the time for me
#Testing Code
require 'resolv'
require 'set'
def lookup
p Resolv.getaddress "www.aloharubyconf.com"
end
ips = Set.new
@claudijd
claudijd / ssh_bruteforcer.rb
Created March 29, 2013 03:23
Quick and Dirty Threaded SSH Bruteforcer
require 'net/ssh'
require 'thread'
require 'timeout'
ips = [
"192.168.1.80",
"192.168.1.81",
"192.168.1.82",
"192.168.1.83",
]
@claudijd
claudijd / export_msf_exploits_to_xml.rb
Last active December 18, 2015 03:29
Export MSF Exploits to XML
#!/usr/bin/env ruby
# This code melds together some boiler plate documentation code
# from MSF (1), darkoperator's export to XML resource script (2)
# and a little Nokogiri fun to allow you to export the MSF exploit
# data to XML from outside of MSF console.
#
# References:
# (1) https://github.com/rapid7/metasploit-framework/blob/a731efa5ce43763cb4ee0873bc40140b61f3928a/documentation/samples/framework/dump_module_info.rb
# (2) https://github.com/darkoperator/Meterpreter-Scripts/blob/a38e001c2d50eaaddc82f4397b8074e29621bf83/scripts/resource/exploit_info.rc
#
@claudijd
claudijd / barry_dns.rb
Last active December 19, 2015 01:09
A quick and dirty DNS/HTTP/HTTPS Bruterforcer for my home boy Barry
# Low-down DNS/HTTP/HTTPS Bruteforcing Script for Barry
require 'resolv'
require 'rest_client'
# SETUP ##############
#
# You need two gems 'resolv' and 'rest_client'
#
# gem install resolv (may be a default in ruby, can't remember)