Patrick Thomas coffeetocode
coffeetocode
/ BurpPluginDemo.py
Created
September 14, 2013 05:47
Code sample included with "Burp Extensions in Python & Pentesting Custom Web Services" at http://labs.neohapsis.com/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # These are java classes, being imported using python syntax (Jython magic) | |
| from burp import IBurpExtender | |
| from burp import IHttpListener | |
| # These are plain old python modules, from the standard library | |
| # (or from the "Folder for loading modules" in Burp>Extender>Options) | |
| from datetime import datetime | |
| class BurpExtender(IBurpExtender, IHttpListener): | |
coffeetocode
/ reassemble_mptcp_challenge.py
Created
August 7, 2014 19:28
Scapy solution for Black Hat MPTCP audience challenge http://labs.neohapsis.com/2014/08/06/blackhat-usa-multipath-tcp-tool-release-audience-challenge/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Uses Nicolas Maitre's MPTCP-capable scapy impl, so that should be | |
| # on the python path, or run this from a directory containing that "scapy" dir | |
| from scapy.all import * | |
| packets = rdpcap("pcaps/neohapsis_mptcp_challenge.pcap") | |
| payload_packets = [p for p in packets if TCP in p | |
| and p[IP].src in ("192.168.1.26", "192.168.1.33") | |
| and TCPOption_MP in p | |
| and p[TCPOption_MP].mptcp.subtype == 2 | |
| and Raw in p] |
coffeetocode
/ erin_is_cheating.js
Created
October 1, 2016 22:12
Code for part of http://coffeetocode.net/2016/10/sorting-out-a-nerdsnipe/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var results = {"Erin Ptacek": {0:0, 1:0, 2:0}, | |
| "Thomas Ptacek": {0:0, 1:0, 2:0}, | |
| "Jeremy Rauch": {0:0, 1:0, 2:0}, | |
| }; | |
| for(var i = 0; i < 1000000; i++) { | |
| var arr = ["Erin Ptacek", "Thomas Ptacek", "Jeremy Rauch"].sort(function(x, y) { return 1 - Math.ceil(Math.random() * 100) % 3; }); | |
| for(var name in results) { | |
| results[name][arr.indexOf(name)]++; | |
| } |
coffeetocode
/ latacora_logged_compares.js
Created
October 1, 2016 22:14
Code for part of http://coffeetocode.net/2016/10/sorting-out-a-nerdsnipe/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const_arr = ["Erin Ptacek", "Thomas Ptacek", "Jeremy Rauch"] | |
| arr = [] | |
| var results = {"Erin Ptacek": {0:0, 1:0, 2:0}, | |
| "Thomas Ptacek": {0:0, 1:0, 2:0}, | |
| "Jeremy Rauch": {0:0, 1:0, 2:0}, | |
| }; | |
| // custom sort function definition equiv to "x-y" |
coffeetocode
/ example_output.txt
Last active
September 15, 2022 18:29
Example of bypasses for naive blacklists of 169.254.169.254 local metadata service. Useful for SSRF testing, among other things. See https://twitter.com/coffeetocode/status/912788650408026112
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ ./try_local_metadata.sh | |
| Trying 169.254.169.254... found metadata | |
| Trying 169.254.43518... found metadata | |
| Trying 169.16689662... found metadata | |
| Trying 2852039166... found metadata | |
| Trying 0251.0376.0251.0376... found metadata | |
| Trying 0251.0376.0124776... found metadata | |
| Trying 251.0775248... - | |
| Trying 25177524776... - | |
| Trying 0xa9.0xfe.0xa9.0xfe... found metadata |
coffeetocode
/ CORS_demo.html
Created
November 11, 2022 17:20
Basic HTML page for demoing exploitation of excessively open CORS policies
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html><head> | |
| <meta http-equiv="content-type" content="text/html; charset=windows-1252"> | |
| <title>CORS test</title> | |
| </head> | |
| <body> | |
| <h2>CORS Demo</h2> | |
| <script> | |
| //Original script from http://www.html5rocks.com/en/tutorials/cors/ | |
| // Create the XHR object. |