I hereby claim:
- I am decidedlygray on github.
- I am decidedlygray (https://keybase.io/decidedlygray) on keybase.
- I have a public key ASAKcnLth9zmCU92kY2PjXhHT7zm4KfiY4wkr1N3p2Phego
To claim this, I am signing this object:
Decidedly Gray decidedlygray
decidedlygray
/ keybase.md
Last active
November 10, 2016 17:55
Keybase.io proof file for https://keybase.io/decidedlygray
decidedlygray
/ crypto_challenge_20161101.py
Last active
March 3, 2022 00:19
Short script to do automated cryptanalysis (really just finding best fit key) against substitution ciphers. Uses hill climbing algorithm to find best fit key.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| Break Simple Substitution Cipher (automated cryptanalysis) | |
| --- | |
| Use a hill climbing algo to maximize fitness score accross iterations of keys (mutate, check, rinse/repeat). | |
| Fitness is determined by comparing quadgram statistics of decrypted text against the engilish quadgrams. | |
| --- | |
| REQUIREMENTS | |
| Install pycipher for easily applying key to ciphertext: pip install pycipher | |
| Also need ngram_score module: http://practicalcryptography.com/media/cryptanalysis/files/ngram_score_1.py | |
| As well as english_quadgrams: http://practicalcryptography.com/media/cryptanalysis/files/english_quadgrams.txt.zip |
decidedlygray
/ cesar_remoteDOS.py
Created
November 12, 2015 02:40
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Exploit Title: CesarFTP 0.99g Remote Resource Exhaustion Vulnerability v4260 | |
| # Date: 10/16/2015 | |
| # Exploit Author: @decidedlygray (independently discovered while learning Sulley fuzzing framework) | |
| # Vendor Homepage: ACLogic.com [NO LONGER EXISTS] | |
| # Software Link: http://download.cnet.com/CesarFTP/3000-2160_4-13481.html | |
| # Version: 0.99g | |
| # Tested on: Windows XP, Windows 7 | |
| # | |
| # Exploit for the issue already discovered in 2004: | |
| # - CesarFTP Server Long Command Denial of Service Exploit - https://www.exploit-db.com/exploits/428/ |
decidedlygray
/ cesar_ftp.py
Created
November 12, 2015 02:13
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import sys | |
| import time | |
| from sulley import * | |
| ####################################################################### | |
| """ Receive banner when connecting to server. """ | |
| def banner(sock): |
decidedlygray
/ netgear_upnp_csrf.rb
Last active
August 29, 2015 14:18
— forked from phikshun/netgear_upnp_csrf.rb
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'msf/core' | |
| class Metasploit3 < Msf::Exploit::Remote | |
| Rank = ExcellentRanking | |
| include Msf::Exploit::Remote::HttpServer::HTML | |
| def initialize(info = {}) | |
| super(update_info(info, | |
| 'Name' => 'NetGear UPnP CSRF', |
NewerOlder