dustyfresh

27 April 2016

On the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

(Text with EEA relevance)

THE EUROPEAN PARLIAMENT AND THE COUNCIL OF THE EUROPEAN UNION,

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 16 thereof,

dustyfresh

AWS

• from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories

• http://169.254.169.254/latest/user-data

• http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]

• http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]

• http://169.254.169.254/latest/meta-data/ami-id

• http://169.254.169.254/latest/meta-data/reservation-id

• http://169.254.169.254/latest/meta-data/hostname

• http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key

dustyfresh

#!/usr/bin/env python
'''
    $ ./pwnagotchi_ids.py | while read fingerprint; do pwngrid -send $fingerprint -message "( ͡° ͜ʖ ͡°)"; done
'''
import json
import requests

def main():
    blacklist = open('./blacklist.txt', 'r').read().splitlines()
    page = 0

dustyfresh

#!/usr/bin/env python
import re
import requests
import argparse
import multiprocessing as mp
from bs4 import BeautifulSoup
from urllib.parse import urlparse

__author__ = '@dustyfresh'
__license__ = 'https://www.gnu.org/licenses/gpl-3.0.en.html'

dustyfresh

#!/usr/bin/env python3
import sys
from datetime import datetime
import time
from time import sleep

from dnslib import DNSLabel, QTYPE, RD, RR, RCODE
from dnslib import A, AAAA, CNAME, MX, NS, SOA, TXT
from dnslib.server import DNSServer

dustyfresh

from miniboa import TelnetServer
import logging as logz

def on_connect(client):
    logz.info('New connection from {}'.format(client.address))
    clients.append(client)
    # Fake login prompt
    client.send('Login: ')

def on_disconnect(client):

dustyfresh

Keybase proof

I hereby claim:

• I am dustyfresh on github.
• I am dustyfresh (https://keybase.io/dustyfresh) on keybase.
• I have a public key ASCCXpExvlJd32z0N3WdZ1Tw1ZoIi73S9_JuclQ0QQJEDgo

To claim this, I am signing this object:

dustyfresh

ACRIDMINI - TAO computer hacking project
ADJUTANT VENTURE - Intrusion set?
ALOOFNESS - Cyber threat actor
ALTEREDCARBON - An IRATEMONK implant for Seagate drives
AMULETSTELLAR - Cyber threat actor sending malicious e-mails
ANGRYNEIGHBOR - Family of radar retro-reflector tools used by NSA's TAO division
APERTURESCIENCE - TAO computer hacking project
ARGYLEALIEN - Method to cause a loss of data by exploiting zeroization of hard-drives
ARKSTREAM - Implant used to reflash BIOS, installed by remote access or intercepted shipping
ARROWECLIPSE - Counter CNE tool

dustyfresh

#!/usr/bin/env python
import requests
import random
import string
from time import sleep

while True:
    sleep(random.choice(range(5)))
    lol = ''.join(random.choice(string.ascii_uppercase + string.digits + string.ascii_lowercase) for _ in range(4))
    url = 'https://kek.gg/u/{}'.format(lol)

dustyfresh

Architecture

Sometimes you need to access a service that is behind a firewall that you do not have permissions to influence. You can get around your inability to modify the firewall policies by tunneling your service over a Tor hidden service with SSH.

Requirements

• Tor must be installed on both the firewalled host, as well as the client server the tunnel will be initiated from.
• Ncat is used to proxy SSH over SOCKS to Tor. The ncat binary ships with the nmap package.
• client must have a public key in the authorized_keys SSH file for the hidden service

Setup hidden service