Kevin Kirsche kkirsche
kkirsche
/ is-restart-needed.sh
Created
July 18, 2018 21:25
Checks if a CentOS system requires a reboot or not. Good for login processes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # requires yum-utils to be installed | |
| if ! needs-restarting -r 2>&1 >> /dev/null; then | |
| echo '**System Restart Required**' | |
| fi |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [ $# -ne 1 ]; then | |
| echo "{$0} <program to dump as shellcode>" | |
| exit 1 | |
| fi | |
| # https://www.commandlinefu.com/commands/view/6051/get-all-shellcode-on-binary-file-from-objdump | |
| objdump -d ./${1}|grep '[0-9a-f]:'|grep -v 'file'|cut -f2 -d:|cut -f1-6 -d' '|tr -s ' '|tr '\t' ' '|sed 's/ $//g'|sed 's/ /\\x/g'|paste -d '' -s |sed 's/^/"/'|sed 's/$/"/g' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from jinja2 import Environment, FileSystemLoader, select_autoescape | |
| jinja_env = Environment(loader=FileSystemLoader('/path/to/templates', followlinks=True), autoescape=select_autoescape([])) | |
| tmpl = jinja_env.get_template('template_name') | |
| view = tmpl.render(values=values) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Installation | |
| sudo yum update | |
| sudo yum install -y epel-release | |
| sudo yum install -y python34 python34-setuptools | |
| sudo easy_install-3.4 pip | |
| # Project Setup | |
| mkdir -p ~/dev/project_name | |
| cd ~/dev/project_name | |
| python3 -m venv venv |
kkirsche
/ split32-ropemporium-solution.py
Created
March 29, 2018 21:01
split32 ROP Emporium Solution
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from pwn import * | |
| # Prepare the binary | |
| context.update(binary='split32', log_level='info') | |
| e = ELF('split32') | |
| call_system_addr = e.symbols['system'] | |
| cat_flag_addr = e.search('/bin/cat flag.txt').next() |
kkirsche
/ ret2win32-rop-emporium-solution.py
Created
March 28, 2018 20:57
ret2win32 ROP Emporium solution
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from pwn import * | |
| from os import remove | |
| # Prepare the binary | |
| context.update(binary='ret2win32', log_level='info') | |
| ret2win_binary = ELF('ret2win32') | |
| # Find our return address |
kkirsche
/ mass-gobuster-runner.py
Created
March 21, 2018 20:27
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| from os import system, fsencode, fsdecode, listdir | |
| from multiprocessing import Pool | |
| def gobust(fp): | |
| f_name = fp.split('/')[-1].split('.txt')[0] | |
| system('gobuster -u http://URLHERE -w {fp} -x txt,php -o gobuster-80-{f_name}.txt'.format(fp=fp, f_name=f_name)) | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Loop by line | |
| IFS=$'\n' | |
| old_process=$(ps -eo command) | |
| while true; do | |
| new_process=$(ps -eo command) | |
| diff <(echo "$old_process") <(echo "$new_process") | grep [\<\>] |
kkirsche
/ dumprequest.php
Created
March 6, 2018 19:34
— forked from magnetikonline/dumprequest.php
PHP script to dump full HTTP request to file (method, HTTP headers and body).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // https://gist.github.com/magnetikonline/650e30e485c0f91f2f40 | |
| class DumpHTTPRequestToFile { | |
| public function execute($targetFile) { | |
| $data = sprintf( | |
| "%s %s %s\n\nHTTP headers:\n", | |
| $_SERVER['REQUEST_METHOD'], |
kkirsche
/ textwrapper
Created
February 23, 2018 00:21
Little tool to split apart stuff coming from stdin so that we can put it into our code quickly
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from textwrap import wrap | |
| from sys import stdin | |
| output = [] | |
| if __name__ == '__main__': | |
| for line in stdin: | |
| split_line = wrap(line, 76) | |
| output.extend(split_line) |