Skip to content

Instantly share code, notes, and snippets.

View komodoooo's full-sized avatar
♾️
Learning

komodo komodoooo

♾️
Learning
40 followers · 14 following
View GitHub Profile
@komodoooo
komodoooo / ldap_dump.sh
Last active February 8, 2025 19:44
Automatically dump misconfigured ldap server
#!/bin/bash
ldapsearch -x -H ldap://$1:$2 -s base -b "" "(objectClass=*)" "+" 2>/dev/null | awk '/^namingContexts:/ {print $2}' | xargs -I{} ldapsearch -H ldap://$1:$2 -x -b {}
# EXAMPLE USAGE: ./ldap_dump [ADDRESS] [PORT] > dump.txt
# Shodan query: "LDAP" "SupportedSASLMechanisms: ANONYMOUS"
# Censys query: services.ldap.allows_anonymous_bind: true
@komodoooo
komodoooo / hotports.sh
Last active April 20, 2025 11:31
Get shodan's top 1000 ports in a parsable way
shodan stats --facets port:1000 net:0.0.0.0/0 > tmp.txt
python3 -c 'open("ports.txt", "w").write("\n".join([i.split()[0] for i in open("tmp.txt", "r").read().strip().splitlines()[1:]]))'
rm tmp.txt # these ports are probably all TCP due to its popularity