Open Data Coder p3t3r67x0

Symmetic encryption

For symmetic encryption, you can use the following:

To encrypt:

openssl aes-256-cbc -salt -a -e -in plaintext.txt -out encrypted.txt

To decrypt:

WARNING

May contain out of date information. Check the comments below!

The list of actions listed below was taken mostly from Book Of Zeus with minor modifications and did the job well for Ubuntu version, which was available at that moment (May 2016). This gist was created for internal use and was never meant to be discovered by the web, although Google managed to find and index this page, which was a great surprise for me. Please check the original source for the updated information (links are provided in most of the sections), and read the comments below: they provide more details about the usage experience.

System Updates

http://bookofzeus.com/harden-ubuntu/initial-setup/system-updates/

Keeping the system updated is vital before starting anything on your system. This will prevent people to use known vulnerabilities to enter in your system.

	import socket
	import telnetlib
	import time
	import struct
	import sys

	TARGET=('localhost', 1337)

	offset___libc_start_main_ret = 0x203f1
	offset_system = 0x00000000000456d0

	Ansible playbook to setup HTTPS using Let's encrypt on nginx.

	The Ansible playbook installs everything needed to serve static files from a nginx server over HTTPS.
	The server pass A rating on [SSL Labs](https://www.ssllabs.com/).

	To use:
	1. Install [Ansible](https://www.ansible.com/)
	2. Setup an Ubuntu 16.04 server accessible over ssh
	3. Create `/etc/ansible/hosts` according to template below and change example.com to your domain
	4. Copy the rest of the files to an empty directory (`playbook.yml` in the root of that folder and the rest in the `templates` subfolder)

	var CryptoJS = CryptoJS \|\| function(u, p) {
	var d = {},
	l = d.lib = {},
	s = function() {},
	t = l.Base = {
	extend: function(a) {
	s.prototype = this;
	var c = new s;
	a && c.mixIn(a);
	c.hasOwnProperty("init") \|\| (c.init = function() {

	var CryptoJS = CryptoJS \|\| function(u, p) {
	var d = {},
	l = d.lib = {},
	s = function() {},
	t = l.Base = {
	extend: function(a) {
	s.prototype = this;
	var c = new s;
	a && c.mixIn(a);
	c.hasOwnProperty("init") \|\| (c.init = function() {

	# Simulate fake processes of analysis sandbox/VM that some malware will try to evade
	# This just spawn ping.exe with different names (wireshark.exe, vboxtray.exe, ...)
	# It's just a PoC and it's ugly as f*ck but hey, if it works...

	# Usage: .\fake_sandbox.ps1 -action {start,stop}

	param([Parameter(Mandatory=$true)][string]$action)

	$fakeProcesses = @("wireshark.exe", "vmacthlp.exe", "VBoxService.exe",
	"VBoxTray.exe", "procmon.exe", "ollydbg.exe", "vmware-tray.exe",

	#!/usr/bin/python

	# Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford ([email protected])
	# The author disclaims copyright to this source code.
	# Edited spl0it to loop and save cookies.

	import sys
	import struct
	import socket
	import time

	/**
	* e.g. retrieving field values from a form.
	*/
	function getDateFromForm() {
	const props = ['year', 'month', 'day', 'hour', 'minutes', 'sec', 'milisec'];
	return props.map((prop) => {
	return document.querySelector(`#${prop}`).text;
	});
	}

	Array.from(document.querySelectorAll('a'))
	.filter((a) => { return !a.href.match( /^https?\:\/\/example\.com\// ); })
	.map((a) => (`- [${a.text}](${a.href})`))
	.join('\n');