picatz
/ top_10_via_shodan.rb
Created
October 20, 2017 16:04
Top 10 Countries Running a Product via Shodan
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'shodanz' | |
| require 'command_lion' | |
| require 'yaml' | |
| require 'pry' | |
| module Top10 | |
| @rest_api = Shodanz.api.rest.new | |
| def self.check(product) | |
| begin | |
| @rest_api.host_count(product: product, facets: { country: 10 })["facets"]["country"].collect { |x| x.values }.to_h.invert |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require "shodanz" | |
| rest_api = Shodanz.api.rest.new | |
| rest_api.info | |
| # Returns a hash containing information about the Shodan API plan. | |
| # => { "https"=>true, | |
| # "unlocked"=>true, | |
| # "unlocked_left"=>31337, | |
| # "telnet" =>true, |
picatz
/ top_10_running_apache.rb
Last active
November 16, 2017 03:21
Top 10 Countries Running Apache
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require "shodanz" | |
| require "chart_js" | |
| module Top10 | |
| @rest_api = Shodanz.api.rest.new | |
| def self.check(product) | |
| begin | |
| @rest_api.host_count(product: product, facets: { country: 10 })["facets"]["country"].collect { |x| x.values }.to_h.invert | |
| rescue | |
| puts "Unable to succesffully check the Shodan API." |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://docs.google.com/presentation/d/1aMr8K1aWM8Z8KYV0caFXqlIgfj7NBb4GrnnjG7_rhVI/edit?usp=sharing |
picatz
/ top_10_running_apache_bar_chart.rb
Last active
October 21, 2017 17:22
Top 10 Countries Running Apache
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require "shodanz" | |
| require "chart_js" | |
| module Top10 | |
| # Create RESP API client. | |
| @rest_api = Shodanz.api.rest.new | |
| # Check a given product. | |
| def self.check(product) | |
| begin | |
| @rest_api.host_count(product: product, facets: { country: 10 })["facets"]["country"].collect { |x| x.values }.to_h.invert |
picatz
/ shodan_development_probably_malicious_javascript_found_sample.js
Created
November 2, 2017 22:34
Found some interesting code while monitoring Shodan
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // I don't know what context. But, um. Be hella' cautious when messing with it because | |
| // I have zero clue wtf it's actually becuase I just wanted to have it to look at | |
| // later. | |
| // Feel free to leave comments. <3 | |
| // Not my code. | |
| OpenSSElementById("login").style.left =(width / 2) - 480; | |
| document.getElementById("loginForm").style.top = (height - 260) / 2; | |
| document.getElementById("loginForm").style.left = (width / 2) - 150; | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'packetgen' | |
| # capture an array of 10 parsed packets, using a bpf filter | |
| icmps = PacketGen.capture(iface: 'eth0', filter: 'icmp', max: 10) | |
| # analyze each packet's payload | |
| icmps.each do |packet| | |
| puts packet.body | |
| end |
picatz
/ lookupdev.cr
Created
November 4, 2017 19:07
LibPcap Crystal Binding Example: pcap_lookupdev
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @[Link("pcap")] | |
| lib LibPcap | |
| PCAP_ERRBUF_SIZE = 256 | |
| fun pcap_lookupdev : LibC::Char* | |
| end | |
| # print out the first, non-loopback interface | |
| puts String.new(LibPcap.pcap_lookupdev, LibPcap::PCAP_ERRBUF_SIZE) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @[Link("pcap")] | |
| lib LibPcap | |
| # Size to use when allocating the buffer that contains the libpcap errors. | |
| PCAP_ERRBUF_SIZE = UInt8.new(256) | |
| # Item in a list of interfaces. | |
| struct PcapIf | |
| next : PcapIf* # next interface in the list | |
| name : LibC::Char* # name to hand to pcap_open_live() | |
| description : LibC::Char* # textual description of interface, or NULL |
picatz
/ hexdump_capture.cr
Last active
November 5, 2017 19:28
Packetz : Packet Capturing Beta v.2 Version Example
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| capture = Packetz.capture | |
| capture.each do |packet| | |
| puts packet.hexdump | |
| end |