securitytube’s gists

securitytube / Ethernet-Packet-Injection.c

Created April 6, 2013 06:27

Ethernet Packet Injection: Original Source: http://code.securitytube.net/Ethernet-Packet-Injection.c

securitytube / IP-Packet-Injection.c

Created April 6, 2013 06:28

IP Packet Injection. Original Source: http://code.securitytube.net/IP-Packet-Injection.c

securitytube / TCP-Packet-Injection.c

Created April 6, 2013 06:30

TCP Packet Injection: Original Source: http://code.securitytube.net/TCP-Packet-Injection.c

securitytube / UnderstandingS3ACLs.py

Created April 10, 2013 10:37

UnderstandingS3ACLs.py - Help understand permission sets on Amazon S3 using Boto http://securitytube.net

	#!/usr/bin/env python
	# Author - Vivek Ramachandran
	#
	# Website - http://securitytube.net
	#
	# Python for Hackers: http://securitytube-training.com/online-courses/securitytube-python-scripting-expert/
	#
	# License: Use as you please for non-commercial purposes.
	#

securitytube / CheckS3.py

Created April 10, 2013 10:51

CheckS3.py - Prints all the files with public-read enabled.

	#!/usr/bin/env python
	# Author - Vivek Ramachandran
	#
	# Website - http://securitytube.net
	#
	# Python for Hackers: http://securitytube-training.com/online-courses/securitytube-python-scripting-expert/
	#
	# License: Use as you please for non-commercial purposes.
	#

securitytube / dllexportdump.py

Created November 1, 2014 11:06

Export DLL Functions into a DEF file for use with Mingw32/64

	#!/usr/bin/python

	"""
	Author - Vivek Ramachandran
	Learn Pentesting Online -- http://PentesterAcademy.com/topics and http://SecurityTube-Training.com
	Free Infosec Videos -- http://SecurityTube.net
	"""

	import sys, pefile

securitytube / DllMainThread.c

Created November 1, 2014 11:10

Launch Shellcode as a Thread via DllMain rather than a new process

	// Dll Hijacking via Thread Creation
	// Author - Vivek Ramachandran
	// Learn Pentesting Online -- http://PentesterAcademy.com/topics and http://SecurityTube-Training.com
	// Free Infosec Videos -- http://SecurityTube.net



	#include <windows.h>
	#define SHELLCODELEN 2048

securitytube / referer-check.py

Created January 21, 2015 08:27

Pentester Academy CSRF Challenge

	param = self.request.get("ch9")
	referer = self.request.referer

	if referer:
	domain = referer.replace('http://', '').split('/')[0]
	logging.info(domain)
	if param == flag and ( domain.find("pentesteracademylab.appspot.com") != -1 ) :
	cid = "success"
	self.response.headers.add_header("Set-Cookie", "cid-csrf9="+cid)
	self.redirect("/lab/webapp/csrf/9")

securitytube / rf.py

Created January 21, 2015 09:23

Referer based CSRF Check

	param = self.request.get("ch10")
	referer = self.request.referer
	xreferer = self.request.headers.get('X-Referer')
	domain = "pentesteracademylab.appspot.com"
	domain1 = domain2 = ''
	if referer:
	domain1 = referer.replace('http://', '').split('/')[0]

	if xreferer:
	domain2 = str(xreferer).replace('http://', '').split('/')[0]

securitytube / pa.py

Last active August 29, 2015 14:13

PA

	param = self.request.get("ch10")
	referer = self.request.referer
	xreferer = self.request.headers.get('X-Referer')
	valid_referer = "http://pentesteracademylab.appspot.com/lab/webapp/csrf/10"

	if referer or xreferer:
	if param == flag and (referer == valid_referer or str(xreferer) == valid_referer) :
	cid = "success"
	self.response.headers.add_header("Set-Cookie", "cid-csrf10="+cid)
	self.redirect("/lab/webapp/csrf/10")