Skip to content

Instantly share code, notes, and snippets.

View smidgedy's full-sized avatar
💀

smidgedy

💀
8 followers · 1 following
View GitHub Profile
@smidgedy
smidgedy / pundit.tar.gz.base64
Last active August 10, 2019 11:27
Pundit (1990, Windows 3.1) joke port to Unix C (Base64'd Tarball)
H4sIAKmpTl0AA+1ca4/cxpX1V+tXlGQEkoye8UiybERarzGj14ytVzzjKEZkBEWyulkaktVhkd1q
L/Lf95x7q9g9spXsAusFFttEoulmF+t577nnPujYl1988jtfR7i+vn+ff+98ff9o92++Prlz7/5d
/O/Lr+7c/eTozp079+9+Yu7/3hPjNcbB9sZ8EltfLdzH2/2r3/+PXhHnvxy7yg+H5e81Bg/4qy+/
/Oj5f33vq+n873/1Nc7/7ldfHn1ijn6vCe1e/8/P/zPflc1YOfNv0S862xzW/35t595QFSH8+qYP
v7rV+OLqvcG37uqdsfNoeOXejSR79Y1r11bBVwaz8N1wC/83f7tt/uPap8sen+e3brw9unfvr9/e
Ofryj82N2w+vffq3J+/9cOsIH/9x7Rqbt9Z38pztF+XMlKGLgylrHO7n+hn3V3/9WTplM+PX1g/m
G71/52fzrbFD8LfS19vmgbmPca59GnvbVbe4nFsvf3z+/DZHj24oxvktLCeMw8zI/Ye/NdlaJqt7
e+v87NnZy4tZWiR+uPbpuvaNM7eGfnQys6td3PlO/zy8c/qHeGNmdLf+KhO6bf5gOr3xM8f4NDbO
LW/Jqvj9H9iYf33+O/pf/14y9s/1/8t7d47uiv5D7+8ffXlf9P/uXv//V67P/Lyr3Ny8/vHl47OL
v51e+wzffOe2N679WpOSGP4M5YHI3vi+ccshtLbztnxgzLHpfVmbofZufnhjhgbPbRF6/PIK/YY5
@smidgedy
smidgedy / SimpleHTTPServerWithUpload.py
Last active June 24, 2024 07:16 — forked from UniIsland/SimpleHTTPServerWithUpload.py
Simple Python Http Server with Upload
#!/usr/env python3
########################################################################
#
# Simple HTTP server that supports file upload for moving data around
# between boxen on HTB. Based on a gist by bones7456, but mangled by me
# as I've tried (badly) to port it to Python 3, code golf it, and make
# It a little more robust. I was also able to strip out a lot of the
# code trivially because Python3 SimpleHTTPServer is a thing, and the
# cgi module handles multipart data nicely.
#
@smidgedy
smidgedy / scrape-asn.py
Last active January 25, 2020 21:25
#!/usr/bin/python3
################################################################################
#
# Basic scraper to pull IP CIDRs from the RIPE API. Currently hardcoded to grab
# all public Australian AS Numbers, could be quickly modified to scrape based on
# on other criteria. Only currently does IPV4, again quick to modify for v6.
#
# Runs on 8 threads because that's the max allowed concurrent requests for the
# API. There are other requirements if you're scraping them on a routine basis
# read here -> https://stat.ripe.net/docs/data_api
@smidgedy
smidgedy / the_endless_pain.md
Last active February 8, 2020 11:19
exploring targets by word frequency from masscan output

Doing a big big big masscan and grabbing headers, currently have targets in mind for a project but wanted to find a way to explore the other stuff active on the same ports. Used this deeply terrible one-liner to split up the HTTP banners into tokens and then count token frequency.

fgrep -i http masscan.json | sed 's/[,]$//'\
 | jq -s ".[].ports[].service.banner" | sed 's/[";:,<>()]//g'\
 | sed "s/[']//g" | sed -E 's/([\\]r|[\\]n)+/ /g'\
 | sed 's/[\/=]/ /g' | awk '{ for (i=1; i<=NF; i++) { print $i}}'\
 | tr '[:upper:]' '[:lower:]' | grep -E '^.{4,}$'\
@smidgedy
smidgedy / hikvision-scrape.sh
Last active March 4, 2022 04:39
This abomination pulls Hikvision NVR/DVR systems out of masscan output JSON, checks them for default creds, and dumps still images from any system it can access to aid identification. Runs faster if you have GNU Parallel. This is what happens when you start a project as a bash one-liner because opening vscode is too much effort.
#!/bin/bash
# Masscan - common ports are 80, 81, 8000, 8080, 8081, 8090, 8888, 9000, 9001
# I do it like this:
# sudo masscan --banners --source-ip <IP not in use on your network> --rate <how fast you can scan>\
# -iL <list of CIDR to scan> -p <that list of ports above> -oJ <output file.json>
# Output filenames
HIKVISION_LIST_DEFAULT='hikvision-default.txt'
HIKVISION_LIST_NON_DEFAULT='hikvision-nondefault.txt'
@smidgedy
smidgedy / etrex-10-geocaching.md
Last active May 31, 2020 22:13
Geocaching with the Garmin Etrex 10

Wat

The Garmin Etrex 10 is an entry level hand-held GPS receiver with limited features, however with a bit of extra work it can be pretty bloody good for Geocaching (the notes here are possibly useful for other purposes too). While the unit has limited storage available, and doesn't officially support custom or even detailed mapping, it is possible to load your own maps (detailed maps will only cover smallish areas however).

Why

For all it's limitations, the Garmin Etrex 10 is really suitable for new cachers / recreational GPS users looking to get their first device. Aside from the very basic features you'd expect in an entry level hiking GPS, it has built-in support for Geocaching, it's relatively cheap (as of 2020 it's less than 1/2 the price of the Etrex 20), it's small + light, it's probably a bit better than your phone GPS outside of urban areas, and you can load custom maps with a bit of effort.

I find that I need to update my maps maybe once per year or so, and this gist is available mainly s

@smidgedy
smidgedy / bellingcat-website-launch.md
Last active November 10, 2023 13:29
Bellingcat website launch contest notes

Bellingcat website launch contest notes

So Bellingcat held a contest as part of their new website launch where you had to find a hidden symbol on the site in order to find the new website, and the first 25 people to do so could claim a prize (a limited edition Bellingcat hoodie).

I was curious to participate, and lucky/quick enough to be one of the 25 (after a false start I got there in a bit under 40 minutes), however I wasn't having a bar of doing it properly so I used ahem alternative methods. The rationale is that I wanted to see if I could attack it in a methodical way, reduce reliance on chance and my dumb brain, while still being competitve in terms of speed.