Etienne Stalmans staaldraad
staaldraad
/ getWPSLogin
Created
January 19, 2015 10:18
Get the login portal page for websphere (WPS) - Allows you to get to www.host.com/wps/portal/ut!/p/ without knowing the complete/valid path. Redirect will send you there automagically
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| GET /wps/redirect HTTP/1.1 | |
| Host: www.host.com | |
| User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:27.0) Gecko/20100101 Firefox/27.0 | |
| Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 | |
| Accept-Language: en-ZA,en-GB;q=0.8,en-US;q=0.5,en;q=0.3 | |
| Accept-Encoding: gzip, deflate | |
| Cookie: WASReqURL=http:///wps/ | |
| Connection: keep-alive |
staaldraad
/ pyforw.py
Last active
July 18, 2024 22:29
Python script to create a Connect-Connect tunnel. For those times ncat/socat can't be put on the box and python is available..
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| """ | |
| Python script to create a Connect-Connect tunnel. For those times ncat/socat can't be put on the box and python is available.. | |
| Author: Etienne Stalmans <[email protected]> | |
| Version: 1.0 (22_01_2015) | |
| Usage: python pyforw.py <targetIP> <targetPort> <jumpbox> <jumpboxPort> | |
| python pyforw.py 10.1.1.1 3389 179.0.0.100 8081 | |
| """ | |
| from socket import * |
staaldraad
/ mongo_dump.js
Created
February 3, 2015 14:32
Connect to mongodb and extract list of databases, collections and dump 'x' number of records from a selected collection. Usage: node mongo_dump.js [host] [option] Where option can be: c -- dump a list of collections x [db] [collection] -- dump values from the collection in database 'db' Example: node mongo_dump.js 127.0.0.1 x TestDB users
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* Quick and dirty scanner of exposed MongoDB instances | |
| Author: [email protected] | |
| Version: 04/02/2015 | |
| */ | |
| var host = "127.0.0.1:27017"; | |
| var d_collections = false; | |
| var dx_collection = false; | |
| var MongoClient = require('mongodb').MongoClient; | |
| var limitsize = 10; |
staaldraad
/ memcache_dump.js
Created
February 3, 2015 15:26
Dump data from exposed memcached instances
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| NodeJS interface to memcache. Allows for extracting keys and specific values. | |
| Author: [email protected] | |
| Version: 02/02/2015 v0.1 | |
| */ | |
| var host = process.argv[2] | |
| var port = 11211 | |
| if(!process.argv[3]) | |
| { |
staaldraad
/ cassandra_dump.js
Last active
August 29, 2015 14:15
Dump/Extract info from Cassandra database over hsql
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| connect to and dump keyspace/tables/data from cassandra database | |
| Usage: | |
| Get keyspaces: node cassandra_dump.js -h 10.10.0.1 | |
| Get Tables in Keyspace: node cassandra_dump.js -h 10.10.0.1 -k keyspacename | |
| Get 10 rows from a table: node cassandra_dump.js -h 10.10.0.1 -k keyspacename -t tablename | |
| Custom SQL/CQL statment: node cassandra_dump.js -h 10.10.0.1 -k keyspacename -s 'SELECT * FROM tablename LIMIT 5' | |
| Author: [email protected] | |
| Version: 1.0 17 February 2015 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Dump data from open Redis instance. | |
| Usage: node redis_dump.js -h 10.10.0.1 | |
| node redis_dump.js -n 10 #dumps the first 10 keys from the instance | |
| node redis_dump.js -k keyname #dump the value of a specific key | |
| Author: [email protected] | |
| Version: 1.0 12 February 2015 | |
| */ | |
| var redis = require("redis") |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* Connect to and extract values from Riak database. Default port 8087 | |
| Author: [email protected] | |
| Version: 1.0 26 February 2015 | |
| */ | |
| var argv = require('minimist')(process.argv.slice(2)); | |
| var riak = require('riak-pb'); | |
| if(process.argv.length < 2){ |
staaldraad
/ Dockerfile
Last active
June 6, 2018 14:20
Use Docker to run @sensepost Mana like a hipster
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Mana-toolkit from @sensepost | |
| # | |
| # VERSION 0.1 | |
| FROM ubuntu | |
| MAINTAINER Etienne Stalmans, [email protected] | |
| RUN apt-get update && apt-get install -y \ | |
| unzip \ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var thrift = require('thrift'); | |
| var util = require('util') | |
| var HBase = require('./gen-nodejs/Hbase'); | |
| var HBaseTypes = require('./gen-nodejs/Hbase_types'); | |
| var port = 9090 | |
| //var connection = thrift.createConnection(process.argv[2], port, { transport: thrift.TFramedTransport,protocol:thrift.TBinaryProtocol }); | |
| var connection = thrift.createConnection(process.argv[2], port, { transport: thrift.TBufferedTransport, protocol:thrift.TBinaryProtocol }); | |
| connection.on('connect', function () { |
staaldraad
/ huaweiPassExtract.py
Last active
May 19, 2023 11:00
Extract local users and passwords from Huawei router/firewall config
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| """ | |
| Simple tool to extract local users and passwords from most Huawei routers/firewalls. | |
| Author: Etienne Stalmans ([email protected]) | |
| Version: 1.0 (15/01/2014) | |
| """ | |
| import os | |
| import sys | |
| import argparse |