timb-machine’s gists

timb-machine / Router CSRF malware blob

Last active February 13, 2021 23:43

Router CSRF malware blob

	// Taken from https://urlscan.io/result/ce20fb52-b4d9-45dd-8034-fb9eae99350e#transactions:
	// Request 1 for loadtxt.php:
	// Blob 2 from response decoded with base64decode.org:

	<!DOCTYPE html>
	<html>
	<head>
	<title></title>
	<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js"></script>
	</head>

timb-machine / cvss-to-kill-chain-phase.pl

Last active August 30, 2025 17:02

cvss-to-kill-chain-phase.pl

	#!/usr/bin/perl -w

	use strict;
	use Data::Dumper;

	my %killchainmodel;
	my $cvssmetric;
	my $metricname;
	my $metricscore;
	my $phasename;

timb-machine / CVSS to kill chain phase

Last active July 11, 2020 18:51

CVSS to kill chain phase

	Zoom client application chat Giphy arbitrary file write
	https://talosintelligence.com/vulnerability_reports/TALOS-2020-1055
	8.5 - CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

	Tims-MacBook-Air:~ timb$ ./cvss-to-kill-chain-phase.pl CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
	Delivery
	0.6
	Weaponisation
	0.3
	Command & Control

timb-machine / encode-in-tree.pl

Last active August 30, 2025 17:01

encode-in-tree.pl

	#!/usr/bin/perl

	use Cwd;
	use MIME::Base64;

	$start = getcwd();
	$maxnewpath = 1024;
	while (sysread(STDIN, $byte, 1) != 0) {
	$maxpath = 100;
	$string = $byte;

timb-machine / socky.sh

Created April 5, 2020 12:41

socky.sh

	#!/bin/sh
	# Not to be confused with https://labs.portcullis.co.uk/tools/unix-socket-scanner/ which does more detailed enumeration but doesn't do permission checks

	netstat -an \| grep stream \| awk '{print $9}' \| sort \| uniq \| egrep -v "vms\/\|^$" \| while read socketname
	do
	if [ -n "$(printf "${socketname}" \| grep "^/")" ]
	then
	printf "==\n"
	ls -la "${socketname}"
	if [ -n "$(ls -la "${socketname}" \| grep "s.......w. ")" ]

timb-machine / CoAP endpoints on Tradfri gateway

Last active March 22, 2020 20:43

CoAP endpoints on Tradfri gateway

	15006
	[]
	15001
	[]
	15004
	[]
	15004/add
	4.05
	15004/remove
	4.05

timb-machine / CoAP endpoints on Tradfri gateway

Last active March 22, 2020 20:43

CoAP endpoints on Tradfri gateway

<//15006>;ct=0;obs,<//15001>;ct=0;obs,<//15004>;ct=0;obs,<//15004/add>;ct=0,<//15004/remove>;ct=0,<//15010>;ct=0;obs,<//15005>;ct=0;obs,<//15011/15012>;ct=0;obs,<//15011/9034>;ct=0,<//15011/9030>;ct=0,<//15011/9031>;ct=0,<//15011/9094>;ct=0;obs,<//15011/9095>;ct=0;obs,<//15011/9104>;ct=0;obs,<//15011/9063>;ct=0

timb-machine / smali-rename.sh

Last active August 30, 2025 17:01

smali-rename.sh

	#!/bin/sh

	OLDNAME="${1}"
	NEWNAME="${2}"

	grep -r "${OLDNAME}" . \| cut -f 1 -d : \| sort \| uniq \| while read filename
	do
	cp "${filename}" "${filename}.old"
	cat "${filename}.old" \| sed "s/${OLDNAME}/${NEWNAME}/g" > "${filename}"
	rm "${filename}.old"

timb-machine / EMF Camp 2018

Created September 2, 2018 17:02

EMF Camp 2018

	4th time we've run the CTF (sometimes as Cisco/Portcullis, this year as Team Alpaca)
	106 challenges
	Bandwidth usage so far peaked out at 24.4Mbps and disk usage at 19.4MB/s
	Time machine challenge resulted in single CPU being pegged at 100%, required reprovisioning (x4 vCPUs) - go Ansible/Docker!
	43 teams registered including one person playing over the Internet on their own (currently in 3rd place)
	401 right submissions
	507 wrong submissions
	Jonty was yet again an item in the scavenger hunt category - sorry Jonty :)
	We also caused uproar in the HAM community over "parabolic antenna"
	We included a badge challenge for the first time

timb-machine / micro:bit Space Invaders 2

Created August 19, 2018 19:58

micro:bit Space Invaders 2

	# https://makecode.microbit.org/31667-75115-87037-56723
	let score = 0
	let delay = 0
	let highscore = 0
	let onscreen = 0
	let heart: Image = null
	let lives = 0
	let clearscreen: Image = null
	let ship: Image = null
	input.onButtonPressed(Button.A, () => {

Tim Brown timb-machine