Skip to content

Instantly share code, notes, and snippets.

View unfo's full-sized avatar

Jan Wikholm unfo

128 followers · 6 following
View GitHub Profile
@unfo
unfo / better-http.py
Created July 27, 2016 07:38
import SimpleHTTPServer
import SocketServer
import logging
import cgi
import sys
if len(sys.argv) > 2:
PORT = int(sys.argv[2])
@unfo
unfo / file-sizes-by-date.sh
Last active December 8, 2016 14:27
#!/bin/bash
# Author: @unfo
# xargs ls --full-time output:
# -rw-rw---- 1 USER GROUP 458654 2015-08-09 11:12:37.000000000 +0300 ./path/2015/08/09/file.ext
# awk fields:
# 1 2 3 4 5 6 7 8 9
find . -type f -print0 \
| xargs -0 ls --full-time \
| awk '{ total[$6] += $5 } END { for (d in total) { printf("%s\t%6.2f MB\n",d,(total[d] / 1024 / 1024)) } }' \
@unfo
unfo / how-to-oscp-final.md
Last active September 23, 2024 17:38

How to pass the OSCP

  1. Recon
  2. Find vuln
  3. Exploit
  4. Document it

Recon

Unicornscans in cli, nmap in msfconsole to help store loot in database.

@unfo
unfo / output.txt
Created August 24, 2016 05:33
$ seddiff 's/redcarpet/magiccarpet/;s/pygments/rouge/' _config.yml
Result of s/redcarpet/magiccarpet/;s/pygments/rouge/ against _config.yml:
7,8c7,8
< markdown: magiccarpet
< highlighter: rouge
---
> markdown: redcarpet
> highlighter: pygments
54c54
< - magiccarpet
@unfo
unfo / msf-idea.txt
Created September 5, 2016 04:31
msf> search foobar
1 post/windows/foobar Blaa blaa desc here
2 post/multi/kek/buufar Another exploit
3 exploit/solaris/mcfoo For solaris
msf> use 1
post/windows/foobar>
@unfo
unfo / snippets-2016-09-21.xml
Created September 21, 2016 05:30
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<folders>
<folder>
<title>oscp</title>
<snippets>
<snippet>
<title>spawn tty</title>
<content>python -c 'import pty;pty.spawn("/bin/bash")'</content>
</snippet>
<snippet>
@unfo
unfo / enum.sh
Created April 7, 2017 14:30
Linux priv esc. Might be out-dated script versions
#!/bin/bash
BLACK="\033[30m"
RED="\033[31m"
GREEN="\033[32m"
YELLOW="\033[33m"
BLUE="\033[34m"
PINK="\033[35m"
CYAN="\033[36m"
WHITE="\033[37m"
@unfo
unfo / oscp-tips.md
Last active September 23, 2024 17:38

A few tips for OSCP

  1. Doing all of the exercises is important since you will discover low-hanging fruit from the labs based on the recon you do with the different tools in the exercises.
  2. Be wary of doing full /24 range port scans, especially for anything more than a few TCP ports. The machines might be in all sorts of broken states left by students etc.
  3. When starting to recon a specific machine:
  • Revert
  • Port scan
  • Try to identify services

Those steps in that order are important. You want a fresh state for the machine and you want to do just simple port scanning first because doing nmap's service scanning or nse scripts might send payloads that actually crash services. So be careful.

@unfo
unfo / volatility-to-py3-notes.md
Last active March 10, 2020 14:08

Getting vol.py to run on python3

After fixing all of the core vol.py py2 -> py3 syntax and import errors, I get a bunch of SyntaxError failures for plugins.

tl;dr effectively all plugins are broken.

Most common syntax problems:

print "[x86] Gathering all referenced SSDTs from KTHREADs..."
@unfo
unfo / multiple-sieves.rs
Last active March 1, 2021 19:47
Some pretty naive Erastothenes' Sieve implementations in Rust
use bitvec::prelude::*;
#[cfg(test)]
mod tests {
#[test]
fn it_works() {
assert_eq!(2 + 2, 4);
}
}