Skip to main content

Misc

Public IP​

curl ipinfo.io/ip

Default password​

BugMeNot - Share logins​

Search Sploits​

searchsploit <key word>

Tmux​

tmux new -s <name>
tmux a -t <name>
C-b ]
C-b z
C-b $

2 Interfaces - 2 Gateways​

route add -net <10.0.0.0/8> gw <gw_ip>
route add default gw <default_gw_ip>

Strings (n characters)​

strings -n <minimal length> <file>

Hex stuff​

xxd -p binary.bin > dump.hex
xxd -p -r dump.hex > dumpfile.bin && chmod +x dumpfile.bin

Browser fingerprint​

Create a macOS app​

The name of the bash script must be the same as the folder without .app.s

cd /Applications
mkdir <MyApp.app>
cd <MyApp.app>
touch MyApp

CyberChef​

GPP decrypt

https://gchq.github.io/CyberChef/#recipe=From_Base64('A-Za-z0-9%2B/%3D',true)AES_Decrypt(%7B'option':'Hex','string':'4e9906e8fcb66cc9faf49310620ffee8f496e806cc057990209b09a433b66c1b'%7D,%7B'option':'Hex','string':''%7D,'CBC','Raw','Raw',%7B'option':'Hex','string':''%7D)Decode_text('UTF16LE%20(1200)')

PowerShell encode / decode

https://gchq.github.io/CyberChef/#recipe=Encode_text('UTF16LE%20(1200)')To_Base64('A-Za-z0-9%2B/%3D')
https://gchq.github.io/CyberChef/#recipe=From_Base64('A-Za-z0-9%2B/%3D',true)Decode_text('UTF16LE%20(1200)')

Password to NTLM hash

https://gchq.github.io/CyberChef/#recipe=Encode_text('UTF16LE%20(1200)')MD4()

Password to NTLM​

python -c 'import hashlib,binascii; print binascii.hexlify(hashlib.new("md4", "<password>".encode("utf-16le")).digest())'

Compilers​

apt-get install mingw-w64
i686-w64-mingw32-gcc -lws2_32 -o <binary file> <C file>

Service status​

Notify when service is dead

while `nc -z -w3 <ip> <port> > /dev/null`; do sleep 1; done; echo "[-] Service is dead"; echo -e "\x07"

Notify when service is up

while (true); do nc -z -w3 <ip> <port> > /dev/null && echo "[+] Service is alive" && echo -e "\x07" && break; sleep 1; done

Redirect raw TCP to SSL/TLS​

socat TCP-LISTEN:<local_port>,fork,reuseaddr OPENSSL:<remote_host>:<remote_port>[,verify=0]

Git pull all subdirectories in /opt​

Attachment

Build presentation from markdown​

Use remark.js minimal template:

<!DOCTYPE html>
<html>
<head>
<title>Title</title>
<meta charset="utf-8">
<style>
@import url(https://fonts.googleapis.com/css?family=Yanone+Kaffeesatz);
@import url(https://fonts.googleapis.com/css?family=Droid+Serif:400,700,400italic);
@import url(https://fonts.googleapis.com/css?family=Ubuntu+Mono:400,700,400italic);
body { font-family: 'Droid Serif'; }
h1, h2, h3 {
font-family: 'Yanone Kaffeesatz';
font-weight: normal;
}
.remark-code, .remark-inline-code { font-family: 'Ubuntu Mono'; }
</style>
</head>
<body>
<textarea id="source">

class: center, middle

# Title

---

# Agenda

1. Introduction
2. Deep-dive
3. ...
</textarea>
<script src="https://remarkjs.com/downloads/remark-latest.min.js">
</script>
<script>
var slideshow = remark.create();
</script>
</body>
</html>

Cyberchef update script​

#!/bin/bash

# Github release API https://developer.github.com/v3/repos/releases/
# Fetch release id associated to "latest" tag
releaseID=`curl -s https://api.github.com/repos/gchq/CyberChef/releases/latest | jq -r .id`

# Fetch asset list for latest release and select download url based on filename regex
downloadUrl=`curl -s "https://api.github.com/repos/gchq/CyberChef/releases/$releaseID/assets" | jq -r '.[] | select(.name|test("CyberChef_v?.*zip"))|.browser_download_url'`

# Download archive to tmp directory
wget $downloadUrl -O /tmp/CyberChef.zip

# Test if file is an archive
if [[ ! $(file -b --mime-type /tmp/Cyberchef.zip) == "application/zip" ]]
then
logger "[CRITICAL] World-Best tool (CyberChef) update script failed, investigation needed"
exit -1
fi

# Replace old CyberChef install
rm -rf /var/www/CyberChef/*
7z x /tmp/CyberChef.zip -o/var/www/CyberChef/

# rename main file to index.html

mv /var/www/CyberChef/CyberChef_v*.html /var/www/CyberChef/index.html
rm /tmp/CyberChef.zip

Generate PDF​

cd /tmp
docker run --rm -t -v /tmp:/slides astefanutti/decktape --chrome-arg=--no-sandbox /tmp/index.html slides.pdf