venus/CyberSecurityClub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #1 from colerobbinstech/main

Browse Source 
Adding my scripts and writeups to the folder
This commit is contained in:
stephensottosanti
2021-03-09 22:26:24 -06:00
committed by GitHub
parent e0eb417e06 a672261fd9
commit 6577caab20
8 changed files with 114 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Crimson_Defense/Scripts/combine/README.md Normal file
View File

@@ -0,0 +1,4 @@
Pretty handy wordlist generation tool. Takes a wordlist with individual words on each line and creates the full list of permutations of that list. Works well when you have a limited set of custom words but need more customization
Typically paired with john --wordlist --rules=(single/jumbo) --stdout > betterWordlist

18
Crimson_Defense/Scripts/combine/combine.py Normal file
View File

@@ -0,0 +1,18 @@
#Takes a file containing separate words and returns all permutations to further generate a wordlist from
from itertools import permutations
#Begin with list of words and append results to original list
infile = "words"
outfile = "wordlist"
#Create list L that contains each word
with open(infile) as wordlist:
L = [line.rstrip() for line in wordlist]
#Permutate words at every length from 1 through len(words)
with open(outfile, "w") as wordlist:
for n in range(len(L)+1):
for perm in permutations(L, n):
wordlist.write(''.join(perm))
wordlist.write('\n')

3
Crimson_Defense/Scripts/dirby/README.md Normal file
View File

@@ -0,0 +1,3 @@
Pretty simple enumeration script for sites that don't differentiate return codes on hits/non-hits. Intended to be a slightly more customizable version of gobuster/dirbuster
Customize with any text that allows you to differentiate and the script will check each response from the site and print non-expected matches

24
Crimson_Defense/Scripts/dirby/dirby.py Normal file
View File

@@ -0,0 +1,24 @@
#Dirbuster-like script for sites that always return 301
import requests
###CUSTOM VALUES HERE###
host = "http://134.122.109.161:31071/"
error = "Error 404" #String to blacklist in result
outfile = "dirby.out"
#Can also change wordlist if desired
wordlist = open("/usr/share/wordlists/raft-small-directories.txt")
session = requests.Session()
output = open(outfile, "a")
for line in wordlist:
r = session.get(host+line)
if error not in r.text:
print(line)
output.write(line)
output.close()
wordlist.close()

5
Crimson_Defense/Scripts/patch/README.md Normal file
View File

@@ -0,0 +1,5 @@
First script using subprocess instead of os to do system level commands. Was happy with how simple it was.
The script brute forces each permutation of command arguments for when a specific order is needed but unkown
Given example was fragments of a binary that I simply brute forced each permutation as arguments to cat and then attempted to run each output

30
Crimson_Defense/Scripts/patch/patch.py Normal file
View File

@@ -0,0 +1,30 @@
#Goal of program is to run a bash command with every permutation of arguments
#This is useful for a file that has been split up as you can cat each permutation
#until you arrive at a file that passes some sort of validity check
import subprocess
from itertools import permutations
L = ["frag_1", "frag_2", "frag_3", "frag_5", "frag_6", "frag_7"]
for perm in permutations(L):
temp = open("temp", "w")
args = list(perm)
args.insert(0, "frag_4") #Starting fragment to reduce possibilities
args.insert(0, "cat") # Argument should now read 'cat file1 file2...'
#Cat fragments together and write to temp
subprocess.run(args, stdout=temp)
#Close file so we can work on it
temp.close()
#Make executable
subprocess.run(['chmod', '+x', 'temp'])
#Run it and write decoded result to variable
result = subprocess.run(['./temp'], stdout=subprocess.PIPE).stdout.decode('utf-8')
#winner's pov
if "FLAG" in result:
print(result)
quit()
#clean up for next run
subprocess.run(['rm', 'temp'])

3
Crimson_Defense/Scripts/rotten/README.md Normal file
View File

@@ -0,0 +1,3 @@
Customizable Caesar cipher solver. Intended for when more than one alphabet is utilized (i.e. lowercase + nums). Will act as one large Caesar cipher is the given alphabets appended together.
Of note, order of included alphabets will matter when alphabet count >= 3

27
Crimson_Defense/Scripts/rotten/rotten.py Normal file
View File

@@ -0,0 +1,27 @@
#Custom caesar/rotation cipher solver with custom alphabet
#Built-in sets to build from
lower = ['a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z']
upper = ['A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z']
nums = ['0', '1', '2', '3', '4', '5', '6', '7', '8', '9']
###DEFINE VALUES HERE###
alphabet = lower+nums #define sets you wish to use and what order
ciphertext = "28x3j18zb91pg41jne80n2zelcun"
known_term = "flag" #term to find in plaintext
def inc(char, alphabet, num): #char incrementer
index = alphabet.index(char)
return alphabet[(index+num)%len(alphabet)]
cipher = ciphertext #using separate variable so we can check for no solution
while known_term not in cipher:
cipher = list(cipher) #setting to list for mutability
for index in range(0,len(cipher)):
cipher[index] = inc(cipher[index], alphabet, 1)
cipher = "".join(cipher) #joining back to list for checking/printing
if cipher == ciphertext: #rotated back to original
print("No match")
exit()
print(cipher) #progress and solution