This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
''' | |
RC4 encryptor / decryptor | |
''' | |
import argparse | |
import binascii | |
from Crypto.Cipher import ARC4 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
''' | |
This script will XOR the data. | |
The key and the payload must be in hex format | |
The script is simplified from my_xor.py | |
''' | |
import binascii |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
When running objdump command and got error like this: | |
''' | |
$ objdump -D out | |
objdump: out: File format not recognized | |
''' | |
Use -b option with value "binary" | |
''' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
## This script will convert packet caputre file (in current directory) to tcpdump capture format. | |
echo "converting pcap to tcpdump file format...." | |
pcap_exts=$(ls | grep "\.pcap\|\.flow\|\.cap\|\.pcapng") #list of possible pcap files | |
header="converted_" | |
for pcapfile in $pcap_exts |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
''' | |
zlib compress or decompress the payload | |
''' | |
import sys | |
import argparse | |
import zlib | |
import binascii |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
''' | |
This script will XOR encrypt the files in specified directory. | |
If you want to recover the encrypted files, simply run the script again with same XOR key. | |
''' | |
import os | |
import binascii | |
key = "This is the key" | |
key = binascii.hexlify(key) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
''' | |
This script will XOR the data. | |
The key and the payload must be in hex format | |
''' | |
#from binascii import unhexlify ##for python3 | |
enc = "2dec09e50aa932e617e501a8" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
''' | |
Memo for network programming by python | |
''' | |
import socket | |
host = "foo.bar.com" | |
port = 12345 | |
msg = "Hello" | |
buffersize = 4096 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
tshark -nr example.pcap -Y ssl.handshake.certificates -T fields -e ssl.handshake.certificate | xxd -r -p | openssl x509 -inform DER -text | |
## Extract raw SSL certificate from Wireshark | |
1. Select Server Hello packet | |
2. Open Secure Socket Layer tab and choose "Certificate". Make sure not to include "Certificate Length:". Only need the data below | |
3. Right click and choose "Export Packet Bytes" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## reference | |
https://pkware.cachefly.net/webdocs/APPNOTE/APPNOTE-6.2.2.TXT | |
4.3.7 Local file header: | |
local file header signature 4 bytes (0x04034b50) | |
version needed to extract 2 bytes | |
general purpose bit flag 2 bytes | |
compression method 2 bytes | |
NewerOlder