SeanPesce’s gists

SeanPesce / reverse_shell_udp.c

Created April 16, 2025 15:45

Simple UDP reverse shell written in C

SeanPesce / squashfs_repack.sh

Created April 16, 2025 12:10

Shell script to repack a SquashFS filesystem in-place, preserving the filesystem properties and individual file ownership/permissions

	#!/bin/bash

	# Check if squashfs-tools is installed
	if ! command -v unsquashfs &> /dev/null \|\| ! command -v mksquashfs &> /dev/null; then
	echo "squashfs-tools not found. Please install squashfs-tools (e.g., sudo apt install squashfs-tools)."
	exit 1
	fi

	# Check if an argument (the SquashFS file) was provided
	if [ "$#" -ne 1 ]; then

SeanPesce / hexdump.lua

Last active March 4, 2025 20:39

Helper function to create a hex dump from a ByteArray object in a WireShark Lua dissector

	-- Author: Sean Pesce
	-- References:
	-- https://lua-users.org/wiki/HexDump
	-- https://www.wireshark.org/docs/wsdg_html_chunked/lua_module_Tvb.html

	function hex_dump(buf, print_addrs)
	if print_addrs == nil then
	print_addrs = false
	end
	local result = ""

SeanPesce / aws_cognito_get_creds.py

Created October 10, 2024 15:09

Various Python 3 utility scripts related to AWS Cognito authentication

	#!/usr/bin/env python3
	# Author: Sean Pesce
	#
	# Obtain AWS Cognito user identity ID and credentials

	import argparse
	import getpass
	import json
	import os
	import requests

SeanPesce / BindShellTcp.smali

Last active March 22, 2024 12:54

TCP bind shell (port 7777) written in Smali. Add this to the static initializer code (clinit) of any loaded class to start the listener.

	.method static constructor <clinit>()V
	.locals 5

	invoke-static {}, Ljava/lang/Runtime;->getRuntime()Ljava/lang/Runtime;

	move-result-object v0

	const/4 v1, 3

	new-array v2, v1, [Ljava/lang/String;

SeanPesce / BindShellTcp.java

Last active February 28, 2024 22:48

Java TCP bind shell (also compatible with Android)

	// Author: Sean Pesce
	//
	// This bind shell implementation is compatible with both standard Java and the Android SDK.
	// By default, it listens in a new thread, on TCP port 45100, and on all network interfaces.
	//
	// Start the listener with default parameters like so:
	// new BindShellTcp().start();

	package com.seanpesce.shell;

SeanPesce / host_spoof_headers.txt

Last active October 4, 2024 10:22 — forked from kaimi-/gist:6b3c99538dce9e3d29ad647b325007c1

List of potential host-spoofing HTTP headers

SeanPesce / ghidra_concat.h

Last active February 6, 2025 12:53

Ghidra CONCAT Implementations

	// Author: Sean Pesce
	//
	// Manual implementations of the CONCAT operations produced by the Ghidra decompiler.
	// These definitions are helpful for compiling re-implementations of native code using
	// decompiler output (e.g., with gcc).
	//
	// Note that these implementations would be outperformed by minimal C preprocessor macros
	// that replicate the same logic.

SeanPesce / json_utf8_to_ascii.py

Last active September 30, 2022 12:16

Python 3 script to ASCII-encode a JSON file with UTF-8 data

	#!/usr/bin/env python3
	# Author: Sean Pesce

	import json
	import sys

	def json_convert_utf8_to_ascii_file(in_fpath, out_fpath, include_encoding=False):
	b = b''
	with open(in_fpath, 'rb') as f:
	b = f.read()

SeanPesce / usb_util.py

Last active June 17, 2022 16:28

Python 3 classes for USB bulk device I/O

	#!/usr/bin/env python3
	# Author: Sean Pesce

	# Installing prerequisites:
	# sudo pip3 install pyusb
	#
	# On Windows, you also need to install libusb:
	# https://sourceforge.net/projects/libusb-win32/files/libusb-win32-releases/
	# Then, use inf-wizard.exe to create and install a libusb driver for the device.
	# Note: this requires installation of an unsigned driver.

Sean Pesce SeanPesce