Python - Decode ISO/UTF Character Encodings

Given a string of the format:

=?iso-2022-jp?B?GyRCO2QkTzYyJG0kNyQkSjg7ek5zJEckOSEqGyhCIBskQjlsMjshKhsoQg?=

This should decode it properly:

1 2 3 4 5 6 7 8 9 10 11 12

import re import base64 uniString="=?iso-2022-jp?B?GyRCO2QkTzYyJG0kNyQkSjg7ek5zJEckOSEqGyhCIBskQjlsMjshKhsoQg?=" charset=re.search("^=\?(.*?)\?", uniString).group(1) b64String=re.search("\?[Bb]\?(.*?)[?=]", uniString).group(1) print b64String missing_padding = len(b64String) % 4 if missing_padding != 0: b64String += b'='* (4 - missing_padding) dec=base64.b64decode(b64String) print dec.decode(charset)

It decodes into "私は恐ろしい文字列です！ 轟音！", which according to Google Translate, is "I am a fearsome string!  Roar!"

Python - Combine Files/Lists, Strip Duplicates

This script reads in two files, turns them into lists, and removes all the duplicate values.  I used this to combine two files of thousands of MD5 hashes.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22

oldList=open("c:\\temp\\md5s_old.csv") newList=open("c:\\temp\\md5s.csv") old=[] new=[] for i in oldList: old.append(i) oldList.close() for i in newList: new.append(i) newList.close() old1=set(old) new1=set(new) uniques=new1-old1 res=list(uniques) f=open("c:\\temp\\uniqueMD5s.csv", 'w') for i in res: f.write(i) f.close()

Python Split File By Lines

Short snippet I use to split a large text file into separate files by line count.  This will split a large file into separate files of 3 million lines each:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16

count=0 fNum=0 pathIn = "c:\\temp\\inFile.txt" pathOut="c:\\temp\\outFile"+str(fNum)+".txt" fOut=open(pathOut, 'a') with open(pathIn) as fIn: for line in fIn: fOut.write(line) count=count+1 if count > 3000000: #Number of lines to split files on fNum=fNum+1 fOut.close() pathOut="c:\\temp\\outFile"+str(fNum)+".txt" fOut=open(pathOut, 'a') count=0

Edit: Just moved fNum=fNum+1 to before the rest of the if statement, as it was making the first file double the size it should have been.  All good!

VirusTotal Public API MD5 Report Search

This Python script will ingest a file with a list of MD5s and use the VirusTotal Public API to query them for AntiVirus hits.  The public API has a limit of 4 MD5's a minute.  This uses the bulk query method to send 4 in one request, and if there's not a block of 4, to do them separately.

If you're lucky enough to have Private API access, just change the values on lines 62-69 from 4 to 25.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83

import requests import time from requests.packages.urllib3.exceptions import InsecureRequestWarning requests.packages.urllib3.disable_warnings(InsecureRequestWarning) apikey = '<mine>' fname="c:\\temp\\uniqueMD5s.csv" with open(fname) as f: fContents=f.readlines() hashes=[] for i in fContents: hashes.append(i.strip()) hits=[] def singleMode(hash): positives=[] headers = {"Accept-Encoding": "gzip, deflate","User-Agent" : "VT Query UserAgent"} params = {'apikey': apikey, 'resource': hash} try: response = requests.get('https://www.virustotal.com/vtapi/v2/file/report',params=params, headers=headers, verify=False) if response.status_code==204: print "time to sleep!" time.sleep(61) response = requests.get('https://www.virustotal.com/vtapi/v2/file/report',params=params, headers=headers, verify=False) json_response = response.json() if json_response['response_code']==1: if json_response['positives']!=0: print json_response['md5'] + " has " + str(json_response['positives']) + " positives!" positives.append(json_response['md5']) except: print "error retrieving stats on md5: " + i if len(positives)>0: return positives def multiMode(hashes): positives=[] hashlist='' for i in xrange(0, len(hashes), 1): hashlist=hashlist+hashes[i]+"," hashlist = hashlist[:-1] headers = {"Accept-Encoding": "gzip, deflate","User-Agent" : "VT Query UserAgent"} params = {'apikey': apikey, 'resource': hashlist} try: response = requests.get('https://www.virustotal.com/vtapi/v2/file/report',params=params, headers=headers, verify=False) if response.status_code==204: print "time to sleep!" time.sleep(61) response = requests.get('https://www.virustotal.com/vtapi/v2/file/report',params=params, headers=headers, verify=False) json_response = response.json() for i in xrange(0,len(json_response),1): if json_response[i]['response_code']==1: if json_response[i]['positives']!=0: print json_response[i]['md5'] + " has " + str(json_response[i]['positives']) + " positives!" positives.append(json_response[i]['md5']) except: print "error retrieving stats on md5 group:", hashes if len(positives)>0: return positives else: return 0 for i in xrange(0,len(hashes), 4): if (len(hashes)-i)<4: for x in xrange(0,(len(hashes)-i), 1): #print "sending: ", hashes[i+x] hits.append(singleMode(hashes[i+x])) else: #print "sending: ", hashes[i:i+4] hits.append(multiMode(hashes[i:i+4])) print "On hash ", i, "out of ", len(hashes) hits[:] = [i for i in hits if i != 0] y=[] for x in hits: try: for z in x: y.append(z) except: continue print y

Wrapper for Left Click Event

This is a wrapper function for sending a left-click event in windows.  It can be called by using leftclick() instead of having to set these variables every time.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16

#include <Windows.h> using namespace std; void leftclick() { PINPUT click = new INPUT; click->type = INPUT_MOUSE; click->mi.dwFlags = 0x2; click->mi.mouseData = 0; click->mi.time = 0; click->mi.dwExtraInfo = 0; SendInput(1, click, sizeof(INPUT)); click->mi.dwFlags = 0x4; SendInput(1, click, sizeof(INPUT)); }

Line 7/8 set up the PINPUT structure for use.
Lines 9-12 set additional parameters on the struct (dwFlags=2 is the "down" event).
 Line 13 sends the "down" event, line 14 sets it to send an "up", and 15 sends it again.

To make an auto-clicker for idle/clicker games, the following works just fine:

1 2 3 4 5

while(1) { leftclick(); Sleep(20); }

You can easily change the left-click to right-click by changing the dwFlags parameter.  The MSDN page https://msdn.microsoft.com/en-us/library/windows/desktop/ms646260(v=vs.85).aspx shows the values for dwFlags for each mouse action.

Another thing you could do is create a function called leftdown(), and another called leftup(), and remove lines 14 and 15 from the above function to create one that holds the mouse button down.  This can be paired with SetCursorPos() to click and drag to screen coordinates.

Password Rotation

I just figured out a good way to rotate passwords to something completely different and still remember them to avoid the pitfalls of password re-use.

Pick a seed value, something that will stay the same every time.

Then, pick something that changes every day. There's multiple options here, such as:

• "fact-a-day" calendars 
• an alternate calendar that maps to the Gregorian calendar (Middle Earth calendar works)
• historical weather by day
• etc...

Pull some kind of value from that source.  For the fact-a-day calendar, you could pull the first two words. For the alternate calendar, you could pick the name of the month + the day of the week in that language. For the weather, you could pick the temperature and precipitation or something.

 Finally, throw them all together in a standard way, and write down the date of your password change somewhere. That isn't secret, so it doesn't have to be locked up too hard.  Nobody is going to look twice at a sticky note with a date written on it.

This makes the secret part of your password multi-leveled: the date it was changed (easily known), your method for finding the different daily values, and the seed.

Example using Middle Earth calendar:

1. Date change: 12APR2016
2. Seed = "s33d"
3. 12 April, Tuesday= 12AstronTrewsday
4. Combined = 14AstronTrewsdays33d
5. Write down 12APR2016 on a sticky!

Works for me!

C++ Hotkey Toggle Framework

Haven't posted in a while.  Been using this for a lot of game bots lately, just a simple hotkey toggle in C++.

1:  void toggler()  
2:  {  
3:       bool toggle=FALSE;  
4:       if (RegisterHotKey(NULL, 1, MOD_ALT|MOD_NOREPEAT, 0x42)) // B  
9:       {  
10:           cout << "Hotkey Registered" << endl;  
11:      }  
12:     
13:      MSG msg = {0};  
14:    
15:      while(1)  
16:      {  
17:           if(toggle==TRUE)  
18:           {  
19:           Sleep(500);  
20:           //<CODE GOES HERE>  
21:           }  
22:                else  
23:                     Sleep(500);  
24:           while (PeekMessage(&msg, NULL, 0, 0, 1) != 0)  
25:           {  
26:                toggle = !toggle;  
27:           }  
28:      }  
29: }  

Lines 7/8 set the hotkey options, this has MOD_ALT and MOD_NOREPEAT so it doesn't spam the hotkey when I press it. 0x42 is the VK key code, which you can find here: https://msdn.microsoft.com/en-us/library/windows/desktop/dd375731(v=vs.85).aspx Press once to toggle it on, again to switch it off. Makes auto-clickers, for example, much easier than having to run the program every time.