Soldier of FORTRAN mainframed

Mainframe hacker extraordinaire

mainframed / ltpa_generate.py

Last active January 26, 2026 09:27

ltpa_generate.py

	#!/usr/bin/env python3
	"""
	LTPA Token Generator - Generates IBM WebSphere LTPA v1 and LTPA2 tokens

	Based on analysis of IBM LTPA token format and cryptographic implementation.
	References:
	- http://tech.srij.it/2012/04/how-to-decrypt-ltpa-cookie-and-view.html
	- IBM WebSphere LTPA documentation
	- WebSphere {xor} password decoder by Jeroen Zomer

mainframed / xordecoder.py

Created January 23, 2026 14:42

Decode Websphere XOR

	import base64

	def decode_was_xor(xor_string):
	if not xor_string.lower().startswith("{xor}"):
	raise ValueError("Not a WebSphere {xor} string")

	xor_data = xor_string[5:] # Remove {xor} prefix

	# Base64 decode
	decoded_bytes = base64.b64decode(xor_data)

mainframed / SSH to cat files on a remote server

Created January 23, 2026 12:54

getfiles.sh

	#!/bin/bash

	REMOTE_USER="user"
	REMOTE_HOST="hostname"
	REMOTE_PASSWORD="password"
	LOCAL_DIR="."

	while read remote_file; do
	# Remove leading slash from the path
	local_path="${remote_file#/}"

mainframed / lpar_rexx.sh

Created January 7, 2026 18:06

Run a REXX script through SSH

	#!/bin/bash

	# Store password securely (file with 600 permissions)
	# echo "yourpassword" > ~/.ssh/z_pass
	# chmod 600 ~/.ssh/z_pass

	PASSWORD=$(cat ~/.ssh/z_pass)

	# List of LPARs
	LPARS=("lpar1" "lpar2" "lpar3")

mainframed / resubmit.jcl

Last active December 17, 2025 22:20

I needed some JCL that when submitted would then run some rexx which submit another job, useful for surrogats.

	//* The next are lines JCL to create a temp dataset (&&OMG) with
	//* a member (REXX). The file then looks like &&OMG(REXX).
	//* The end of the REXX file is noted as single line with ## on it
	//* The program IEBGENER copies all that data to the temp file
	//CREATOMG EXEC PGM=IEBGENER
	//SYSPRINT DD SYSOUT=*
	//SYSIN DD DUMMY
	//SYSUT2 DD DSN=&&OMG(DOIT),UNIT=SYSDA,
	// DISP=(NEW,PASS,DELETE),
	// SPACE=(TRK,(1,1,1)),

mainframed / extract_3270.sh

Created December 1, 2025 20:16

mainframed / topsecret_stig.txt

Last active August 27, 2024 23:52

	#!/bin/sh
	set -x
	/bin/tsocmd "TSS LIST(SDT) CERTMAP(ALL)" > 01_certmap.txt
	/bin/tsocmd "TSS LIST(ACIDS) DATA(ADMIN, BASIC)" > 02_acids_admin-basic.txt
	/bin/tsocmd "TSS LIST(ACIDS) DATA(BASIC)" > 03_acids_basic.txt
	/bin/tsocmd "TSS MODIFY STATUS" > 04_modify_status.txt
	/bin/tsocmd "TSS WHOHAS OPERCMDS(MVS)" > 05_opercmds_mvs.txt
	/bin/tsocmd "TSS WHOHAS DSN(SYS1.PARMLIB)" > 06_whohas_sys1.parmlib.txt
	/bin/tsocmd "TSS WHOHAS DSN(SYS1.LINKLIB)" > 07_whohas_sys1.linklib.txt
	/bin/tsocmd "TSS WHOHAS DSN(SYS1.SVCLIB)" > 08_whohas_sys1.svclib.txt

mainframed / TOPSEC.JCL

Last active August 29, 2024 18:04

	//NETSPI JOB (NETSPI),'NETSPI',CLASS=A,MSGCLASS=A,NOTIFY=&SYSUID
	//TSOTSS EXEC PGM=IKJEFT01
	//SYSTSPRT DD SYSOUT=*
	//SYSTSIN DD *
	TSS LIST(ACIDS) TYPE(SCA)
	TSS LIST(ACIDS) DATA(ADMIN)
	TSS WHOHAS FACILITY(APPC)
	TSS LIST(RESOURCES) TYPE(ACTION) MASK(NODSN)
	TSS LIST(RESOURCES) TYPE(ACTION) MASK(EXIT)
	TSS MODIFY(MSUSPEND)

mainframed / CATMAP3J.jcl

Created August 27, 2024 18:39

CATMAP3J testing

	//PHILCATJ JOB (JOB),'CATMAP3J',CLASS=A,MSGCLASS=A,NOTIFY=&SYSUID
	//*
	// EXPORT SYMLIST=*
	// SET LOADMOD=APFCHECK
	// SET LOADLIB=FOO.LOAD.LIB
	//*
	//ASM EXEC PGM=ASMA90,PARM='NODECK,XREF(SHORT)'
	//SYSLIB DD DSN=SYS1.MACLIB,DISP=SHR
	//SYSUT1 DD UNIT=SYSDA,SPACE=(TRK,(50,10))
	//SYSUT2 DD UNIT=SYSDA,SPACE=(TRK,(50,10))

mainframed / LUEnum.rexx

Last active September 27, 2023 22:21

	/* REXX */
	parse arg len
	SAY "LISTUSER RACF User Enumeration Tool"
	SAY "VER 1"
	/* License: GPLv3 */

	ALPHANUM = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ123456789'
	DO I=1 to 36
	S1 = RIGHT(LEFT(ALPHANUM,I),1)
	DO J=1 to 36