Skip to content

Instantly share code, notes, and snippets.

Avatar
🔧
Hacking all the things...

Eddie James Carswell II AfroThundr3007730

🔧
Hacking all the things...
View GitHub Profile
@AfroThundr3007730
AfroThundr3007730 / decrypt_gnupg-sc.sh
Created Jul 20, 2020
Modified version of Debian's cryptsetup hook for GnuPG Smartcard unlock
View decrypt_gnupg-sc.sh
#!/bin/sh
if [ -d "/cryptroot/gnupghome" ]; then
export GNUPGHOME="/cryptroot/gnupghome"
fi
run_gpg() {
/usr/bin/gpg --no-options --trust-model=always "$@"
}
decrypt_gpg () {
@AfroThundr3007730
AfroThundr3007730 / github-next-center-headers.user.css
Last active Jul 19, 2020
Restores the padding to center the headers in the repository view.
View github-next-center-headers.user.css
/* ==UserStyle==
@name Github-Next - Center Header
@namespace github.com/AfroThundr3007730
@version 0.0.20200719
@description Restores the padding to center the headers in the repository view.
@author AfroThundr
@homepageURL https://gist.github.com/AfroThundr3007730/1596ae3898d08f91a42bc4f64e8b4a44
@updateURL https://gist.githubusercontent.com/AfroThundr3007730/1596ae3898d08f91a42bc4f64e8b4a44/raw/github-next-center-headers.user.css
@license CC-BY-SA-4.0
==/UserStyle== */
@AfroThundr3007730
AfroThundr3007730 / Set-UserPrimaryComputer.ps1
Last active Mar 14, 2021
Script to set msDS-PrimaryComputer attribute by OU mapping
View Set-UserPrimaryComputer.ps1
# Script to enforce Primary Computer attribute by OU mapping
# Used to limit the scope of roaming profiles and folder redirection
Start-Transcript 'C:\ProgramData\primary-computers.log' -Append
Write-Host 'Checking and updating user Primary Computer mappings.'
# Define group mapping array
$groupMappings = @()
# Add members to array
$groupMappings += @{
@AfroThundr3007730
AfroThundr3007730 / pfsense-props.conf
Created Jun 10, 2020
Splunk field extractions for pfSense firewall logs (IPv4)
View pfsense-props.conf
# The first attempt used CSV, but can't break up the first fields
[pfsense-fw-ipv4-tcp]
INDEXED_EXTRACTIONS = csv
LINE_BREAKER = ([\r\n]+)
NO_BINARY_CHECK = true
SHOULD_LINEMERGE = false
category = Network & Security
pulldown_type = 1
FIELD_NAMES = log_metadata,sub_rulenum,anchor,tracker,interface,reason,action,direction,ip_version,ip_tos,ip_ecn,ip_ttl,ip_id,ip_offset,ip_flags,ip_proto_id,ip_proto_text,ip_length,ip_src_addr,ip_dest_addr,ip_src_port,ip_dst_port,ip_data_length,tcp_flags,tcp_seq_num,tcp_ack_num,tcp_window,tcp_urg,tcp_opts
@AfroThundr3007730
AfroThundr3007730 / epo-web-redirect.md
Last active Jun 3, 2020
ePO apache config to put the webconsole on 443 (colocated with agent port)
View epo-web-redirect.md

Why do this?

I wanted to redirect the web console to port 443, but the agents use that for communication with ePO. I could change the agent communication port, but I don't want to redeploy all the agents to fix their configurations. Thus, this madness was born.

The configs

You'll need to navigate to the ePO apache server configuration directory:

X:\Program Files (x86)\McAfee\ePolicy Orchestrator\Apache2\conf
@AfroThundr3007730
AfroThundr3007730 / vm-deploy-progress.ps1
Last active Apr 2, 2021
Get completion percentage for batch VM clone tasks
View vm-deploy-progress.ps1
# Get completion percentage for batch VM clone tasks
function Get-VMDeployProgress() {
[Alias('deployProgress')]
Param(
[string]$VCUser = $global:DefaultVIServers[0].User.Split('\')[1]
)
do {
$Tasks = Get-Task | Where-Object { $_.Name -match 'clone' `
-and $_.State -match 'running' `
-and $_.ExtensionData.Info.Reason.UserName -match $VCUser }
@AfroThundr3007730
AfroThundr3007730 / gpo-cleanup.ps1
Created Apr 10, 2020
Nuking orphaned GPOs in the SYSVOL
View gpo-cleanup.ps1
# Nuking orphaned GPOs in the SYSVOL
Start-Transcript .\gpo-cleanup.log
$guids = (get-gpo -All).id.guid
$files = (ls .).name
Write-Host 'Registered GPOs:' $guids.count
Write-Host 'GPO Files:' ($files | Select-String '{').count
$extraFiles = @()
@AfroThundr3007730
AfroThundr3007730 / add-dod-certs.sh
Last active Jul 13, 2021
Import DoD root certificates into linux CA store
View add-dod-certs.sh
#!/bin/bash
# Import DoD root certificates into linux CA store
main() {
# Location of bundle from DISA site
url='https://public.cyber.mil/pki-pke/pkipke-document-library/'
bundle=$(curl -s $url | awk -F '"' '/dod.zip/ {print $2}')
#bundle=https://dl.dod.cyber.mil/wp-content/uploads/pki-pke/zip/certificates_pkcs7_v5-6_dod.zip
# Set cert directory and update command based on OS
@AfroThundr3007730
AfroThundr3007730 / Rotate-ESXiCreds.ps1
Created Mar 20, 2020
Mass change ESXi host passwords to new values
View Rotate-ESXiCreds.ps1
# Mass change ESXi host passwords to new values
# The hashtable should have an entry for every host
# Ensure $host_creds doesn't end up in your history
Connect-VIServer -Server 'YOUR_VCSA' -Credential (Get-Credential)
$host_creds = @{
'ESXi1.lab.local' = 'VALUE_FROM_PW_DB';
'ESXi2.lab.local' = 'VALUE_FROM_PW_DB';
# More as needed...
@AfroThundr3007730
AfroThundr3007730 / ComputerHygiene.ps1
Last active Mar 14, 2021
Script to disable inactive computer accounts after a set period and delete disabled accounts after another set period.
View ComputerHygiene.ps1
Start-Transcript C:\ProgramData\computer-hygiene.log -Append
function accountFilter($accountList) {
# Filter out system principals and exempt accounts
return $accountList | Where-Object {
# Don't process these accounts
$_.DistinguishedName -notmatch "OU=Domain Controllers" -and
$_.DistinguishedName -notmatch "OU=VMWare" -and
$_.DistinguishedName -notmatch "OU=Linux"
} | Sort-Object