Understand your Mac and iPhone more deeply by tracing the evolution of Mac OS X from prelease to Swift. John Siracusa delivers the details.
You've got two main options:
AriESQ AriESQ
chrisxaustin
/ list-clones
Created
May 2, 2024 12:50
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| org=foo | |
| gh api --paginate -H "Accept: application/vnd.github+json" -X GET -F include=git /orgs/$org/audit-log | jq -r '.[] | select(.action=="git.clone" and .actor!="github-actions[bot]" and .actor!="dependabot[bot]") | [.actor, .action, .repo, .programmatic_access_type] | @tsv' |
nitrocode
/ multi-account-role-assumption.md
Last active
February 16, 2023 05:48
Multi account role assumption
Here are the steps
- Identify an ingress aws account for your primary aws role (where atlantis first assumes a role)
- Create standard iam roles across each aws account that allows the role from 1 (primary aws role) to assume these new roles
- Stand up atlantis and have it assume role 1 (primary aws role) by default
- Use the terraform block in each terraform root dir to assume the appropriate role. If you do not have an internal account map module, you can hard code the
role_arnin the aws provider block.
See dejavuln-autoroot for a simpler exploit that works on webOS 3.5+ TVs (i.e., models from 2017 and later). It is unpatched as of 2024-04-21 and does not require Developer Mode or even a network connection—just a USB drive.
Otherwise:
- If you have a webOS 5–8 TV with old enough firmware, WTA (which does not require Dev Mode) will still work.
- If you have a webOS 4.x TV, you can also try CVE-2023-6319, which is unpatched on the latest (final?) firmware for webOS 4.0 (2018) models.
- While there will eventually be fully software-based exploits released for older models, they can currently be rooted via NVM.
jkugler
/ gist:4928e3239edad10b262d95a20c144768
Last active
January 19, 2023 07:12
Reducing resolution on HiDPI/4K displays for text-based installers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| I recently installed Ubuntu server on a laptop with a 4K display. While the installer appears to be in text, it apparently uses a graphical mode, and setting vga=799 in the kernl boot parameters did not work. | |
| To decrease the resolution, you have to pass a kernel boot parameter with the monitor "name" as seen by edid. | |
| You can do this to list monitors without xrandr | |
| find /sys/devices -name "edid" | |
| That will produce a listing like this: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -ue | |
| cmd="$(echo "$@" | tr ' ' '+')"; | |
| url="http://explainshell.com/explain?cmd=$cmd" | |
| lynx -dump $url | |
| #### Output | |
| # explain git clean -fdx | |
| [1]explainshell.com | |
| * [2]about |
MarkBaggett
/ gist:ccf8a441f788f6f631f9b5f0e5fa3de9
Created
May 28, 2022 21:19
get environment variables from process id
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def get_local_envvars_pid(process_id): | |
| gdb_script = "set variable $envs = (char **) environ\nset $i = 0\nwhile ($envs[$i] != 0)\nprint $envs[$i++]\nend\nquit\n" | |
| pathlib.Path("/tmp/getenv.gdb").write_text(gdb_script) | |
| gdb_command = f"gdb -batch -x /tmp/getenv.gdb -p {process_id}" | |
| ph = subprocess.Popen(gdb_command.split(),stdout=subprocess.PIPE, stderr=subprocess.PIPE) | |
| out,err = ph.communicate() | |
| log.debug(f"gdb environment variable output {out} errors {err}") | |
| try: | |
| found_items = re.findall(r'\$\d+\s+=\s+[0-9a-fx]+\s+"(\S+)=(.+)"\n', out.decode()) | |
| except: |
Before you start, please NOTE: this guide does not cover rootless containers!
On an hypervisor with LXD installed, create a new container, ensuring that -c security.nesting=true -c security.privileged=true is set:
lxc launch -c security.nesting=true -c security.privileged=true images:fedora/35 my-containerIf the container already exists, set this parameter through lxc config:
lxc config set my-container security.nesting=true
lxc config set my-container security.privileged=true
nitrocode
/ template-terraform-provider-for-darwin-arm.md
Last active
February 12, 2024 22:58
Template terraform provider for darwin arm
Provider registry.terraform.io/hashicorp/template v2.2.0 does not have a package available for your current platform, darwin_arm64
The templatefile function only works with files. If you're working with files then switch to templatefile.
The hashicorp/template provider's template_file data source works with template strings and files (converted to strings) but was archived/deprecated before creating an arm release forcing people to look into other options if using Apple M1 (based on ARM).
SwitHak
/ 20211210-TLP-WHITE_LOG4J.md
Last active
June 28, 2024 12:07
BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC
Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)
- If you want to add a link, comment or send it to me
- Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak
- Royce Williams list sorted by vendors responses Royce List
- Very detailed list NCSC-NL
- The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List
NewerOlder