- Command Injection, File Inclusion, Directory Traversal
Check use of:
- shell_exec
- exec
- backtick (`)
- system
Jesse Cotton JCotton1123
JCotton1123
/ chef-repo-pin-versions.sh
Last active
October 13, 2015 05:23
Numerous Chef related cleanup snippets
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| for cookbook in $(ls); do | |
| knife cookbook metadata from file $cookbook/metadata.rb | |
| done | |
| for cookbook in $(ls); do | |
| echo "Processing cookbook $cookbook" | |
| if [ ! -d $cookbook ]; then | |
| continue | |
| fi | |
| deps=$(cat $cookbook/metadata.json | python -c 'import sys, json; print "\n".join(json.load(sys.stdin)["dependencies"].keys())') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| driver: | |
| name: vagrant | |
| network: | |
| - ["public_network", {"bridge": "en0: Wi-Fi (AirPort)"}] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| TMP_DIR="/mnt/data/tmp" | |
| LOCAL_HOST="localhost" | |
| LOCAL_PASS="" | |
| FOREIGN_HOST=".us-east-1.rds.amazonaws.com" | |
| FOREIGN_PASS="" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class LDAPSearchTime < Scout::Plugin | |
| OPTIONS=<<-EOS | |
| uri: | |
| default: ldapi:/// | |
| name: URI | |
| authmech: | |
| default: EXTERNAL | |
| name: Auth Mechanism | |
| username: | |
| name: Username |
JCotton1123
/ simplerelay.py
Last active
September 2, 2022 00:11
Start of simple SMTP relay service in Python
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import os | |
| import re | |
| import daemon | |
| import asyncore | |
| import smtpd | |
| class SimpleRelayService(smtpd.PureProxy): | |
| """Handles processing mail for relay""" |
We can make this file beautiful and searchable if this error is corrected: No commas found in this CSV file in line 0.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://github.com/Bitlancer/puppet-cloudfuse | |
| https://github.com/Bitlancer/puppet-motd | |
| https://github.com/Bitlancer/puppet-openldap | |
| https://github.com/Bitlancer/puppet-sssd | |
| https://github.com/Bitlancer/puppet-tomcat | |
| https://github.com/Bitlancer/puppetlabs-apache | |
| https://github.com/Bitlancer/strings-dashboard | |
| https://github.com/Bitlancer/strings-datasync | |
| https://github.com/Bitlancer/strings-deploy-toolkit | |
| https://github.com/Bitlancer/strings-documentation |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| data_directory="/var/www/html/" | |
| page_size=1000 | |
| yesterday=$(date +%Y%m%d -d "yesterday") | |
| count_query=" | |
| SELECT count(*) FROM ( | |
| SELECT actor.login,repo.name | |
| FROM [githubarchive:day.events_${yesterday}] |
JCotton1123
/ openvpn-windows-installer.au3
Created
November 6, 2014 04:42
Windows OpenVPN installer
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ; Automated installer for OpenVPN | |
| ; The MIT License (MIT) | |
| ; | |
| ; Copyright (c) 2014 Jesse Cotton <jcotton1123@gmail.com> | |
| ; | |
| ; Permission is hereby granted, free of charge, to any person obtaining a copy | |
| ; of this software and associated documentation files (the "Software"), to deal | |
| ; in the Software without restriction, including without limitation the rights | |
| ; to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| CMD=$(basename $0) | |
| STATE=$1 | |
| NAME=$2 | |
| HOSTS=$3 | |
| LICENSE_PATH=$4 | |
| PASSWORD=$5 | |
| DATA_PATH=$6 | |
| RESTART_POLICY=$7 |