- Command Injection, File Inclusion, Directory Traversal
Check use of:
- shell_exec
- exec
- backtick (`)
- system
for cookbook in $(ls); do | |
knife cookbook metadata from file $cookbook/metadata.rb | |
done | |
for cookbook in $(ls); do | |
echo "Processing cookbook $cookbook" | |
if [ ! -d $cookbook ]; then | |
continue | |
fi | |
deps=$(cat $cookbook/metadata.json | python -c 'import sys, json; print "\n".join(json.load(sys.stdin)["dependencies"].keys())') |
--- | |
driver: | |
name: vagrant | |
network: | |
- ["public_network", {"bridge": "en0: Wi-Fi (AirPort)"}] |
#!/bin/bash | |
TMP_DIR="/mnt/data/tmp" | |
LOCAL_HOST="localhost" | |
LOCAL_PASS="" | |
FOREIGN_HOST=".us-east-1.rds.amazonaws.com" | |
FOREIGN_PASS="" |
class LDAPSearchTime < Scout::Plugin | |
OPTIONS=<<-EOS | |
uri: | |
default: ldapi:/// | |
name: URI | |
authmech: | |
default: EXTERNAL | |
name: Auth Mechanism | |
username: | |
name: Username |
#!/usr/bin/env python | |
import os | |
import re | |
import daemon | |
import asyncore | |
import smtpd | |
class SimpleRelayService(smtpd.PureProxy): | |
"""Handles processing mail for relay""" |
https://github.com/Bitlancer/puppet-cloudfuse | |
https://github.com/Bitlancer/puppet-motd | |
https://github.com/Bitlancer/puppet-openldap | |
https://github.com/Bitlancer/puppet-sssd | |
https://github.com/Bitlancer/puppet-tomcat | |
https://github.com/Bitlancer/puppetlabs-apache | |
https://github.com/Bitlancer/strings-dashboard | |
https://github.com/Bitlancer/strings-datasync | |
https://github.com/Bitlancer/strings-deploy-toolkit | |
https://github.com/Bitlancer/strings-documentation |
#!/bin/bash | |
data_directory="/var/www/html/" | |
page_size=1000 | |
yesterday=$(date +%Y%m%d -d "yesterday") | |
count_query=" | |
SELECT count(*) FROM ( | |
SELECT actor.login,repo.name | |
FROM [githubarchive:day.events_${yesterday}] |
; Automated installer for OpenVPN | |
; The MIT License (MIT) | |
; | |
; Copyright (c) 2014 Jesse Cotton <jcotton1123@gmail.com> | |
; | |
; Permission is hereby granted, free of charge, to any person obtaining a copy | |
; of this software and associated documentation files (the "Software"), to deal | |
; in the Software without restriction, including without limitation the rights | |
; to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
#!/bin/bash | |
CMD=$(basename $0) | |
STATE=$1 | |
NAME=$2 | |
HOSTS=$3 | |
LICENSE_PATH=$4 | |
PASSWORD=$5 | |
DATA_PATH=$6 | |
RESTART_POLICY=$7 |