Skip to content

Instantly share code, notes, and snippets.

View SP3269's full-sized avatar

Svyatoslav Pidgorny SP3269

7 followers · 2 following
View GitHub Profile
@SP3269
SP3269 / env.tf
Last active July 18, 2024 03:43
Output Linux environment from Terraform
# Output Linux environment from Terraform
provider "local" {}
data "local_file" "env" {
filename = "/proc/1/environ"
}
output "env" {
value = data.local_file.env.content
@SP3269
SP3269 / ConvertJsonToPfx.ps1
Created May 3, 2019 23:19
PowerShell script to convert Google Cloud Platform service account JSON credentials to PFX credentials (for using with New-Jwt from my JWT module)
#! /usr/bin/pwsh -nop
$j = Get-Content "./Gsuite.json" | ConvertFrom-JSON
$priv = $j.private_key
$pub = (Invoke-RestMethod $j.client_x509_cert_url).($j.private_key_id)
$rnd = Get-Random 1000001
$priv | Out-File ".\priv$rnd.key"
$pub | Out-File ".\pub$rnd.cer"
openssl pkcs12 -export -in "pub$rnd.cer" -inkey "priv$rnd.key" -out "pfx$rnd.p12" -password pass:notasecret
@SP3269
SP3269 / TestTlsPerf.ps1
Last active June 14, 2023 05:41
# Using curl to measure TLS negotiation time, as a proxy of PKCS #11 performance
# https://blog.cloudflare.com/a-question-of-timing/
function Get-ConnectionTimes ([string] $Uri) {
$curl = curl -w "%{time_namelookup},%{time_connect},%{time_appconnect}\n" -s -o /dev/null $Uri
$namelookup,$connect,$appconnect = $curl -split ","
$res = [PSCustomObject]@{
namelookup = [float]$namelookup
connect = [float]$connect
appconnect = [float]$appconnect
@SP3269
SP3269 / VerifyJWTSignature.ps1
Created January 5, 2018 05:53
JWT verification in Powershell - prototype
# JWT signature verification
# $jwt should contain the JWT as a string
$parts = $jwt.Split('.')
$SHA256 = New-Object Security.Cryptography.SHA256Managed
$computed = $SHA256.ComputeHash([System.Text.Encoding]::UTF8.GetBytes($parts[0]+"."+$parts[1]))
# Method A - just using X509Certificate2. TODO: initialise from file, no private key
# Reference: https://blogs.msdn.microsoft.com/alejacma/2008/06/25/how-to-sign-and-verify-the-signature-with-net-and-a-certificate-c/
@SP3269
SP3269 / flatten.md
Last active February 21, 2023 06:25
Flattening structures in PowerShell

Quickly coding a function that allows flattening a structure. The goal is to use in comparing complex structures, such as created by the ConvertFrom-JSON or ConvertFrom-Yaml.

Outputs a hash table.

Example:

$res = Flatten-Object @{SH = @("bin", "bash"); A = 1; B = "ZZ"; C = @{CC = "CC"}; Logic = $true}
$res.Keys | Sort-Object | % { Write-Output "$_ = $($res[$_])"}
@SP3269
SP3269 / HIBP.ps1
Last active November 16, 2022 22:02
SImple Have I Been Pwned API client in PowerShell. Check whether your passwords have been compromised.
# Runs in PowerShell 5.1, PowerShell Core 6 on Windows and Linux, and PowerShell 7 preview
# Calculating SHA1 hash and returning it as a hexadecimal string
function Compute-SHA1Hash ([string] $string) {
$sha1 = New-Object System.Security.Cryptography.SHA1CryptoServiceProvider
$encoder = New-Object System.Text.UTF8Encoding
$bytes = $encoder.GetBytes($string)
$hash = ($sha1.ComputeHash($bytes) | % { $_.ToString("X2") }) -join ''
return $hash
@SP3269
SP3269 / qs.ps1
Last active August 21, 2022 15:24
Quicksort implementation in PowerShell. Written during a long meeting. Tested with ```quicksort (1..10000 | get-random -count 50)``` and the like
function quicksort($in) {
$n = $in.count
switch ($n) {
0 {}
1 { $in[0] }
2 { if ($in[0] -lt $in[1]) {$in[0], $in[1]} else {$in[1], $in[0]} }
default {
$anchor = $in | get-random
$lt = $in | ? {$_ -lt $anchor}
$eq = $in | ? {$_ -eq $anchor}
@SP3269
SP3269 / Get-GAuthorizationKey.ps1
Last active August 3, 2022 20:28
This is a PowerShell implementation of two-legged OAuth 2.0 scenario for server-to-server interactions with Google Identity Platform
#! /usr/bin/pwsh -nop
# This is PowerShell implementation of 2LO per https://developers.google.com/identity/protocols/OAuth2ServiceAccount
# Inputs: GCP service account with credentials, user to impersonate, and permissions to request
# Output: the access token for subsequent requests
# Using New-JWT function from the JWT module - "Install-Module JWT" if you don't have it
Import-Module JWT
@SP3269
SP3269 / GetComputerData.ps1
Last active February 2, 2022 07:38
PowerShell functon that collects information about a Windows system (due to Windows-specific CIM classes), including process I/O and network bandwidth data. Sample data collection from Windows systems. Includes top I/O consumer processes. Run in parallel for performance (tested ~5K systems in ~20 minutes).
# This is a simple Powershell script that probes a system for management interface, negotiates protocol and queries management data
# Some of it is pretty standard, such as make/model/RAM/OS
# The interesting bit, quite useful in production, is the top processes by read and write I/O activity
# Run in parallel against multiple systems, and you have dataset describing your environment!
function Get-ComputerData {
[CmdletBinding()]
param (
@SP3269
SP3269 / AccessAzureADGraph.ps1
Last active September 18, 2021 01:01
This is simple Azure AD graph call given client ID and secret generated by the AAD administrator. Lists the users. Some error handling.
# Setting default parameters for irm for better error tolerance in case of transient connectivity issues. Can specify Proxy and ProxyCredential here:
$PSDefaultParameterValues = @{
"Invoke-RestMethod:MaximumRetryCount" = 3
"Invoke-RestMethod:RetryIntervalSec" = 1
}
# This is simple token request per http://codematters.tech/getting-access-token-for-microsoft-graph-using-oauth-rest-api/
# Credentials JSON per ADAL example at https://github.com/AzureAD/azure-activedirectory-library-for-python/blob/dev/sample/client_credentials_sample.py