#!/bin/bash | |
## Executing this script is not a guarantee for a secure host! | |
## This script is a collection of the junk I have found on my hosts and what | |
## the SaltStack community gave as input. We have seen this attack evolve. | |
## Please have a very close look at your systems and consider reinstalling them | |
## to be absolutely sure you are free of malware. | |
# remove crontab persistence | |
for i in 54.36.185.99 217.8.117.137 176.31.60.91 217.12.210.192 54.36.185.99 54.36.185.99 89.223.121.139 torsocks anagima3 sa.sh$ c.sh$ selcdn.ru salt-store; do |
# Unicode Icons in Ranger File Manager | |
# | |
# How to install? | |
# https://gist.github.com/marcbelmont/c12d2fd2519a372d3b347f665b37e74a#gistcomment-3240106 | |
from __future__ import absolute_import, division, print_function | |
from itertools import repeat | |
import ranger.api |
There are at least two valid, signed TLS certificates that are bundled with publicly available Netgear device firmware.
These certificates are trusted by browsers on all platforms, but will surely be added to revocation lists shortly.
The firmware images that contained these certificates along with their private keys were publicly available for download through Netgear's support website, without authentication; thus anyone in the world could have retrieved these keys.
Okay, I've got a need to build Firefox from source, and I'd like to do that on a remote machine, and then copy build result back to my laptop. With Nix, using bastion host. I'll note details of my successful adventure.
Here's the list of resources I've used actively:
- https://nixos.wiki/wiki/Distributed_build
- https://nixos.org/nix/manual/#conf-trusted-substituters and various other configuration parameters
- https://github.com/NixOS/nixpkgs/blob/release-19.09/nixos/modules/services/misc/nix-daemon.nix which contains mappings from Nix config names to NixOS config names (damn, they are different!)
Here's my setup:
# MIT License, see below | |
# | |
# These are some helpers for figuring out the derivations attributes of runtime | |
# dependencies of a derivation, in particular the function `runtimeReport`. At | |
# the bottom of the file you can see it used on `hello`. Spoiler: glibc is a | |
# runtime dependency. | |
# For more info see | |
# | |
# https://nmattia.com/posts/2019-10-08-runtime-dependencies.html |
-
Run the following in powershell as admin
Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux
-
Install a distro (ex: Ubuntu 18.04 LTS - https://www.microsoft.com/store/apps/9N9TNGVNDL3Q)
-
Open your distro you installed via the start menu, let it setup
-
Update and upgrade
sudo apt-get update
#!/usr/bin/env bash | |
# Installs NixOS on a Hetzner server, wiping the server. | |
# | |
# This is for a specific server configuration; adjust where needed. | |
# | |
# Prerequisites: | |
# * Update the script to adjust SSH pubkeys, hostname, NixOS version etc. | |
# | |
# Usage: |
https://github.com/reireias/dotseeker
grep -r -E -v -h '^\s*#' files | grep --color=none -E "^\s*alias " | sed -e 's/#.*//g' -e 's/^\s*//g' -e 's/\s*$//g' | sort | uniq -c | sort -nr
90 alias ls='ls --color=auto'
87 alias grep='grep --color=auto'
59 alias fgrep='fgrep --color=auto'
59 alias egrep='egrep --color=auto'
#!/bin/bash | |
gpg --check-trustdb 2>&1| grep 'not found' | awk '{print $8}' >bad-keys.txt | |
gpg --export-ownertrust > ownertrust-gpg.txt | |
mv ~/.gnupg/trustdb.gpg ~/.gnupg/trustdb.gpg-broken | |
for KEY in `cat bad-keys.txt` ; do sed -i "/$KEY/d" ownertrust-gpg.txt ; done | |
gpg --import-ownertrust ownertrust-gpg.txt | |
rm bad-keys.txt ownertrust-gpg.txt |