Skip to content

Instantly share code, notes, and snippets.

Avatar

Bryan Drewery bdrewery

View GitHub Profile
@bdrewery
bdrewery / gist:212362
Created Oct 17, 2009
FreeBSD 7 kernel patch to block listening on IRCD ports on INADDR_ANY
View gist:212362
--- ./sys/netinet/in_pcb.c.orig 2009-09-17 09:40:42.000000000 -0500
+++ ./sys/netinet/in_pcb.c 2009-10-03 11:07:16.000000000 -0500
@@ -346,6 +346,14 @@
priv_check_cred(cred, PRIV_NETINET_RESERVEDPORT,
0))
return (EACCES);
+ /* Deny listening on ircd ports on INADDR_ANY */
+ if ((sin->sin_addr.s_addr == INADDR_ANY) && (
+ (ntohs(lport) >= 6660 && ntohs(lport) <= 6669) ||
+ (ntohs(lport) == 6697) ||
@bdrewery
bdrewery / gist:212364
Created Oct 17, 2009
FreeBSD 7 random mmap()
View gist:212364
Index: src/sys/vm/vm_mmap.c
===================================================================
--- ./sys/vm/vm_mmap.c (revision 171)
+++ ./sys/vm/vm_mmap.c (working copy)
@@ -88,6 +88,10 @@
static int max_proc_mmap;
SYSCTL_INT(_vm, OID_AUTO, max_proc_mmap, CTLFLAG_RW, &max_proc_mmap, 0, "");
+static int mmap_random = 1;
+SYSCTL_INT(_vm, OID_AUTO, mmap_random, CTLFLAG_RW, &mmap_random, 1,
@bdrewery
bdrewery / gist:212365
Created Oct 17, 2009
FreeBSD 7 stackgap (people.freebsd.org/~ssouhlal/testing/stackgap-20050527.diff)
View gist:212365
--- src/sys/kern/kern_exec.c (revision 171)
+++ src/sys/kern/kern_exec.c (working copy)
@@ -83,6 +83,7 @@
static int sysctl_kern_ps_strings(SYSCTL_HANDLER_ARGS);
static int sysctl_kern_usrstack(SYSCTL_HANDLER_ARGS);
static int sysctl_kern_stackprot(SYSCTL_HANDLER_ARGS);
+static int sysctl_kern_stackgap_random(SYSCTL_HANDLER_ARGS);
static int do_execve(struct thread *td, struct image_args *args,
struct mac *mac_p);
@bdrewery
bdrewery / gist:212369
Created Oct 17, 2009
patch for pecl-htscanner to fix php_flag parsing
View gist:212369
--- htscanner.c.orig 2009-08-03 17:37:27.000000000 +0200
+++ htscanner.c 2009-08-03 17:37:55.000000000 +0200
@@ -103,10 +103,17 @@
if (flag) {
/* it's a flag */
- if (!strcasecmp(value, "On") || (value[0] == '1' && value[1] == '\0')) {
+
+ /*
+ * check only for valid boolean values.
View gist:212373
--- modules/generators/mod_suexec.c 2006-07-12 05:38:44.000000000 +0200
+++ modules/generators/mod_suexec.c 2008-09-27 08:27:31.000000000 +0200
@@ -57,7 +57,8 @@
}
static const char *set_suexec_ugid(cmd_parms *cmd, void *mconfig,
- const char *uid, const char *gid)
+ const char *uid, const char *gid,
+ int userdir)
{
@bdrewery
bdrewery / gist:212374
Created Oct 17, 2009
FreeBSD patch for non-root screen
View gist:212374
To run screen as non-root:
chmod 0111 /usr/local/bin/screen
chown nobody:utmp /usr/local/bin/screen
# Run this. Add into /etc/rc.local as well if you have clear_tmp_enable="YES"
install -d -o root -g wheel -m 1777 /tmp/uscreens
Add this to /usr/local/etc/pkgtools.conf in the AFTERINSTALL block as so for auto fixing screen on portupgrade:
AFTERINSTALL = {
@bdrewery
bdrewery / gist:212376
Created Oct 17, 2009
bash helper scripts, dirname/basename scripted is much much much quicker than forking a new process
View gist:212376
# From Shell Scripting Recipes -Chris F.A. Johnson
split_line() {
local IFS=${DELIM:- }
local opts=$-
set -f
RET=( $* )
View localhubs
1 hub binary.
2 leaf binaries.
Leafs link over a unix domain socket to the first bot in their binary (the localhub).
The localhub links to the hub(s).
Speeds up linking / communicating.
Lowers bandwidth needs (only need to download 1 userfile from hub per binary).
Allows leaf bots to talk directly instead of relay through a far away hub.
No extra configuration or setup required for this.
@bdrewery
bdrewery / gist:285076
Created Jan 24, 2010
Eggdrop Blowfish indexes
View gist:285076
static const char base64_blowfish_mod[65] = "./0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
static const char base64_blowfish_mod_index[256] = {
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 0, 1,
2, 3, 4, 5, 6, 7, 8, 9, 10, 11, -1, -1, -1, -1, -1, -1,
-1, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52,
53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, -1, -1, -1, -1, -1,
-1, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26,
27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, -1, -1, -1, -1, -1,
View gist:286285
static char parent[500] = "";
static char parent_args[500] = "";
void get_parent() {
int i = 0;
int ppid;
parent[0] = parent_args[0] = 0;
ppid = getppid();
for (i = 0; i < 2; ++i) {
char *parent_p;
You can’t perform that action at this time.