View find32bit.py
#!/usr/bin/python | |
from macholib import MachO | |
import macholib | |
import os | |
import sys | |
path = sys.argv[1] | |
for root, dirs, files in os.walk(path): |
View pbkdf2-iteration-check.sh
sudo /usr/libexec/PlistBuddy -x -c 'Print :ShadowHashData' /var/db/dslocal/nodes/Default/users/root.plist | awk '/\t[^\<]/{print $1}' | base64 -D | plutil -convert xml1 -o - -- - | python -c 'import plistlib; import sys; plist = plistlib.readPlistFromString(sys.stdin.read()); print plist["SALTED-SHA512-PBKDF2"]["iterations"]' |
View Sierra-10.12.2-16C68-diff.txt
"./Library/Documentation/License.lpdf/Contents/Resources/Dutch.lproj/License.pdf" | |
"./Library/Documentation/License.lpdf/Contents/Resources/English.lproj/License.pdf" | |
"./Library/Documentation/License.lpdf/Contents/Resources/French.lproj/License.pdf" | |
"./Library/Documentation/License.lpdf/Contents/Resources/German.lproj/License.pdf" | |
"./Library/Documentation/License.lpdf/Contents/Resources/Italian.lproj/License.pdf" | |
"./Library/Documentation/License.lpdf/Contents/Resources/Japanese.lproj/License.pdf" | |
"./Library/Documentation/License.lpdf/Contents/Resources/Spanish.lproj/License.pdf" | |
"./Library/Documentation/License.lpdf/Contents/Resources/ar.lproj/License.pdf" | |
"./Library/Documentation/License.lpdf/Contents/Resources/ca.lproj/License.pdf" | |
"./Library/Documentation/License.lpdf/Contents/Resources/cs.lproj/License.pdf" |
View org.my.push.agent.plist
<?xml version="1.0" encoding="UTF-8"?> | |
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
<plist version="1.0"> | |
<dict> | |
<key>KeepAlive</key> | |
<dict> | |
<key>PathState</key> | |
<dict> | |
<key>/Library/Managed Preferences/org.my.push.plist</key> | |
<true/> |
View google_chrome_update_checker.py
#!/usr/bin/python | |
import xml.etree.ElementTree as ET | |
import requests | |
import uuid | |
params = {'cup2hreq': 'foo', 'cup2key': 'bar'} | |
platform = 'mac' | |
os_version = '10.12' |
View create_osx_pbkdf2_plist.py
#!/usr/bin/python | |
# Requires passlib: pip install passlib | |
from passlib.hash import pbkdf2_sha512 | |
from passlib.util import ab64_decode | |
from biplist import * | |
# Checksum size must be 128 bytes for use as OS X password hash! | |
pbkdf2_sha512.checksum_size = 128 | |
hash = pbkdf2_sha512.encrypt("password", rounds=38000, salt_size=32) |
View pfstart.sh
#!/bin/bash -x | |
# Wait for networking to be up, just in case | |
/usr/sbin/ipconfig waitall | |
# Loop on the presence of the standard Apple ruleset before proceeding | |
# This way we don't accidentally get overruled (SWIDT) if com.apple.pfctl | |
# happens to be loaded after myorg.pf. | |
count=0 | |
while [[ $(pfctl -sr 2>&1 | egrep "apple" | wc -l) -eq 0 && $count -lt 12 ]]; do |
View myorg.pf.plist
<?xml version="1.0" encoding="UTF-8" ?> | |
<!DOCTYPE plist PUBLIC "-//Apple Computer/DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
<plist version="1.0"> | |
<dict> | |
<key>Label</key> | |
<string>myorg.pf.plist</string> | |
<key>Program</key> | |
<string>/usr/local/bin/pfstart.sh</string> | |
<key>ProgramArguments</key> | |
<array> |
View myorg.pf.conf
anchor "myorg.pf" | |
load anchor "myorg.pf" from "/etc/pf.anchors/myorg.pf.rules" |
View myorg.pf.rules
# Allow trusted addresses to get to SSH and Apple remote desktop. | |
# Ports filtered - add more ports to allow more services as needed | |
# 22/tcp: ssh | |
# 3283/tcp: Apple Remote Desktop | |
# 3283/udp: Apple Remote Desktop | |
# 5900/tcp: Apple Remote Desktop/VNC | |
incoming_services_tcp = "{ 22, 3283, 5900 }" | |
incoming_services_udp = "{ 3283 }" |
NewerOlder