Matt Burdan burdzwastaken

## mdserv
#!/usr/bin/python
"""
To use this to mimic the EC2 metadata service entirely, run it like:
  # where 'eth0' is *some* interface.  if i used 'lo:0' i got 5 second or so delays on response.
  sudo ifconfig eth0:0 169.254.169.254 netmask 255.255.255.255

  sudo ./mdserv 169.254.169.254:80
Then:
  wget -q http://169.254.169.254/latest/meta-data/instance-id -O -; echo
  curl --silent http://169.254.169.254/latest/meta-data/instance-id ; echo

## web-servers.md

      
              1 file
            
          
              944 forks
            
          
              238 comments
            
          
              5994 stars
            
          
                willurd
                / web-servers.md
            
            
              Last active
              July 23, 2024 17:12
            
              
                Big list of http static server one-liners
              
          
    Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.
Discussion on reddit.
Python 2.x

$ python -m SimpleHTTPServer 8000

  
## v2mom-template.md

      
              1 file
            
          
              11 forks
            
          
              2 comments
            
          
              24 stars
            
          
                wuputah
                / v2mom-template.md
            
            
              Last active
              June 19, 2020 01:20
            
          
    Your Vision


What is a vision?
Your vision answers the question "What do I want?" A clear vision help you communicate why you're here and what impact you're going to have.
Your vision should be aligned with the company vision, with your manager's V2MOM, and it should be personal. It should be an honest reflection of your own vision for your own work.
If you manage a team, it should be reflective of the purpose of the team and your collective impact.


## URL Parsing
#!/bin/bash
# Referenced and tweaked from http://stackoverflow.com/questions/6174220/parse-url-in-shell-script#6174447

proto="$(echo $1 | grep :// | sed -e's,^\(.*://\).*,\1,g')"
# remove the protocol
url="$(echo ${1/$proto/})"
# extract the user (if any)
userpass="$(echo $url | grep @ | cut -d@ -f1)"
pass="$(echo $userpass | grep : | cut -d: -f2)"
if [ -n "$pass" ]; then

## attributes.rb
default['sshd']['sshd_config']['AuthenticationMethods'] = 'publickey,keyboard-interactive:pam'
default['sshd']['sshd_config']['ChallengeResponseAuthentication'] = 'yes'
default['sshd']['sshd_config']['PasswordAuthentication'] = 'no'

## accounts.apigateway.awsoperator.io.yaml
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
  name: accounts.apigateway.awsoperator.io
spec:
  group: apigateway.awsoperator.io
  versions:
  - name: v1alpha1
    served: true

## CVE-2019-11253-poc.sh
#!/usr/bin/env bash

# CVE-2019-11253
# https://github.com/kubernetes/kubernetes/issues/83253
# Shout out: @raesene for poc collab, @iancoldwater + @mauilion for
#  HONKing inspiration and other guidance.
# Description: In Kubernetes 1.13 and below, the default configuration
#  is that system:anonymous can request a selfsubjectaccessreview
#  via mechanisms such as "kubectl auth can-i".  This request can
#  include POSTed YAML, and just the act of trying to parse it causes

## twittermute.txt
Mute these words in your settings here: https://twitter.com/settings/muted_keywords

ActivityTweet
generic_activity_highlights
generic_activity_momentsbreaking
RankedOrganicTweet
suggest_activity
suggest_activity_feed
suggest_activity_highlights
suggest_activity_tweet

## misleading-cat.cpp
/* So how does this work?
I'm using ANSI escape sequences to control the behavior of the terminal while
cat is outputting the text. I deliberately place these control sequences inside
comments so the C++ compiler doesn't try to treat them as code.*/
//[2K[2D[A[2K[A[2K[A[2K[A[2K[A
/*The commands in the fake code comment move the cursor to the left edge and
clear out the line, allowing the fake code to take the place of the real code.
And this explanation uses similar commands to wipe itself out too. */
//[2K[2D[A[2K[A[2K[A[2K[A
#include <cstdio>

## netlify-ddns.sh
#!/bin/bash
#
# This is a Bash script to update a Netlify subdomain A record with the current external IP.
#
# Repo: https://github.com/skylerwlewis/netlify-ddns
# Gist: https://gist.github.com/skylerwlewis/ba052db5fe26424255674931d43fc030
#
# Usage:
# netlify-ddns.sh <ACCESS_TOKEN> <DOMAIN> <SUBDOMAIN> <TTL> [<CACHED_IP_FILE>]
#
	#!/usr/bin/python
	"""
	To use this to mimic the EC2 metadata service entirely, run it like:
	# where 'eth0' is some interface. if i used 'lo:0' i got 5 second or so delays on response.
	sudo ifconfig eth0:0 169.254.169.254 netmask 255.255.255.255

	sudo ./mdserv 169.254.169.254:80
	Then:
	wget -q http://169.254.169.254/latest/meta-data/instance-id -O -; echo
	curl --silent http://169.254.169.254/latest/meta-data/instance-id ; echo
	#!/bin/bash
	# Referenced and tweaked from http://stackoverflow.com/questions/6174220/parse-url-in-shell-script#6174447

	proto="$(echo $1 \| grep :// \| sed -e's,^\(.://\).,\1,g')"
	# remove the protocol
	url="$(echo ${1/$proto/})"
	# extract the user (if any)
	userpass="$(echo $url \| grep @ \| cut -d@ -f1)"
	pass="$(echo $userpass \| grep : \| cut -d: -f2)"
	if [ -n "$pass" ]; then
	default['sshd']['sshd_config']['AuthenticationMethods'] = 'publickey,keyboard-interactive:pam'
	default['sshd']['sshd_config']['ChallengeResponseAuthentication'] = 'yes'
	default['sshd']['sshd_config']['PasswordAuthentication'] = 'no'
	---
	apiVersion: apiextensions.k8s.io/v1beta1
	kind: CustomResourceDefinition
	metadata:
	name: accounts.apigateway.awsoperator.io
	spec:
	group: apigateway.awsoperator.io
	versions:
	- name: v1alpha1
	served: true
	#!/usr/bin/env bash

	# CVE-2019-11253
	# https://github.com/kubernetes/kubernetes/issues/83253
	# Shout out: @raesene for poc collab, @iancoldwater + @mauilion for
	# HONKing inspiration and other guidance.
	# Description: In Kubernetes 1.13 and below, the default configuration
	# is that system:anonymous can request a selfsubjectaccessreview
	# via mechanisms such as "kubectl auth can-i". This request can
	# include POSTed YAML, and just the act of trying to parse it causes
	Mute these words in your settings here: https://twitter.com/settings/muted_keywords

	ActivityTweet
	generic_activity_highlights
	generic_activity_momentsbreaking
	RankedOrganicTweet
	suggest_activity
	suggest_activity_feed
	suggest_activity_highlights
	suggest_activity_tweet
	/* So how does this work?
	I'm using ANSI escape sequences to control the behavior of the terminal while
	cat is outputting the text. I deliberately place these control sequences inside
	comments so the C++ compiler doesn't try to treat them as code.*/
	//[2K[2D[A[2K[A[2K[A[2K[A[2K[A
	/*The commands in the fake code comment move the cursor to the left edge and
	clear out the line, allowing the fake code to take the place of the real code.
	And this explanation uses similar commands to wipe itself out too. */
	//[2K[2D[A[2K[A[2K[A[2K[A
	#include <cstdio>
	#!/bin/bash
	#
	# This is a Bash script to update a Netlify subdomain A record with the current external IP.
	#
	# Repo: https://github.com/skylerwlewis/netlify-ddns
	# Gist: https://gist.github.com/skylerwlewis/ba052db5fe26424255674931d43fc030
	#
	# Usage:
	# netlify-ddns.sh <ACCESS_TOKEN> <DOMAIN> <SUBDOMAIN> <TTL> [<CACHED_IP_FILE>]
	#