Caleb Stewart calebstewart

## decode-mime.py
from email import message_from_file
import sys

def dump_content(message) -> bytes:

  if message.is_multipart():
    return b"\n".join([dump_content(m) for m in message.get_payload()])
  else:
    return message.get_payload(decode=True)

## sigma.schema.json
{
    "$schema": "https://json-schema.org/draft/2019-09/schema",
    "$id": "http://example.com/example.json",
    "type": "object",
    "title": "Sigma Rule",
    "required": [
        "title",
        "logsource",
        "detection",
        "id",

## cdp.log
[2022-Oct-30 21:20:43],[ INFO],[NO-CONNECTION],[AUTH],[192.168.122.95:43196],Matched public key file 'C:\Program Files\Server Backup Agent\conf\server.allow\sbm-server'
[2022-Oct-30 21:20:43],[ INFO],[192.168.122.95:43196],Agent Version 6.6.0.3360
[2022-Oct-30 21:20:43],[ INFO],[192.168.122.95:43196],Connection authenticated; Waiting for command.
[2022-Oct-30 21:20:43],[ INFO],[192.168.122.95:43196],Command completed; Waiting for next command.
[2022-Oct-30 21:20:43],[ INFO],[192.168.122.95:43196],Command completed; Waiting for next command.
[2022-Oct-30 21:20:52],[ INFO],[192.168.122.95:43196],Command completed; Waiting for next command.
[2022-Oct-30 21:20:52],[ INFO],[192.168.122.95:43196],Received request finished!
[2022-Oct-30 21:20:52],[ INFO],[NO-CONNECTION],Running request cleanup.

## server.log
 2022-10-30 22:00:59,976 INFO  [] - <UI> Host: 192.168.122.1; Imported CDPServer [Id:8beb2446-bdfe-41e5-8ce9-7ecbef7c1cc9] The MySQL database driver was uploaded successfully
 2022-10-30 22:01:01,175 ERROR [] - An exception was caught by the default error page.
  java.lang.IllegalStateException: Entity manager Factory is null
 2022-10-30 22:01:20,345 INFO  [] - AGENT(192.168.122.114): Agent Version 6.6.0.3360
 2022-10-30 22:01:20,376 INFO  [] - AGENT(192.168.122.114): Connection authenticated; Waiting for command.
 2022-10-30 22:01:20,439 INFO  [] - AGENT(192.168.122.114): Command completed; Waiting for next command.
 2022-10-30 22:01:22,017 INFO  [] - AGENT(192.168.122.114): Command completed; Waiting for next command.
 2022-10-30 22:01:35,498 INFO  [] - AGENT(192.168.122.232): Agent Version 6.6.0.3360
 2022-10-30 22:01:35,529 INFO  [] - AGENT(192.168.122.232): Connection authenticated; Waiting for command.
 2022-10-30 22:01:35,576 INFO  [] - AGENT(192.168.122.232): Command completed; Waiting for next comman

## README.md

      
              3 files
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                calebstewart
                / README.md
            
            
              Created
              August 30, 2022 18:25
            
              
                Terraform External Python Script Framework
              
          
    Terraform External Python Script

The below example script handles most of the annoying parts of implementing
the protocol between Python and Terraform when using the external resource
type. In order to prevent required dependencies, this script only uses
built-in Python modules for argument parsing and result serialization. It
will current do the following:

Automatically parse and validate input arguments based on defined dataclass
as defined by the Terraform protocol specification.
Automatically serialize output results based on defined dataclass


## archive.py
import fnmatch
import json
import pathlib
import shutil
import sys
import zipfile
from datetime import datetime, timedelta
from typing import List


## Dockerfile
FROM ubuntu:latest

ENV DEBIAN_FRONTEND=noninteractive
RUN apt -q update && \
    apt -q -y install libpolkit-gobject-1-0=0.105-26ubuntu1 libpolkit-agent-1-0=0.105-26ubuntu1 policykit-1=0.105-26ubuntu1 curl ncat build-essential

RUN useradd -m -s /bin/bash low

WORKDIR /opt/

## shell.ps1
function Start-Thread
{
    param(
        $ScriptBlock,
        [System.Collections.ArrayList]$ArgumentList = @()
    )

    $Runspace = [RunspaceFactory]::CreateRunspace()
    $PowerShell = [PowerShell]::Create()
    $PowerShell.Runspace = $Runspace

## ghidra-9.0.desktop
[Desktop Entry]
Categories=Application;Development;
Comment[en_US]=Ghidra Software Reverse Engineering Suite
Comment=Ghidra Software Reverse Engineering Suite
Exec=/opt/ghidra/ghidraRun
GenericName[en_US]=Ghidra Software Reverse Engineering Suite
GenericName=Ghidra Software Reverse Engineering Suite
Icon=/opt/ghidra/support/ghidra.ico
MimeType=
Name[en_US]=Ghidra 9.0
	from email import message_from_file
	import sys

	def dump_content(message) -> bytes:

	if message.is_multipart():
	return b"\n".join([dump_content(m) for m in message.get_payload()])
	else:
	return message.get_payload(decode=True)
	{
	"$schema": "https://json-schema.org/draft/2019-09/schema",
	"$id": "http://example.com/example.json",
	"type": "object",
	"title": "Sigma Rule",
	"required": [
	"title",
	"logsource",
	"detection",
	"id",
	[2022-Oct-30 21:20:43],[ INFO],[NO-CONNECTION],[AUTH],[192.168.122.95:43196],Matched public key file 'C:\Program Files\Server Backup Agent\conf\server.allow\sbm-server'
	[2022-Oct-30 21:20:43],[ INFO],[192.168.122.95:43196],Agent Version 6.6.0.3360
	[2022-Oct-30 21:20:43],[ INFO],[192.168.122.95:43196],Connection authenticated; Waiting for command.
	[2022-Oct-30 21:20:43],[ INFO],[192.168.122.95:43196],Command completed; Waiting for next command.
	[2022-Oct-30 21:20:43],[ INFO],[192.168.122.95:43196],Command completed; Waiting for next command.
	[2022-Oct-30 21:20:52],[ INFO],[192.168.122.95:43196],Command completed; Waiting for next command.
	[2022-Oct-30 21:20:52],[ INFO],[192.168.122.95:43196],Received request finished!
	[2022-Oct-30 21:20:52],[ INFO],[NO-CONNECTION],Running request cleanup.
	2022-10-30 22:00:59,976 INFO [] - <UI> Host: 192.168.122.1; Imported CDPServer [Id:8beb2446-bdfe-41e5-8ce9-7ecbef7c1cc9] The MySQL database driver was uploaded successfully
	2022-10-30 22:01:01,175 ERROR [] - An exception was caught by the default error page.
	java.lang.IllegalStateException: Entity manager Factory is null
	2022-10-30 22:01:20,345 INFO [] - AGENT(192.168.122.114): Agent Version 6.6.0.3360
	2022-10-30 22:01:20,376 INFO [] - AGENT(192.168.122.114): Connection authenticated; Waiting for command.
	2022-10-30 22:01:20,439 INFO [] - AGENT(192.168.122.114): Command completed; Waiting for next command.
	2022-10-30 22:01:22,017 INFO [] - AGENT(192.168.122.114): Command completed; Waiting for next command.
	2022-10-30 22:01:35,498 INFO [] - AGENT(192.168.122.232): Agent Version 6.6.0.3360
	2022-10-30 22:01:35,529 INFO [] - AGENT(192.168.122.232): Connection authenticated; Waiting for command.
	2022-10-30 22:01:35,576 INFO [] - AGENT(192.168.122.232): Command completed; Waiting for next comman
	import fnmatch
	import json
	import pathlib
	import shutil
	import sys
	import zipfile
	from datetime import datetime, timedelta
	from typing import List
	FROM ubuntu:latest

	ENV DEBIAN_FRONTEND=noninteractive
	RUN apt -q update && \
	apt -q -y install libpolkit-gobject-1-0=0.105-26ubuntu1 libpolkit-agent-1-0=0.105-26ubuntu1 policykit-1=0.105-26ubuntu1 curl ncat build-essential

	RUN useradd -m -s /bin/bash low

	WORKDIR /opt/
	function Start-Thread
	{
	param(
	$ScriptBlock,
	[System.Collections.ArrayList]$ArgumentList = @()
	)

	$Runspace = [RunspaceFactory]::CreateRunspace()
	$PowerShell = [PowerShell]::Create()
	$PowerShell.Runspace = $Runspace
	[Desktop Entry]
	Categories=Application;Development;
	Comment[en_US]=Ghidra Software Reverse Engineering Suite
	Comment=Ghidra Software Reverse Engineering Suite
	Exec=/opt/ghidra/ghidraRun
	GenericName[en_US]=Ghidra Software Reverse Engineering Suite
	GenericName=Ghidra Software Reverse Engineering Suite
	Icon=/opt/ghidra/support/ghidra.ico
	MimeType=
	Name[en_US]=Ghidra 9.0