Jason Kendall coolacid
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| for file in $(grep eval\(base64_decode -lir www); do | |
| sed -i 's/eval(base64_decode(.*));//' $file; | |
| done; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| In my experience revealing what you really know about | |
| systems security is a guaranteed way to lose the job | |
| interview if you have any clue at all. The only way to | |
| help an organization get real operations security is to | |
| worm your way in under false pretenses and then gradually | |
| migrate them to a secure position. An MCSE cert helps here, | |
| as it drives away suspicion that you might actually know | |
| what you're doing. | |
| -- symbolset |
coolacid
/ gist:8328283
Created
January 9, 2014 02:13
Enable SNMP traps for mac adds/deletes on cisco switch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| config t | |
| interface range GigabitEthernet 0/2-48 | |
| snmp trap mac-notification added | |
| snmp trap mac-notification removed | |
| exit |
coolacid
/ gist:9279270
Last active
August 29, 2015 13:56
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Create a temp timestamp field from the dates field | |
| mutate { | |
| add_field => [ "tmpts", "${dates}" ] | |
| } | |
| # Add the heure field to create an array of both fields | |
| mutate { | |
| merge => ["tmpts", "heure"] | |
| } |
coolacid
/ gist:9414066
Created
March 7, 2014 15:52
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Keybase proof | |
| I hereby claim: | |
| * I am coolacid on github. | |
| * I am coolacid (https://keybase.io/coolacid) on keybase. | |
| * I have a public key whose fingerprint is D6A0 7736 D260 804B 9289 254B 7B72 7179 9E47 83CB | |
| To claim this, I am signing this object: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| BTC: 1G2bhiJxsuNzJzyCERPQssh1KEChTXgNY2 | |
| LTC: LaxvCQayvnL8mqJXVxqcZCtHo2HsLHMTxh | |
| Doge: DHu7qGvaVw4jqYkpdHJj4KQF81RFxdvMN3 | |
| Gratipay: https://gratipay.com/coolacid/ | |
| Streamtip: https://streamtip.com/t/coolacid |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| # Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org) | |
| # The author disclaims copyright to this source code. | |
| import sys | |
| import struct | |
| import socket | |
| import time | |
| import select |
coolacid
/ gist:67d73cc562c41780b757
Created
May 15, 2014 20:32
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| date { | |
| # May 08 10:18:18 | |
| match => ["timestamp", "MMM dd HH:mm:ss"] | |
| # We don't have a timezone on the log, so we can define it. | |
| timezone => "America/Toronto" | |
| target => "timestamp" | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Config file here: https://github.com/coolacid/GettingStartedWithELK/blob/master/Other/KV/KV_Stomping.conf | |
| 10,000 of each generator type | |
| Command: time bin/logstash -f KV_Stomping.conf > /dev/null | |
| With Conditionals | |
| real 0m21.677s | |
| user 0m44.223s | |
| sys 0m1.781s |
coolacid
/ gist:696943e850316202b39e
Created
June 26, 2014 17:42
Find vulnerable wordpress timthumb files.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| find . -name '*timthumb.php' -o -name '*img.php' | xargs grep -i "WEBSHOT_ENABLED" | grep -i true | grep -vi error |
OlderNewer