Skip to content

Instantly share code, notes, and snippets.

View dclark's full-sized avatar

Darren Clark dclark

48 followers · 129 following
  • UK, London
View GitHub Profile
@dclark
dclark / aws-cloud-shell-get-aws-credentials.sh
Created August 25, 2023 11:37
AWS CloudShell get credentials
#!/usr/bin/env bash
# Retrieve AWS credentials from AWS CloudShell
# shellcheck disable=SC2001
HOST=$(echo "$AWS_CONTAINER_CREDENTIALS_FULL_URI" | sed 's|/latest.*||')
TOKEN=$(curl -s -X PUT "$HOST"/latest/api/token -H "X-aws-ec2-metadata-token-ttl-seconds: 60")
OUTPUT=$(curl -s "$HOST/latest/meta-data/container/security-credentials" -H "X-aws-ec2-metadata-token: $TOKEN")
echo "export AWS_ACCESS_KEY_ID=$(echo "$OUTPUT" | jq -r '.AccessKeyId')"
echo "export AWS_SECRET_ACCESS_KEY=$(echo "$OUTPUT" | jq -r '.SecretAccessKey')"
@statik
statik / waf.ts
Last active June 12, 2024 13:21
WAF with CDK examples
import * as cdk from "@aws-cdk/core";
import * as wafv2 from "@aws-cdk/aws-wafv2";
// This extends the base cdk stack properties to include a tag name input.
export interface StackProps extends cdk.StackProps {
tag: string;
applicationName?: string;
}
export class WAFStack extends cdk.Stack {
@ethack
ethack / TypeClipboard.md
Last active July 19, 2024 11:46
Scripts that simulate typing the clipboard contents. Useful when pasting is not allowed.

It "types" the contents of the clipboard.

Why can't you just paste the contents you ask? Sometimes pasting just doesn't work.

  • One example is in system password fields on OSX.
  • Sometimes you're working in a VM and the clipboard isn't shared.
  • Other times you're working via Remote Desktop and again, the clipboard doesn't work in password boxes such as the system login prompts.
  • Connected via RDP and clipboard sharing is disabled and so is mounting of local drives. If the system doesn't have internet access there's no easy way to get things like payloads or Powershell scripts onto it... until now.

Windows

The Windows version is written in AutoHotKey and easily compiles to an executable. It's a single line script that maps Ctrl-Shift-V to type the clipboard.

@dclark
dclark / nginx-ssl.conf
Created February 29, 2016 20:26
Configuration to get an A+ on the Qualys SSL Labs test with fast performing and low overhead SSL ciphers. Works in combination with nginx 1.6.0 full and OpenSSL v1.0.1i.
# I've used the configuration below for all my nginx instances and gotten an A+ on the Qualys SSL Test
# (https://www.ssllabs.com/ssltest/index.html). It satisfies requirements for PCI Compliance and
# FIPS. Includes OCSP Stapling (http://en.wikipedia.org/wiki/OCSP_stapling) and HTTP Strict Transport
# Security (http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security).
# - Not vulnerable to the Heartbleed attack.
# - Not vulnerable to the OpenSSL CCS vulnerability (CVE-2014-0224) with OpenSSL v1.0.1i 6 Aug 2014 & Nginx 1.6.0
# - SSL Handshake takes <80ms on most modern server hardware
# Use within the "server" scope among other directives