Skip to content

Instantly share code, notes, and snippets.

View dergachev's full-sized avatar

Alex Dergachev dergachev

139 followers · 129 following
View GitHub Profile
@dergachev
dergachev / GIF-Screencast-OSX.md
Last active May 2, 2024 05:55
OS X Screencast to animated GIF

OS X Screencast to animated GIF

This gist shows how to create a GIF screencast using only free OS X tools: QuickTime, ffmpeg, and gifsicle.

Screencapture GIF

Instructions

To capture the video (filesize: 19MB), using the free "QuickTime Player" application:

@dergachev
dergachev / upgrade-git-precise64.sh
Created July 3, 2013 14:28
Installs git 1.7.10 on Ubuntu 12.04 (Precise) using packages from the upcoming 12.10 (Quantal) release. Should work for i386 and amd64.
#
# Installs git 1.7.10 on Ubuntu 12.04 (Precise) using packages from
# the upcoming 12.10 (Quantal) release. Should work for i386 and amd64.
#
# Adapted from http://pastebin.com/TXeMw1CY
#
HOST_ARCH=`dpkg-architecture -qDEB_HOST_ARCH_CPU`
wget http://mirrors.us.kernel.org/ubuntu/pool/main/g/git/git_1.7.10.4-1ubuntu1_${HOST_ARCH}.deb \
@dergachev
dergachev / simple-https-server.py
Created October 17, 2013 17:07
# taken from http://www.piware.de/2011/01/creating-an-https-server-in-python/
# generate server.xml with the following command:
# openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes
# run as follows:
# python simple-https-server.py
# then in your browser, visit:
# https://localhost:4443
import BaseHTTPServer, SimpleHTTPServer
import ssl
@dergachev
dergachev / enlarge-proxmox-root-partition.sh
Last active April 12, 2024 09:30
# Copied from http://ttaportal.org/wp-content/uploads/2012/10/7-Reallocation-using-LVM.pdf
##
## Showing the problem: need to reallocate 32GB from /dev/mapper/pve-data to /dev/mapper/pve-root
##
df -h
# Filesystem Size Used Avail Use% Mounted on
# /dev/mapper/pve-root 37G 37G 0 100% /
# tmpfs 2.0G 0 2.0G 0% /lib/init/rw
@dergachev
dergachev / setuid-root-backdoor.md
Last active March 16, 2024 00:49
How to use setuid to install a root backdoor.

Why You Can't Un-Root a Compromised Machine

Let's say somebody temporarily got root access to your system, whether because you "temporarily" gave them sudo rights, they guessed your password, or any other way. Even if you can disable their original method of accessing root, there's an infinite number of dirty tricks they can use to easily get it back in the future.

While the obvious tricks are easy to spot, like adding an entry to /root/.ssh/authorized_keys, or creating a new user, potentially via running malware, or via a cron job. I recently came across a rather subtle one that doesn't require changing any code, but instead exploits a standard feature of Linux user permissions system called setuid to subtly allow them to execute a root shell from any user account from the system (including www-data, which you might not even know if compromised).

If the "setuid bit" (or flag, or permission mode) is set for executable, the operating system will run not as the cur

@dergachev
dergachev / ssh-forward-clipboard.md
Last active March 12, 2024 00:00
Forward your clipboard via SSH reverse tunnels

Exposing your clipboard over SSH

I frequently administer remote servers over SSH, and need to copy data to my clipboard. If the text I want to copy all fits on one screen, then I simply select it with my mouse and press CMD-C, which asks relies on m y terminal emulator (xterm2) to throw it to the clipboard.

This isn't practical for larger texts, like when I want to copy the whole contents of a file.

If I had been editing large-file.txt locally, I could easily copy its contents by using the pbcopy command:

@dergachev
dergachev / README.md
Created October 10, 2012 16:49
Vagrant tutorial

Vagrant Setup

This tutorial guides you through creating your first Vagrant project.

We start with a generic Ubuntu VM, and use the Chef provisioning tool to:

  • install packages for vim, git
  • create user accounts, as specified in included JSON config files
  • install specified user dotfiles (.bashrc, .vimrc, etc) from a git repository

Afterwards, we'll see how easy it is to package our newly provisioned VM

@dergachev
dergachev / README.md
Last active December 17, 2023 22:07 — forked from anonymous/bookmarklet.js
rule-of-thirds bookmarklet

rule-of-thirds bookmarklet that overlays a rule-of-thirds style grid over all images on a page.

To get the bookmarklet, visit http://bl.ocks.org/4331769

Bookmarklet Development Notes

Do the following to be able to use the "RuleOfThirds-localhost" development version of the bookmarklet:

@dergachev
dergachev / background.js
Created May 17, 2013 23:14
omnibox-chrome-extension-demo with bookmarklet support; see https://github.com/dergachev/chrome-bookmark-search/issues/1
// This event is fired each time the user updates the text in the omnibox,
// as long as the extension's keyword mode is still active.
chrome.omnibox.onInputChanged.addListener(
function(text, suggest) {
console.log('inputChanged: ' + text);
suggest([
{content: text + " one", description: "the first one"},
{content: text + " number two", description: "the second entry"}
]);
});
@dergachev
dergachev / ubuntu-eol.md
Last active December 7, 2023 22:26
What to do when your ubuntu distro is End-of-Life

Let's say you're using Ubuntu 13.04 (Raring Ringtail, released in April 2013) and it just went End-of-Life on you, because it's supported for only 6 months, and the deprecated packages are taken down after 12 months.

You'll probably figure this out the hard way. When you run sudo apt-get update, it will eventually report these errors:

Ign http://archive.ubuntu.com raring-updates/universe Sources/DiffIndex
Err http://security.ubuntu.com raring-security/main Sources
  404  Not Found [IP: 91.189.91.15 80]
Err http://security.ubuntu.com raring-security/universe Sources
  404  Not Found [IP: 91.189.91.15 80]