Skip to content

Instantly share code, notes, and snippets.

View dfwarden's full-sized avatar

David Warden dfwarden

11 followers · 17 following
View GitHub Profile
@carolynvs
carolynvs / .gitconfig
Last active October 19, 2022 14:44
git wip - Show what branches you have been working on lately
[alias]
wip = for-each-ref --sort='authordate:iso8601' --format=' %(color:green)%(authordate:relative)%09%(color:white)%(refname:short)' refs/heads
@lizthegrey
lizthegrey / attributes.rb
Last active February 24, 2024 14:11
Hardening SSH with 2fa
default['sshd']['sshd_config']['AuthenticationMethods'] = 'publickey,keyboard-interactive:pam'
default['sshd']['sshd_config']['ChallengeResponseAuthentication'] = 'yes'
default['sshd']['sshd_config']['PasswordAuthentication'] = 'no'
@dylanmckay
dylanmckay / facebook-contact-info-summary.rb
Last active March 12, 2024 22:46
A Ruby script for collecting phone record statistics from a Facebook user data dump
#! /usr/bin/env ruby
# NOTE: Requires Ruby 2.1 or greater.
# This script can be used to parse and dump the information from
# the 'html/contact_info.htm' file in a Facebook user data ZIP download.
#
# It prints all cell phone call + SMS message + MMS records, plus a summary of each.
#
# It also dumps all of the records into CSV files inside a 'CSV' folder, that is created
@dumbledore
dumbledore / mount-bitlocker
Created February 20, 2018 21:05
Mount/umount wrapper for dislocker on MacOS
#!/bin/bash
BITLOCKER_PARTITION="${1}"
BITLOCKER_PASSWORD="${2}"
function usage() {
echo "$(basename ${0}) <partition> <password>"
echo "Unlocks and mounts a bitlocker partition as read-only"
}
if [ -z "${BITLOCKER_PARTITION}" ]
@SciresM
SciresM / public_keys.md
Last active April 19, 2024 07:41

Nintendo Switch RSA-PKCS#1 Public Key Recovery

This is a short writeup of a fun (but ultimately pretty useless) attack I implemented on the Nintendo Switch a few months ago resulting in the recovery of some otherwise unobtainable RSA public keys. Since public keys aren't private keys, this is pretty useless, apart from letting us validate some signatures on PC. Even so, the attack is a pretty cool one, so I thought I'd write it up.

Every Switch gamecart has a unique certificate (called its "CERT"), storing an RSA signature followed by some kind of unknown but unique encrypted data. I was trying to reverse how these certificates work, and the obvious first step was to try to see how they were validated. However, when I tried looking through the FileSystem (FS) module, which should be responsible for validating these certificates, I found no references to the format at all. The "CERT" magic number was nowhere to be seen, and I couldn't find an RSA modulus that validated the signatures I had. This was in

@jessfraz
jessfraz / boxstarter.ps1
Last active July 7, 2024 22:46
Boxstarter Commands for a new Windows box.
# Description: Boxstarter Script
# Author: Jess Frazelle <jess@linux.com>
# Last Updated: 2017-09-11
#
# Install boxstarter:
# . { iwr -useb http://boxstarter.org/bootstrapper.ps1 } | iex; get-boxstarter -Force
#
# You might need to set: Set-ExecutionPolicy RemoteSigned
#
# Run this boxstarter by calling the following from an **elevated** command-prompt:
@gboudreau
gboudreau / AuthyToOtherAuthenticator.md
Last active July 19, 2024 16:50 — forked from Ingramz/AuthyToOtherAuthenticator.md
Export TOTP tokens from Authy
@pmoranga
pmoranga / puppet-firewall-docker.pp
Created February 8, 2016 23:55
Make puppetlabs-firewall works with docker smoothly
class my_fw::pre {
# Disable due to selective purges of firewallchain
# resources { "firewall":
# purge => true
# }
# Avoid removing Docker rules:
firewallchain { 'FORWARD:filter:IPv4':
purge => true,
@jewelia
jewelia / gist:0b8f26e91f2818bef460
Last active August 29, 2015 14:15
3 Great Engineering Management Talks from 2014

General key themes:

  • Hiring is really hard. You’re not just hiring a “Rails Engineer” or a “Python Programmer” you’re hiring someone who can help you change the world. Tell them why! Talk about the hard problems you’re solving. 2/3 of these talks give ideas and insight into hiring from sourcing to actual interview processes.

  • Rewriting systems is hard. People think they are going to replace their broken down horse and buggie with a bullet train and this often ends up in disaster. Successful rewrites require an incremental approach that takes months/years and often runs way over schedule. 2/3 of these talks go over how to handle rewrites not only from a high level technical perspective but a cultural/management perspective as well.

Two Developers, Many Lines of Code, and A Campaign that Made History

Harper Reed (CTO of Obama for America, now CEO of Modest) and Dylan Richard (Director of Eng of Obama for America, now CTO of Modest)

@isaacs
isaacs / Makefile
Last active July 17, 2024 19:33
# Hello, and welcome to makefile basics.
#
# You will learn why `make` is so great, and why, despite its "weird" syntax,
# it is actually a highly expressive, efficient, and powerful way to build
# programs.
#
# Once you're done here, go to
# http://www.gnu.org/software/make/manual/make.html
# to learn SOOOO much more.