Skip to content

Instantly share code, notes, and snippets.

View dlipovetsky's full-sized avatar

Daniel Lipovetsky dlipovetsky

18 followers · 1 following
View GitHub Profile
@dlipovetsky
dlipovetsky / dos-report-not-accepted.md
Last active December 15, 2021 05:36
Report -- NOT ACCEPTED -- on potential Denial of Service to the Kubernetes Security Team.

Notes:

  • The report was not accepted. I intend to file a public issue, but haven't yet.
  • Kubernetes asks for reports to be submitted through https://hackerone.com. That's where I submitted the report. This is an export of the report

Title: Concurrent list requests of many, large Kubernetes resources cause etcd members to exhaust almost all available memory Scope: https://github.com/kubernetes/kubernetes Weakness: Denial of Service Severity: Medium (6.5) Link: /reports/1058775 Date: 2020-12-14 21:20:50 +0000

@dlipovetsky
dlipovetsky / visual_select_window.py
Created November 27, 2021 07:05
from typing import List, Optional
from kitty.boss import Boss
from kitty.tabs import Tab
from kitty.window import Window
from kittens.tui.handler import result_handler
import json
def main(args):
pass
@dlipovetsky
dlipovetsky / README.md
Created February 14, 2019 19:48 — forked from detiber/README.md
Using CFSSL as an external CA for kubeadm

CFSSL as an external CA for non-ha kubeadm intialized clusters

Using cfssl to Create an External CA Infrastructure

Install cfssl

# This requires an existing Go environment with GOPATH set
go get -u github.com/cloudflare/cfssl/cmd/...
@dlipovetsky
dlipovetsky / timeafterleak_test.go
Last active July 30, 2018 19:12
Example of goroutine leak when using time.After with an unbuffered channel
package timeafterleak_test
import (
"log"
"testing"
"time"
"github.com/fortytw2/leaktest"
)
@dlipovetsky
dlipovetsky / ips_in_cidr.go
Last active July 9, 2018 06:18
Go - Given an IPv4 CIDR, iterate over all IPs
package main
import (
"log"
"net"
"github.com/apparentlymart/go-cidr/cidr"
)
func main() {
_, ipNet, err := net.ParseCIDR("192.168.0.0/24")
@dlipovetsky
dlipovetsky / k8s-release-urls.sh
Last active October 20, 2016 01:56 — forked from wellsie/k8s-release-urls.sh
URLs for kubernetes release artifacts
$ gsutil ls -R gs://kubernetes-release/release/v1.4.1 | sed 's|gs://kubernetes-release|https://storage.googleapis.com/kubernetes-release|; /^.*:$/d; /^$/d'
https://storage.googleapis.com/kubernetes-release/release/v1.4.1/kubernetes-client-darwin-386.tar.gz
https://storage.googleapis.com/kubernetes-release/release/v1.4.1/kubernetes-client-darwin-386.tar.gz.md5
https://storage.googleapis.com/kubernetes-release/release/v1.4.1/kubernetes-client-darwin-386.tar.gz.sha1
https://storage.googleapis.com/kubernetes-release/release/v1.4.1/kubernetes-client-darwin-amd64.tar.gz
https://storage.googleapis.com/kubernetes-release/release/v1.4.1/kubernetes-client-darwin-amd64.tar.gz.md5
https://storage.googleapis.com/kubernetes-release/release/v1.4.1/kubernetes-client-darwin-amd64.tar.gz.sha1
https://storage.googleapis.com/kubernetes-release/release/v1.4.1/kubernetes-client-linux-386.tar.gz
https://storage.googleapis.com/kubernetes-release/release/v1.4.1/kubernetes-client-linux-386.tar.gz.md5
https://storage.googleapis.com/kub
@dlipovetsky
dlipovetsky / meraki_strongswan_notes.md
Created August 17, 2016 22:55 — forked from psanford/meraki_strongswan_notes.md
connect to meraki client vpn from strongswan (ubuntu 16.04 edition)

These are my notes for connecting to a meraki client vpn from ubuntu 16.04. This configuration assumes you are using a psk for the ipsec auth.

Install the following packages:

apt-get install -y strongswan xl2tpd

Configure strong swan

@dlipovetsky
dlipovetsky / cookie-exceptions-merge.sh
Created May 28, 2014 23:34
Given source and target Firefox profiles, merge the cookie exceptions (whitelist) of the source into the target