Skip to content

Instantly share code, notes, and snippets.

View epcim's full-sized avatar

Petr Michalec epcim

View GitHub Profile
@epcim
epcim / action_gnutls_scripted.md
Last active November 17, 2023 01:41
gnutls certtool ssl tls openssl
View action_gnutls_scripted.md

CA - based on gnutls-bin


this directory holds CA key + wildcard certificates created for new infrastructure the CA key/cert is "ca-cert.pem/key"

TODO:

  • create scripts to re-generate client certificates based on NEW CA
  • develop procedure to generate client/server certs from template (partialy done)
  • develop procedure to generate clr files + revocate certificate + distribute them on public places
@epcim
epcim / update-ca-certificates.md
Last active October 1, 2023 12:11
trusted certificates system update-ca-certificates
View update-ca-certificates.md

Adding trusted root certificates to the server

Mac OS X

sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ~/new-root-certificate.crt
sudo security delete-certificate -c "<name of existing certificate>"

Windows

certutil -addstore -f "ROOT" new-root-certificate.crt

@epcim
epcim / kubernetes_pods_docker_disk_usage.md
Last active September 7, 2023 01:47
docker disk space introspection kubernetes docker overlay
View kubernetes_pods_docker_disk_usage.md

identify big pods/containers

investigage big files

DST=/mnt
find /var/lib -type f -size +1G -exec ls -lh {} \; | tee  $DST/bigfiles_var_lib_$(date "+%H%M").log
find /var/lib -type f -size +1G -exec ls -lh {} \; | awk '{ print $5 ": " $9 }' | sort -rh > $DST/bigfiles_var_lib_$(date "+%H%M").sorted.log

misbehave processes

@epcim
epcim / wifi-hacking.howto.sh
Last active August 19, 2023 16:34
wifi-hacking.howto.sh
View wifi-hacking.howto.sh
##-- repeatedly find hosts --
IP_RANGE=172.25.25.0-254
HOST_LIST=HostList
HOST_LIST_NEW=.tmp_hln
TMP_NEWIP=.tmp_newip
touch $HOST_LIST
nmap -sL -e eth0 -PI -PT -T2 -PS $IP_RANGE | grep -B1 MAC | grep -v "\-\-" | sed -e 's/not scanned//' > $HOST_LIST_NEW
for i in `grep Host $HOST_LIST_NEW| awk '{print $2}'`; do [ `grep $i $HOST_LIST | wc -l` -eq 0 ] && echo $i; done > $TMP_NEWIP
for i in `cat $TMP_NEWIP`; do grep -A1 $i $HOST_LIST_NEW; done >> $HOST_LIST
@epcim
epcim / reencrypt.sh
Created April 28, 2023 11:30 — forked from sometimesfood/reencrypt.sh
Small script that re-encrypts GPG-encrypted files with a new key
View reencrypt.sh
#!/bin/bash
checkusage() {
[[ $# -lt 2 ]] && err_exit 'Usage: reencrypt.sh KEY_ID FILE...'
}
err() { echo -e "$@" >&2; }
err_exit() {
err "$@"
@epcim
epcim / ipxe_with_dhcp.txt
Created April 13, 2023 08:33 — forked from tuxfight3r/ipxe_with_dhcp.txt
ipxe kickstart over http - dhcp and static configuration
View ipxe_with_dhcp.txt
#clone the repo
git clone http://git.ipxe.org/ipxe.git
cd ipxe/src
cat >ubuntu-amd64-installer.ipxe <<EOF
#!ipxe
dhcp
echo Starting Ubuntu x64 installer for ${hostname}
set base-url http://archive.ubuntu.com/ubuntu/dists/trusty/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64
kernel ${base-url}/linux
@epcim
epcim / Makefile-vars.md
Created March 30, 2023 11:08
makefile vars from env
View Makefile-vars.md

scenarios: TMPDIR=new/path make and make TMPDIR=new/path

SHELL  := env TMPDIR=$(TMPDIR) $(SHELL)
TMPDIR ?= "/tmp"

all:
  @echo $(TMPDIR)
@epcim
epcim / emoticons-ascii.howto.md
Last active March 22, 2023 19:57
emoticons-ascii.howto.md
View emoticons-ascii.howto.md

Fucking work, nothing works as expected.

   ┓┏┓┏┓┃ 
   ┛┗┛┗┛┃\○/ 
   ┓┏┓┏┓┃ / Jdu se zabit
   ┛┗┛┗┛┃ノ) 
   ┓┏┓┏┓┃ 
   ┛┗┛┗┛┃ 
 ┓┏┓┏┓┃ 
@epcim
epcim / pass-getting-started.md
Created March 17, 2023 13:39 — forked from layoaster/pass-getting-started.md
Cheat sheet/ getting-started guide to pass
View pass-getting-started.md

pass cheat sheet/guide

Getting started guide to the unix password manager pass. Manage gpg encripted passwords (files) in a standar directory-like hierarchy. Such files can be copied or stored in a git repository.

Requirements

  1. Install [pass][pass-homepage] (standard unix password manager):

Ubuntu/Debian:

$ sudo apt-get install pass
View gist:224bd5507719b9bd253f1a43a7ff7488
tar cvJ /etc/vpm/ | age -r $(curl -qsSL https://f.apealive.net/pub/$USER.age.pub) | croc send
Receiving side
# cat croc-stdin-2310548854 | age -d -i <(pass show age-$USER-public) | tar xvJ