Skip to content

Instantly share code, notes, and snippets.

View erkolson's full-sized avatar

Erik erkolson

10 followers · 10 following
  • Google
  • Atlanta
View GitHub Profile
@bgeesaman
bgeesaman / CVE-2019-11253-poc.sh
Last active December 29, 2022 14:25
CVE-2019-11253 Kubernetes API Server YAML Parsing Remote Denial of Service PoC aka "Billion Laughs"
#!/usr/bin/env bash
# CVE-2019-11253
# https://github.com/kubernetes/kubernetes/issues/83253
# Shout out: @raesene for poc collab, @iancoldwater + @mauilion for
# HONKing inspiration and other guidance.
# Description: In Kubernetes 1.13 and below, the default configuration
# is that system:anonymous can request a selfsubjectaccessreview
# via mechanisms such as "kubectl auth can-i". This request can
# include POSTed YAML, and just the act of trying to parse it causes
@lounagen
lounagen / readme.md
Last active April 12, 2023 00:43 — forked from thomasdarimont/readme.md
Example for decoding a JWT Payload with your Shell (bash, zsh...)

Setup

Add this to your .profile, .bashrc, .zshrc...

BASE64_DECODER_PARAM="-d" # option -d for Linux base64 tool
echo AAAA | base64 -d > /dev/null 2>&1 || BASE64_DECODER_PARAM="-D" # option -D on MacOS

decode_base64_url() {
  local len=$((${#1} % 4))
  local result="$1"
 if [ $len -eq 2 ]; then result="$1"'=='
@pydevops
pydevops / gke-ingress-manged-tls.md
Last active August 10, 2023 09:20
Create a GCP managed TLS certificate for the GKE ingress

GKE ingress in a nutshell

Solution #1 (ManagedCertificate CRD in GKE)

  • GKE with Google-managed SSL certificates
    • Use ManagedCertificate CRD to create a object.
    • Associate the ManagedCertificate object to an Ingress by adding an annotation networking.gke.io/managed-certificates to the Ingress. This annotation is a comma-separated list of ManagedCertificate resources, cert1,cert2,cert3 for example.

Solution #2 (Google Cloud SSL Certificate)

Assumption

@rothgar
rothgar / wtf.sh
Created November 29, 2017 05:19
Linux server debugging in 60 seconds
#!/bin/bash
# Taken from https://medium.com/netflix-techblog/linux-performance-analysis-in-60-000-milliseconds-accc10403c55
# initialize array
COMMANDS=('uptime')
# add systemctl command if it's installed
command -v systemctl >/dev/null && COMMANDS+=('systemctl list-units --state=failed')
# add more commands
COMMANDS+=('dmesg | tail'
'vmstat 1'
@isaacs
isaacs / Makefile
Last active March 8, 2024 13:29
# Hello, and welcome to makefile basics.
#
# You will learn why `make` is so great, and why, despite its "weird" syntax,
# it is actually a highly expressive, efficient, and powerful way to build
# programs.
#
# Once you're done here, go to
# http://www.gnu.org/software/make/manual/make.html
# to learn SOOOO much more.
@jmoz
jmoz / ls_colors
Created January 18, 2010 13:18
ls_colors file to change colour of ls
# di=5;34;43 Setting the LS_COLORS di parameter to the above example will make directories appear in flashing blue text with an orange background
#0 = Default Colour
#1 = Bold
#4 = Underlined
#5 = Flashing Text
#7 = Reverse Field
#31 = Red
#32 = Green
#33 = Orange
#34 = Blue