Etienne etiennetremel

## README.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                etiennetremel
                / README.md
            
            
              Last active
              April 24, 2023 20:23
            
              
                Yggdrasil connect 2 nodes and expose server
              
          
    Yggdrasil

These instructions provide a brief overview of what Yggdrasil can do.
It connects 2 nodes together (local and remote) and use Netcat as a server to reply to HTTP requests.
Requirements

Install Yggdrasil on both machine, refer to this installation guide.
Local node setup


## filter.sh
#!/usr/bin/env bash
# This script provide a CSV list of users from an AzureAD directory
# It uses the Graph API and jq

ids=(
  abcd123
  bcde456
  cdef789
)

## kubernetes-text4shell-CVE-2022-42889-detect.sh
#!/usr/bin/env bash
# Detect Text4Shell in Kubernetes cluster using Trivy.
# This script retrieve all running images from a Kubernetes cluster
# and run a Trivy scan against them in order to quickly detect the
# Text4Shell vulnerability (CVE-2022-42889)
# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42889
# You will need Kubectl and the Trivy CLI installed on your machine
# before running this script.

VULNERABILITY_ID="CVE-2022-42889"

## github-get-graphql-packages-by-size-csv.sh
#!/usr/bin/env bash
# The following script get all packages from a given organization and generate
# a CSV file reporting package size
# Usage:
#   bash github-get-graphql-packages-by-size-csv.sh MyGithubOrganization

set -e

echo "repository,package,version,file,size"
gh api graphql -F organization=$1 --paginate -f query='

## README.md

      
              6 files
            
          
              26 forks
            
          
              5 comments
            
          
              81 stars
            
          
                etiennetremel
                / README.md
            
            
              Last active
              February 21, 2024 05:43
            
              
                Simple Wireguard setup as VPN server and multiple clients
              
          
    Simple WireGuard configuration


1 server, 2 clients

Getting started

Install Wireguard on all machines.
Generate all keys


## create-user.sh
#!/bin/bash
#
# Create Kubernetes user. Require cfssl.
#
# Usage:
#   ./create-user.sh <kubernetes api host> <fulle name> <clusterrole>
#
# Example:
#   ./create-user.sh k8s-api.my-domain.com "Jane Doe" my-project:admin

## Previous kube-dns logs
❯ kubectl logs kube-dns-3263495268-9ltl2 -n kube-system -c kubedns --previous:

[...]
fatal error: I0420 07:17:28.519915       1 dns.go:264] New service: feedmaterializationcoordinator
concurrent map writes

goroutine 65 [running]:
runtime.throw(0x162294a, 0x15)
	/usr/local/go/src/runtime/panic.go:566 +0x95 fp=0xc4208d55c8 sp=0xc4208d55a8
runtime.mapassign1(0x1465c20, 0xc420303980, 0xc4208d5820, 0xc4208d57d8)

## terraform-plan
<= data.template_file.my_instance.0
    rendered:     "<computed>"
    template:     "version: v1\nkind: Pod\nmetadata:\n  name: instance\nspec:\n  containers:\n  - name: instance\n    image: image:1.2.3\n    volumeMounts:\n    - name: data\n      mountPath: /data\n  volumes:\n  - name: data\n    gcePersistentDisk:\n      pdName: ${DATA_PD}\n      fsType: ext4\n"
    vars.%:       "1"
    vars.DATA_PD: "my-instance-0-data"

<= data.template_file.my_instance.1
    rendered:     "<computed>"
    template:     "version: v1\nkind: Pod\nmetadata:\n  name: instance\nspec:\n  containers:\n  - name: instance\n    image: image:1.2.3\n    volumeMounts:\n    - name: data\n      mountPath: /data\n  volumes:\n  - name: data\n    gcePersistentDisk:\n      pdName: ${DATA_PD}\n      fsType: ext4\n"
    vars.%:       "1"

## keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                etiennetremel
                / keybase.md
            
            
              Last active
              February 10, 2017 12:11
            
              
                Keybase
              
          
    Keybase proof

I hereby claim:

I am etiennetremel on github.
I am etiennetremel (https://keybase.io/etiennetremel) on keybase.
I have a public key whose fingerprint is 0423 2204 EFF5 C813 46EC  8EC7 3492 688A 17F5 C78F

To claim this, I am signing this object:

  
## 2016-04-11 - JSTACK profiling.log
2016-04-11 09:02:14
Full thread dump OpenJDK 64-Bit Server VM (25.72-b15 mixed mode):

"Attach Listener" #2961 daemon prio=9 os_prio=0 tid=0x00007fee500d9800 nid=0x145b waiting on condition [0x0000000000000000]
   java.lang.Thread.State: RUNNABLE

   Locked ownable synchronizers:
	- None

"BrokerService[go-server] Task-93" #2960 daemon prio=5 os_prio=0 tid=0x00007fee45fbe000 nid=0x144a waiting on condition [0x00007fedd69e8000]
	#!/usr/bin/env bash
	# This script provide a CSV list of users from an AzureAD directory
	# It uses the Graph API and jq

	ids=(
	abcd123
	bcde456
	cdef789
	)
	#!/usr/bin/env bash
	# Detect Text4Shell in Kubernetes cluster using Trivy.
	# This script retrieve all running images from a Kubernetes cluster
	# and run a Trivy scan against them in order to quickly detect the
	# Text4Shell vulnerability (CVE-2022-42889)
	# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42889
	# You will need Kubectl and the Trivy CLI installed on your machine
	# before running this script.

	VULNERABILITY_ID="CVE-2022-42889"
	#!/usr/bin/env bash
	# The following script get all packages from a given organization and generate
	# a CSV file reporting package size
	# Usage:
	# bash github-get-graphql-packages-by-size-csv.sh MyGithubOrganization

	set -e

	echo "repository,package,version,file,size"
	gh api graphql -F organization=$1 --paginate -f query='
	#!/bin/bash
	#
	# Create Kubernetes user. Require cfssl.
	#
	# Usage:
	# ./create-user.sh <kubernetes api host> <fulle name> <clusterrole>
	#
	# Example:
	# ./create-user.sh k8s-api.my-domain.com "Jane Doe" my-project:admin
	❯ kubectl logs kube-dns-3263495268-9ltl2 -n kube-system -c kubedns --previous:

	[...]
	fatal error: I0420 07:17:28.519915 1 dns.go:264] New service: feedmaterializationcoordinator
	concurrent map writes

	goroutine 65 [running]:
	runtime.throw(0x162294a, 0x15)
	/usr/local/go/src/runtime/panic.go:566 +0x95 fp=0xc4208d55c8 sp=0xc4208d55a8
	runtime.mapassign1(0x1465c20, 0xc420303980, 0xc4208d5820, 0xc4208d57d8)
	<= data.template_file.my_instance.0
	rendered: "<computed>"
	template: "version: v1\nkind: Pod\nmetadata:\n name: instance\nspec:\n containers:\n - name: instance\n image: image:1.2.3\n volumeMounts:\n - name: data\n mountPath: /data\n volumes:\n - name: data\n gcePersistentDisk:\n pdName: ${DATA_PD}\n fsType: ext4\n"
	vars.%: "1"
	vars.DATA_PD: "my-instance-0-data"

	<= data.template_file.my_instance.1
	rendered: "<computed>"
	template: "version: v1\nkind: Pod\nmetadata:\n name: instance\nspec:\n containers:\n - name: instance\n image: image:1.2.3\n volumeMounts:\n - name: data\n mountPath: /data\n volumes:\n - name: data\n gcePersistentDisk:\n pdName: ${DATA_PD}\n fsType: ext4\n"
	vars.%: "1"
	2016-04-11 09:02:14
	Full thread dump OpenJDK 64-Bit Server VM (25.72-b15 mixed mode):

	"Attach Listener" #2961 daemon prio=9 os_prio=0 tid=0x00007fee500d9800 nid=0x145b waiting on condition [0x0000000000000000]
	java.lang.Thread.State: RUNNABLE

	Locked ownable synchronizers:
	- None

	"BrokerService[go-server] Task-93" #2960 daemon prio=5 os_prio=0 tid=0x00007fee45fbe000 nid=0x144a waiting on condition [0x00007fedd69e8000]