Anthony Camilo gargolito

## programatically_store_retrieve_passwords.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                gargolito
                / programatically_store_retrieve_passwords.md
            
            
              Created
              October 14, 2020 21:09
            
              
                Programmaticaly store and retrieve secrets/password in MacOS
              
          
    MacOS stores credentials and SSL/TLS certificates in the login keychain which you can manage via Keychain Access. You can access the keychain data programatically with the builtin cli security command, and also with a pip instalable python module named keyring that also provides a cli command.
When retrieving a password with any of these tools, you will be prompted to allow access to the secret and prompted your login password. There's an option Allow and Always allow. Use the one with which you're comfortable. The default is Allow, if you hit enter, you will be prompted to enter your password every time you need it.
MacOS security (Keychain Access cli)

MacOS already stores most of your passwords in the Keychain. You can see and store passwords in Keychain Access gui, but the cli let's you leverage the Keychain to store and retrieve existing passwords. Wgen using the cli, you may need to unlock your keychain, so run:
security unlock-keychain ${HOME}/Library/Keychains/login.keychain-db

  
## video2jpegset.sh
#!/bin/bash
function vid2jpg () {
    name="$(basename $@)"
    name="${name/.*}"
    tgtdir="${HOME}/pics/extracted/$name"
    test -n "$@" && mkdir -p "$tgtdir"
    if test -d "$tgtdir"; then
        touch "$tgtdir/.nomedia"
        ffmpeg -stats -loglevel panic -i "$@" -vsync -1 "$tgtdir/$name%04d.jpg"
    else

## autologoff.sh
stay() {
	echo ""
	bash --noprofile --norc
	bye=1
}
bye=0
trap stay INT

for i in {9..1}; do
	test $bye -eq 1 && break

## iptables_rules
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -s 192.168.1.2/32 -p tcp -m multiport --dports 22 -j ACCEPT
-A INPUT -s 172.16.1.3/32 -p tcp -m multiport --dports 22 -j ACCEPT
-A INPUT -p tcp --dport ssh -j DROP
COMMIT
*nat
:PREROUTING ACCEPT [0:0]

## filestat_with_create_time.sh
#!/usr/bin/env bash
# can use with wildcards, loop will exit if the file is not found

function finfo () {
    for file in $@; do
        echo -e "\033[1;31m$file \033[0m"
        test -f $file || break
        part=$(df $(dirname ${file})|awk '/\/dev\// {print $1}')
        debugfs -R "stat <$(stat -c %i ${file})>" $part 2>&1|head -n 12|awk '/time:/ {$2="";$3=""; print $0}'
        echo ""

## vid2gif.sh
vid2gif() {
  file=$(realpath $1)
  name=$(basename ${file/.*})
  ffmpeg -y -i "${file}" -vf fps=${3:-24},scale=${2:-480}:-1:flags=lanczos,palettegen "${name}.png"
  ffmpeg -y -i "${file}" -i "${name}.png" -filter_complex "fps=${3:-24},scale=${2:-480}:-1:flags=lanczos[x];[x][1:v]paletteuse" "${name}".gif
  rm "${name}.png"
}

## concatenate_all_json_in_dir.py
import json
from os import listdir as ls
d = dict()
d['whois'] = list()
for j in ls('.'):
    with open(j) as f:
        d['whois'].append(json.loads(f.read()))
with open('../whois.json', 'w') as l:
    json.dump(d,l)

## aptly_remove_a_package.sh
rmdeb ()
{
    xIFS=$IFS;
    IFS=' ';
    if [[ $# -ge 1 ]]; then
        repo=reponame;
        if [[ $@ =~ del ]]; then
            pkg=$(echo $@|sed 's/del//g');
            pkgname=${pkg/_*};
            pkgver=$(echo ${pkg}|cut -d_ -f2);

## iknowitsdumbbutilikeit.txt
git clone https://github.com/jawshooah/pyenv-default-packages.git \
$(pyenv root)/plugins/pyenv-default-packages

python -c "\
import pip;
from os import environ
pipver=str(float('.'.join(pip.__version__.split('.')[:-1])));
pkgs=[pipver,'ipython', 'pipreqs', 'pytest', 'vulture'];
f=open(environ['PYENV_ROOT'] + '/default-packages','w');
f.write('pip > {}\n'.format('\n'.join(pkgs)));

## tuned_override_python3.txt
Cause

tuned expects python2 as its intepreter. the script does not specify the python version and it installs all of the modules are installed in /usr/lib/python2.7/. If you have python3 installed, the service will fail to start because python3 does not have the *tuned* module dependencies. The sanest solution that should survive upgrades and changes to tuned python, is to give the systemd service the correct python environment in which to execute via override. Until, of course, tuned gets ported to python3.

tested with tuned 2.9.0-1  in ubuntu 18.04
1. sudo apt-get install tuned
2. sudo systemctl edit tuned
[Service]
Environment=PYTHONHOME=/usr/lib/python2
Environment=PYTHONEXECUTABLE=/usr/bin/python2
	#!/bin/bash
	function vid2jpg () {
	name="$(basename $@)"
	name="${name/.*}"
	tgtdir="${HOME}/pics/extracted/$name"
	test -n "$@" && mkdir -p "$tgtdir"
	if test -d "$tgtdir"; then
	touch "$tgtdir/.nomedia"
	ffmpeg -stats -loglevel panic -i "$@" -vsync -1 "$tgtdir/$name%04d.jpg"
	else
	stay() {
	echo ""
	bash --noprofile --norc
	bye=1
	}
	bye=0
	trap stay INT

	for i in {9..1}; do
	test $bye -eq 1 && break
	*filter
	:INPUT ACCEPT [0:0]
	:FORWARD ACCEPT [0:0]
	:OUTPUT ACCEPT [0:0]
	-A INPUT -s 192.168.1.2/32 -p tcp -m multiport --dports 22 -j ACCEPT
	-A INPUT -s 172.16.1.3/32 -p tcp -m multiport --dports 22 -j ACCEPT
	-A INPUT -p tcp --dport ssh -j DROP
	COMMIT
	*nat
	:PREROUTING ACCEPT [0:0]
	#!/usr/bin/env bash
	# can use with wildcards, loop will exit if the file is not found

	function finfo () {
	for file in $@; do
	echo -e "\033[1;31m$file \033[0m"
	test -f $file \|\| break
	part=$(df $(dirname ${file})\|awk '/\/dev\// {print $1}')
	debugfs -R "stat <$(stat -c %i ${file})>" $part 2>&1\|head -n 12\|awk '/time:/ {$2="";$3=""; print $0}'
	echo ""
	vid2gif() {
	file=$(realpath $1)
	name=$(basename ${file/.*})
	ffmpeg -y -i "${file}" -vf fps=${3:-24},scale=${2:-480}:-1:flags=lanczos,palettegen "${name}.png"
	ffmpeg -y -i "${file}" -i "${name}.png" -filter_complex "fps=${3:-24},scale=${2:-480}:-1:flags=lanczos[x];[x][1:v]paletteuse" "${name}".gif
	rm "${name}.png"
	}
	import json
	from os import listdir as ls
	d = dict()
	d['whois'] = list()
	for j in ls('.'):
	with open(j) as f:
	d['whois'].append(json.loads(f.read()))
	with open('../whois.json', 'w') as l:
	json.dump(d,l)
	rmdeb ()
	{
	xIFS=$IFS;
	IFS=' ';
	if [[ $# -ge 1 ]]; then
	repo=reponame;
	if [[ $@ =~ del ]]; then
	pkg=$(echo $@\|sed 's/del//g');
	pkgname=${pkg/_*};
	pkgver=$(echo ${pkg}\|cut -d_ -f2);
	git clone https://github.com/jawshooah/pyenv-default-packages.git \
	$(pyenv root)/plugins/pyenv-default-packages

	python -c "\
	import pip;
	from os import environ
	pipver=str(float('.'.join(pip.__version__.split('.')[:-1])));
	pkgs=[pipver,'ipython', 'pipreqs', 'pytest', 'vulture'];
	f=open(environ['PYENV_ROOT'] + '/default-packages','w');
	f.write('pip > {}\n'.format('\n'.join(pkgs)));
	Cause

	tuned expects python2 as its intepreter. the script does not specify the python version and it installs all of the modules are installed in /usr/lib/python2.7/. If you have python3 installed, the service will fail to start because python3 does not have the tuned module dependencies. The sanest solution that should survive upgrades and changes to tuned python, is to give the systemd service the correct python environment in which to execute via override. Until, of course, tuned gets ported to python3.

	tested with tuned 2.9.0-1 in ubuntu 18.04
	1. sudo apt-get install tuned
	2. sudo systemctl edit tuned
	[Service]
	Environment=PYTHONHOME=/usr/lib/python2
	Environment=PYTHONEXECUTABLE=/usr/bin/python2