The security features of Barebox are:
- Signed images
- Signed "state variables" (shared with the kernel)
Guillaume Quéré gquere
gquere
/ barebox_advisory.md
Last active
August 30, 2021 15:47
gquere
/ shitmantec.py
Created
February 12, 2021 11:56
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import sys | |
| import re | |
| import random | |
| import base64 | |
| with open(sys.argv[1], "rb") as f: | |
| lines = f.readlines() | |
| obfuscated_lines = b"" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Network | |
| ======= | |
| DNS 53 | |
| DHCP server 67 | |
| DHCP client 68 | |
| NTP 123 | |
| Auth | |
| ==== | |
| TACACS 49 |
gquere
/ openldap2hashcat.py
Last active
April 17, 2022 14:06
Convert OpenLDAP hashes to a format Hashcat can understand
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # Convert OpenLDAP hashes to a format Hashcat can understand | |
| import sys | |
| import base64 | |
| with open(sys.argv[1], 'r') as f: | |
| lines = f.readlines() | |
| for line in lines: | |
| line = line.rstrip("\n") |
gquere
/ openldap2john.py
Last active
November 17, 2020 14:38
Convert OpenLDAP hashes to a format john the ripper can understand
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # Convert OpenLDAP hashes to a format john the ripper can understand | |
| import sys | |
| import base64 | |
| with open(sys.argv[1], 'r') as f: | |
| lines = f.readlines() | |
| for line in lines: | |
| line = line.rstrip("\n") |
gquere
/ vault_get_secrets.py
Last active
October 28, 2022 07:07
Recursively dump Hashicorp Vault secrets
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import argparse | |
| import urllib3 | |
| import requests | |
| import json | |
| import sys | |
| # SUPPRESS WARNINGS ############################################################ | |
| urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) |
gquere
/ dump_i2c_eeprom.c
Created
August 17, 2020 13:44
dump I2C EEPROM memory from Linux device ioctl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdlib.h> | |
| #include <stdio.h> | |
| #include <stdint.h> | |
| #include <fcntl.h> | |
| #include <linux/i2c-dev.h> | |
| #define READ_SIZE (256) | |
| #define NB_PAGES (256) |
gquere
/ artifactory_list_users.py
Last active
December 1, 2023 13:47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import requests | |
| import json | |
| import urllib3 | |
| import sys | |
| # SUPPRESS WARNINGS ############################################################ | |
| urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) |
gquere
/ gitlab_clone_all.py
Last active
February 9, 2024 09:12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import argparse | |
| import requests | |
| import json | |
| import urllib3 | |
| from urllib.parse import urlparse | |
| import os | |
| import re | |
| from getpass import getpass |
gquere
/ bitbucket_clone_all.py
Created
July 15, 2020 09:26
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import argparse | |
| import requests | |
| import json | |
| import urllib3 | |
| from urllib.parse import urlparse | |
| import os | |
| import re | |
| from getpass import getpass |