Jim P jim-p

## gist:d5b9f33a4cb1c1f1915f
: cat /etc/fstab
/dev/ufs/pfsense0 / ufs ro,sync,noatime 1 1
/dev/ufs/cf /cf ufs ro,sync,noatime 1 1

## gist:fa0ef866ac4dc2adfc71
Site A
 P1 Tunnel to Site B
  P2 A->B
  P2 C->B
 P1 Tunnel to Site C
  P2 A->C
  P2 B->C

Site B
 P1 Tunnel to Site A

## gist:1059121d47df1c801910
Apr 2 10:35:06 	openvpn[74272]: OpenVPN 2.3.6 amd64-portbld-freebsd10.1 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Mar 31 2015
Apr 2 10:35:06 	openvpn[74272]: library versions: OpenSSL 1.0.1l-freebsd 15 Jan 2015, LZO 2.09
Apr 2 10:35:06 	openvpn[74272]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Apr 2 10:35:06 	openvpn[74272]: TUN/TAP device ovpns2 exists previously, keep at program end
Apr 2 10:35:06 	openvpn[74272]: TUN/TAP device /dev/tun2 opened
Apr 2 10:35:06 	openvpn[74272]: ioctl(TUNSIFMODE): Device busy: Device busy (errno=16)
Apr 2 10:35:06 	openvpn[74272]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
Apr 2 10:35:06 	openvpn[74272]: /sbin/ifconfig ovpns2 10.0.14.1 10.0.14.2 mtu 1500 netmask 255.255.255.255 up
Apr 2 10:35:06 	openvpn[74272]: /usr/local/sbin/ovpn-linkup ovpns2 1500 1560 10.0.14.1 10.0.14.2 init
Apr 2 10:35:06 	openvpn[75323]: UDPv4 link local (bound): [AF_INET]192.168.20.74:1195

## ipsec-unqiueids-fix-2.2.1.patch
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc
index 4d242e6..fc4bce5 100644
--- a/etc/inc/vpn.inc
+++ b/etc/inc/vpn.inc
@@ -575,7 +575,7 @@ EOD;

 	$uniqueids = 'yes';
 	if (!empty($config['ipsec']['uniqueids'])) {
-		if (in_array($uniqueids, $ipsec_idhandling))
+		if (array_key_exists($config['ipsec']['uniqueids'], $ipsec_idhandling))

## gist:0ba63d89a6cdce3ec85f
foreach ($config['system']['user'] as $user) {
	if (!empty($user['md5-hash'])) {
		echo "{$user['name']},{MD5}{$user['md5-hash']}\n";
	}
}

## gist:89c0efc98bb60a26f34e
Site A (hub)
 Tunnel to B
   A-B
   C-B
   D-B
 Tunnel to C
   A-C
   B-C
   D-C
 Tunnel to D

## gist:de856d43cf5f5418b57e
#
# $FreeBSD: stable/10/etc/etc.amd64/ttys 267236 2014-06-08 17:50:07Z nwhitehorn $
#	@(#)ttys	5.1 (Berkeley) 4/17/89
#
# This file specifies various information about terminals on the system.
# It is used by several different programs.  Common entries for the
# various columns include:
#
# name  The name of the terminal device.
#

## kayako_in_wine.txt
sudo add-apt-repository ppa:ubuntu-wine/ppa
sudo apt-get update
sudo apt-get install wine1.7 winetricks
env WINEARCH=win32 WINEPREFIX=~/.wine-kayako winecfg
env WINEARCH=win32 WINEPREFIX=~/.wine-kayako winetricks ie8
env WINEARCH=win32 WINEPREFIX=~/.wine-kayako winetricks gdiplus
env WINEARCH=win32 WINEPREFIX=~/.wine-kayako winetricks vcrun2008

[Copy all of the DLLs from vcrun2012 to ~/.wine-kayako/drive_c/windows/system32/
mfc110.dll      mfc110cht.dll   mfc110enu.dll   mfc110fra.dll   mfc110jpn.dll   mfc110rus.dll   mfcm110.dll

## bashtest.sh
echo "Testing Exploit 1 (CVE-2014-6271)"
CVE6271="$(env x='() { :;}; echo -n V' bash -c : 2>/dev/null)"
[ "${CVE7187}" == "V" ] && echo "VULNERABLE" || echo "NOT VULNERABLE"

echo "Testing Exploit 2 (CVE-2014-7169)"
CVE7169="$(env X='() { (4lpi.com)=>\' bash -c "echo date" 2>/dev/null; cat echo 2>/dev/null; rm -f echo)"
[ ! "${CVE7169}" == "date" ] && echo "VULNERABLE" || echo "NOT VULNERABLE"

echo "Testing Exploit 3 (CVE-2014-6277)"
CVE6277="$(env -i X=' () { }; echo -n V' bash -c :)"

## keybase.md

      
        
          
            
              
              1 file
            
          
          
            
              
              0 forks
            
          
          
            
              
              0 comments
            
          
          
            
              
              0 stars
            
          
        
        
          
              
          
          
            
                jim-p
                / keybase.md
            
            
              Created
              June 5, 2014 18:28
            
              
                keybase.md
              
          
        
      
        
  
      
    Keybase proof

I hereby claim:

I am jim-p on github.
I am jimp (https://keybase.io/jimp) on keybase.
I have a public key whose fingerprint is 7653 2AC1 2E9F 551D BE84  0B06 574A 9C0D 74CC 1661

To claim this, I am signing this object:
	: cat /etc/fstab
	/dev/ufs/pfsense0 / ufs ro,sync,noatime 1 1
	/dev/ufs/cf /cf ufs ro,sync,noatime 1 1
	Site A
	P1 Tunnel to Site B
	P2 A->B
	P2 C->B
	P1 Tunnel to Site C
	P2 A->C
	P2 B->C

	Site B
	P1 Tunnel to Site A
	Apr 2 10:35:06 openvpn[74272]: OpenVPN 2.3.6 amd64-portbld-freebsd10.1 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Mar 31 2015
	Apr 2 10:35:06 openvpn[74272]: library versions: OpenSSL 1.0.1l-freebsd 15 Jan 2015, LZO 2.09
	Apr 2 10:35:06 openvpn[74272]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
	Apr 2 10:35:06 openvpn[74272]: TUN/TAP device ovpns2 exists previously, keep at program end
	Apr 2 10:35:06 openvpn[74272]: TUN/TAP device /dev/tun2 opened
	Apr 2 10:35:06 openvpn[74272]: ioctl(TUNSIFMODE): Device busy: Device busy (errno=16)
	Apr 2 10:35:06 openvpn[74272]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
	Apr 2 10:35:06 openvpn[74272]: /sbin/ifconfig ovpns2 10.0.14.1 10.0.14.2 mtu 1500 netmask 255.255.255.255 up
	Apr 2 10:35:06 openvpn[74272]: /usr/local/sbin/ovpn-linkup ovpns2 1500 1560 10.0.14.1 10.0.14.2 init
	Apr 2 10:35:06 openvpn[75323]: UDPv4 link local (bound): [AF_INET]192.168.20.74:1195
	diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc
	index 4d242e6..fc4bce5 100644
	--- a/etc/inc/vpn.inc
	+++ b/etc/inc/vpn.inc
	@@ -575,7 +575,7 @@ EOD;

	$uniqueids = 'yes';
	if (!empty($config['ipsec']['uniqueids'])) {
	- if (in_array($uniqueids, $ipsec_idhandling))
	+ if (array_key_exists($config['ipsec']['uniqueids'], $ipsec_idhandling))
	foreach ($config['system']['user'] as $user) {
	if (!empty($user['md5-hash'])) {
	echo "{$user['name']},{MD5}{$user['md5-hash']}\n";
	}
	}
	Site A (hub)
	Tunnel to B
	A-B
	C-B
	D-B
	Tunnel to C
	A-C
	B-C
	D-C
	Tunnel to D
	#
	# $FreeBSD: stable/10/etc/etc.amd64/ttys 267236 2014-06-08 17:50:07Z nwhitehorn $
	# @(#)ttys 5.1 (Berkeley) 4/17/89
	#
	# This file specifies various information about terminals on the system.
	# It is used by several different programs. Common entries for the
	# various columns include:
	#
	# name The name of the terminal device.
	#
	sudo add-apt-repository ppa:ubuntu-wine/ppa
	sudo apt-get update
	sudo apt-get install wine1.7 winetricks
	env WINEARCH=win32 WINEPREFIX=~/.wine-kayako winecfg
	env WINEARCH=win32 WINEPREFIX=~/.wine-kayako winetricks ie8
	env WINEARCH=win32 WINEPREFIX=~/.wine-kayako winetricks gdiplus
	env WINEARCH=win32 WINEPREFIX=~/.wine-kayako winetricks vcrun2008

	[Copy all of the DLLs from vcrun2012 to ~/.wine-kayako/drive_c/windows/system32/
	mfc110.dll mfc110cht.dll mfc110enu.dll mfc110fra.dll mfc110jpn.dll mfc110rus.dll mfcm110.dll
	echo "Testing Exploit 1 (CVE-2014-6271)"
	CVE6271="$(env x='() { :;}; echo -n V' bash -c : 2>/dev/null)"
	[ "${CVE7187}" == "V" ] && echo "VULNERABLE" \|\| echo "NOT VULNERABLE"

	echo "Testing Exploit 2 (CVE-2014-7169)"
	CVE7169="$(env X='() { (4lpi.com)=>\' bash -c "echo date" 2>/dev/null; cat echo 2>/dev/null; rm -f echo)"
	[ ! "${CVE7169}" == "date" ] && echo "VULNERABLE" \|\| echo "NOT VULNERABLE"

	echo "Testing Exploit 3 (CVE-2014-6277)"
	CVE6277="$(env -i X=' () { }; echo -n V' bash -c :)"