Skip to content

Instantly share code, notes, and snippets.

Jim P jim-p

Block or report user

Report or block jim-p

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View ipsec_stuff.diff
$ git diff RELENG_2_2_3 RELENG_2_2 -- etc/inc/ipsec.inc > ../ipsec_stuff.diff
$ git diff RELENG_2_2_3 RELENG_2_2 -- etc/inc/vpn.inc >> ../ipsec_stuff.diff
$ cat ../ipsec_stuff.diff
diff --git a/etc/inc/ipsec.inc b/etc/inc/ipsec.inc
index 8bfed07..5c7d15d 100644
--- a/etc/inc/ipsec.inc
+++ b/etc/inc/ipsec.inc
@@ -44,22 +44,22 @@ $ipsec_loglevels = array("dmn" => "Daemon", "mgr" => "SA Manager", "ike" => "IKE
@jim-p
jim-p / 2758-compromise.txt
Created Jun 30, 2015
2758-compromise.txt
View 2758-compromise.txt
Hey folks,
I'm an entrepreneur based in the Bay Area.. in this case, It appears our once open & trusting attitude towards our regular guests @ home-hackatons most likely lead to its demise. The result -- a total compromise of our personal network, all workstations and mobile devices - and of course, my PFSense/Netgate C2758 I had been evaluating was among the casualties.
Before I go any further, the C2758 support code is: 2809614B . Also to clarify: the device has been offline for the past 6 months and I have really not spent much time evaluating the extent of the compromise. From what little I recall, it seemed the NIC oproms had been reflashed and I'm assuming the extent of the compromise was more substantial.
If the approach is at all similar to the handful of our other systems I've spent time evaluating -- then you may well find the system of interest. In those cases, each involved rootkits that would consistently survive restoration efforts using various known methods of persistence. One or
View gist:d5b9f33a4cb1c1f1915f
: cat /etc/fstab
/dev/ufs/pfsense0 / ufs ro,sync,noatime 1 1
/dev/ufs/cf /cf ufs ro,sync,noatime 1 1
View gist:fa0ef866ac4dc2adfc71
Site A
P1 Tunnel to Site B
P2 A->B
P2 C->B
P1 Tunnel to Site C
P2 A->C
P2 B->C
Site B
P1 Tunnel to Site A
View gist:1059121d47df1c801910
Apr 2 10:35:06 openvpn[74272]: OpenVPN 2.3.6 amd64-portbld-freebsd10.1 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Mar 31 2015
Apr 2 10:35:06 openvpn[74272]: library versions: OpenSSL 1.0.1l-freebsd 15 Jan 2015, LZO 2.09
Apr 2 10:35:06 openvpn[74272]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Apr 2 10:35:06 openvpn[74272]: TUN/TAP device ovpns2 exists previously, keep at program end
Apr 2 10:35:06 openvpn[74272]: TUN/TAP device /dev/tun2 opened
Apr 2 10:35:06 openvpn[74272]: ioctl(TUNSIFMODE): Device busy: Device busy (errno=16)
Apr 2 10:35:06 openvpn[74272]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
Apr 2 10:35:06 openvpn[74272]: /sbin/ifconfig ovpns2 10.0.14.1 10.0.14.2 mtu 1500 netmask 255.255.255.255 up
Apr 2 10:35:06 openvpn[74272]: /usr/local/sbin/ovpn-linkup ovpns2 1500 1560 10.0.14.1 10.0.14.2 init
Apr 2 10:35:06 openvpn[75323]: UDPv4 link local (bound): [AF_INET]192.168.20.74:1195
@jim-p
jim-p / ipsec-unqiueids-fix-2.2.1.patch
Created Apr 2, 2015
ipsec-unqiueids-fix-2.2.1.patch
View ipsec-unqiueids-fix-2.2.1.patch
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc
index 4d242e6..fc4bce5 100644
--- a/etc/inc/vpn.inc
+++ b/etc/inc/vpn.inc
@@ -575,7 +575,7 @@ EOD;
$uniqueids = 'yes';
if (!empty($config['ipsec']['uniqueids'])) {
- if (in_array($uniqueids, $ipsec_idhandling))
+ if (array_key_exists($config['ipsec']['uniqueids'], $ipsec_idhandling))
View gist:0ba63d89a6cdce3ec85f
foreach ($config['system']['user'] as $user) {
if (!empty($user['md5-hash'])) {
echo "{$user['name']},{MD5}{$user['md5-hash']}\n";
}
}
View gist:89c0efc98bb60a26f34e
Site A (hub)
Tunnel to B
A-B
C-B
D-B
Tunnel to C
A-C
B-C
D-C
Tunnel to D
View gist:de856d43cf5f5418b57e
#
# $FreeBSD: stable/10/etc/etc.amd64/ttys 267236 2014-06-08 17:50:07Z nwhitehorn $
# @(#)ttys 5.1 (Berkeley) 4/17/89
#
# This file specifies various information about terminals on the system.
# It is used by several different programs. Common entries for the
# various columns include:
#
# name The name of the terminal device.
#
View kayako_in_wine.txt
sudo add-apt-repository ppa:ubuntu-wine/ppa
sudo apt-get update
sudo apt-get install wine1.7 winetricks
env WINEARCH=win32 WINEPREFIX=~/.wine-kayako winecfg
env WINEARCH=win32 WINEPREFIX=~/.wine-kayako winetricks ie8
env WINEARCH=win32 WINEPREFIX=~/.wine-kayako winetricks gdiplus
env WINEARCH=win32 WINEPREFIX=~/.wine-kayako winetricks vcrun2008
[Copy all of the DLLs from vcrun2012 to ~/.wine-kayako/drive_c/windows/system32/
mfc110.dll mfc110cht.dll mfc110enu.dll mfc110fra.dll mfc110jpn.dll mfc110rus.dll mfcm110.dll
You can’t perform that action at this time.