Jordi Massaguer Pla jordimassaguerpla

## gist:7485966
#!/usr/bin/ruby

GRUB_CFG = "/mnt/boot_loader/boot/grub/grub.cfg"

def read_menu_entries(cfg_file)
  menu_entries = []
  File.readlines(cfg_file).each do |line|
    next if !line.include?("menuentry")
    entry = line.match(/menuentry.*['"](.*)['"].*/)[1]
    menu_entries << entry

## unsafe_query_risk_check_1.rb
# this checks for "unsafe query risks in active record" by reading your
# db/schema.rb file, according to
# https://groups.google.com/forum/#!topic/rubyonrails-security/8CVoclw-Xkk

class MockTable
  @@tables = {}

  def self.tables
    @@tables
  end

## create_default_pool_for_libvirt
mkdir -p /var/lib/virt/
virsh pool-define-as --name default --type dir --target /var/lib/virt/images
virsh pool-autostart default
virsh pool-build default
virsh pool-start default

## get_download_link_from_obs
package main

import "net/http"
import "fmt"
import "io/ioutil"
import "regexp"

func getLink(server string, project string, repo string, name string, arch string, extension string) string {
  pattern := "href=\"" + name + "." + arch + ".*Build.*" + extension + "\""
  re := regexp.MustCompile(pattern)

## get_ruby_sec_status.rb
# Use this ruby script on a rubysec/ruby-advisory-db checkout
# to get the number of security issues on ruby gems per year

require "yaml"
if ARGV.length != 1
  puts "usage: ruby get_stats.rb YEAR"
  exit -1
end
if ARGV[0] !~ /\d\d\d\d/
  puts "usage: ruby get_stats.rb YEAR"

## dockerfile
FROM opensuse:latest
MAINTAINER Jordi Massaguer "jmassaguerpla@suse.com"

RUN echo -e "#!/bin/sh\n \nnc -l 80" > /bin/hello-world-server
RUN chmod +x /bin/hello-world-server
RUN zypper -n install "netcat-openbsd"
EXPOSE 80
CMD /bin/hello-world-server
# test me with "telnet IP 80"
# get the ip with docker inspect CONTAINER

## zypper-docker-demo-cve-2014-6271.txt
-----------Dockerfile ---------------------------------------------------------------

FROM suse/sles11sp3:latest
MAINTAINER Jordi Massaguer <jmassaguerpla@suse.com>

# Import the crt file of our private SMT server
ADD http://docker-smt.suse.de//smt.crt /etc/ssl/certs/smt.pem
RUN c_rehash /etc/ssl/certs

# Refresh the list of repositories

## keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                jordimassaguerpla
                / keybase.md
            
            
              Last active
              April 1, 2016 14:34
            
          
    Keybase proof

I hereby claim:

I am jordimassaguerpla on github.
I am jordi_m_p (https://keybase.io/jordi_m_p) on keybase.
I have a public key whose fingerprint is 6D6D 82FF F63E AC94 9526  C4CE C053 1054 598C 0AE7

To claim this, I am signing this object:

  
## Dockerfile_opensuse_leap_vulnerable
FROM opensuse:leap

MAINTAINER Jordi
# openssh-6.6p1-6.3 contains at least this vulnerability
# https://lists.opensuse.org/opensuse-updates/2016-01/msg00038.html
# CVE-2016-0777 and CVE-2016-0778
# Which is considered a security issue of level *critical*
RUN zypper -n install --oldpackage openssh-6.6p1-6.3

# copy this file as Dockerfile

## rubysec_get_stats.rb
require "yaml"
if ARGV.length != 1
  puts "usage: ruby get_stats.rb YEAR"
  exit -1
end
if ARGV[0] !~ /\d\d\d\d/
  puts "usage: ruby get_stats.rb YEAR"
  exit -2
end
year = Integer(ARGV[0])
	#!/usr/bin/ruby

	GRUB_CFG = "/mnt/boot_loader/boot/grub/grub.cfg"

	def read_menu_entries(cfg_file)
	menu_entries = []
	File.readlines(cfg_file).each do \|line\|
	next if !line.include?("menuentry")
	entry = line.match(/menuentry.['"](.)['"].*/)[1]
	menu_entries << entry
	# this checks for "unsafe query risks in active record" by reading your
	# db/schema.rb file, according to
	# https://groups.google.com/forum/#!topic/rubyonrails-security/8CVoclw-Xkk

	class MockTable
	@@tables = {}

	def self.tables
	@@tables
	end
	mkdir -p /var/lib/virt/
	virsh pool-define-as --name default --type dir --target /var/lib/virt/images
	virsh pool-autostart default
	virsh pool-build default
	virsh pool-start default
	package main

	import "net/http"
	import "fmt"
	import "io/ioutil"
	import "regexp"

	func getLink(server string, project string, repo string, name string, arch string, extension string) string {
	pattern := "href=\"" + name + "." + arch + ".Build." + extension + "\""
	re := regexp.MustCompile(pattern)
	# Use this ruby script on a rubysec/ruby-advisory-db checkout
	# to get the number of security issues on ruby gems per year

	require "yaml"
	if ARGV.length != 1
	puts "usage: ruby get_stats.rb YEAR"
	exit -1
	end
	if ARGV[0] !~ /\d\d\d\d/
	puts "usage: ruby get_stats.rb YEAR"
	FROM opensuse:latest
	MAINTAINER Jordi Massaguer "jmassaguerpla@suse.com"

	RUN echo -e "#!/bin/sh\n \nnc -l 80" > /bin/hello-world-server
	RUN chmod +x /bin/hello-world-server
	RUN zypper -n install "netcat-openbsd"
	EXPOSE 80
	CMD /bin/hello-world-server
	# test me with "telnet IP 80"
	# get the ip with docker inspect CONTAINER
	-----------Dockerfile ---------------------------------------------------------------

	FROM suse/sles11sp3:latest
	MAINTAINER Jordi Massaguer <jmassaguerpla@suse.com>

	# Import the crt file of our private SMT server
	ADD http://docker-smt.suse.de//smt.crt /etc/ssl/certs/smt.pem
	RUN c_rehash /etc/ssl/certs

	# Refresh the list of repositories
	FROM opensuse:leap

	MAINTAINER Jordi
	# openssh-6.6p1-6.3 contains at least this vulnerability
	# https://lists.opensuse.org/opensuse-updates/2016-01/msg00038.html
	# CVE-2016-0777 and CVE-2016-0778
	# Which is considered a security issue of level critical
	RUN zypper -n install --oldpackage openssh-6.6p1-6.3

	# copy this file as Dockerfile