Skip to content

Instantly share code, notes, and snippets.

@kennwhite
kennwhite / php_mitm_ssl_fopen.php
Created Jul 31, 2013
PHP fopen for SSL by default allows MITM (peer verification off)
View php_mitm_ssl_fopen.php
<?php
/*
OpenSSL verify certificate is off by default in php 5.3+
There is no obvious php.ini option to reenable, so we're stuck w/
forcing it at runtime.
Usage: php -f this_file.php
Output:
Default - https://www.google.com/ [Resource id #5]
Verify on - https://www.google.com/ [Resource id #7]
@kennwhite
kennwhite / push_remote-to-remote_backup.sh
Created Jul 31, 2013
Push backup from remote box 1 to remote box 2 through local (box 1 has no direct access to box 2)
View push_remote-to-remote_backup.sh
#!/bin/bash
# Push remote box 1 to remote box 2 through local box (box 1 has no access to box 2)
ssh -i box1key user@remotebox1 \
"tar -czvf - remotedir1" \
| ssh -i box2key user@remotebox2 "cat >remotedir2.tgz"
@kennwhite
kennwhite / trim_enabler.sh
Last active Dec 21, 2015 — forked from return1/trim_enabler.txt
Enable SSD Trim support on Mac Lion & Mountain Lion. Original version by Grant Parnell.
View trim_enabler.sh
#
# Original version by Grant Parnell is offline (http://digitaldj.net/2011/07/21/trim-enabler-for-lion/)
#
# Looks for "Apple" string in HD kext, changes it to a wildcard match for anything
#
# Alternative to http://www.groths.org/trim-enabler-3-0-released/
# Method behind this madness described: http://forums.macrumors.com/showthread.php?t=1409151&page=4
# See discussion in comments here: https://www.macupdate.com/app/mac/39654/lion-tweaks
# And here: http://forums.macrumors.com/showthread.php?t=1410459
# And here: http://forums.macrumors.com/showthread.php?t=1480302
View trim_enabler.sh
sudo cp /System/Library/Extensions/IOAHCIFamily.kext/Contents/PlugIns/IOAHCIBlockStorage.kext/Contents/MacOS/IOAHCIBlockStorage /System/Library/Extensions/IOAHCIFamily.kext/Contents/PlugIns/IOAHCIBlockStorage.kext/Contents/MacOS/IOAHCIBlockStorage.original
# for Mountain Lion 10.8.3 - 10.8.4
sudo perl -pi -e 's|(\x52\x6F\x74\x61\x74\x69\x6F\x6E\x61\x6C\x00{1,20})[^\x00]{9}(\x00{1,20}\x54)|$1\x00\x00\x00\x00\x00\x00\x00\x00\x00$2|sg' /System/Library/Extensions/IOAHCIFamily.kext/Contents/PlugIns/IOAHCIBlockStorage.kext/Contents/MacOS/IOAHCIBlockStorage
# for Mountain Lion 10.8.1-10.8.2 and Lion 10.7.5
#sudo perl -pi -e 's|(\x52\x6F\x74\x61\x74\x69\x6F\x6E\x61\x6C\x00{1,20})[^\x00]{9}(\x00{1,20}\x4D)|$1\x00\x00\x00\x00\x00\x00\x00\x00\x00$2|sg' /System/Library/Extensions/IOAHCIFamily.kext/Contents/PlugIns/IOAHCIBlockStorage.kext/Contents/MacOS/IOAHCIBlockStorage
# for Mountain Lion 10.8.0 and Lion 10.7.4 BELOW
#sudo perl -pi -e 's|(\x52\x6F\x74\x61\x74\x69\x6F\x6E\x61\x6C\x00{1,20})[^\x00]{9}(\x00{1,20}\x51)|
@kennwhite
kennwhite / reset_osx_attributes.sh
Created Sep 1, 2013
Remove all extended attributes recursively on an OSX directory & files and fix "chown: ... Operation not permitted" and "chmod: ... Operation not permitted"
View reset_osx_attributes.sh
# This is the nuclear option. Use with extreme care
# Works up to and including Mountain Lion (10.8.x)
# Show all extended attributes
ls -lOe ~/dir-to-fix
# Remove no-change attributes
sudo chflags nouchg ~/dir-to-fix
# Recursively clear all entended attributes
@kennwhite
kennwhite / aws_iam_billing_read_only.txt
Last active Jan 3, 2016
Setting up AWS IAM for read-only billing (complete recipe)
View aws_iam_billing_read_only.txt
Recipe for enabling billing access in AWS to a less privileged user
As *Root/Master* account owner:
1. Log into: https://console.aws.amazon.com (NOT IAM!)
2. My Account/Personal Information
3. Set security challenge questions (fav color/dog/movie, etc.)
View sqlite3_backup.sh
#!/bin/bash
#
# sqlite3_backup.sh
# Script for backing up sqlite3 database with integrity checking
# Intended for use with cron for regular automated backups
#
# @author <shaune@princeton.edu>
#
View nginx.conf
# to generate your dhparam.pem file, run in the terminal
openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048
View gist:9690720
urlencode() {
# urlencode <string>
local length="${#1}"
for (( i = 0; i < length; i++ )); do
local c="${1:i:1}"
case $c in
[a-zA-Z0-9.~_-]) printf "$c" ;;
' ') printf + ;;
*) printf '%%%X' "'$c"
You can’t perform that action at this time.