Skip to content

Instantly share code, notes, and snippets.

View m-ueberall's full-sized avatar

Markus Ueberall m-ueberall

8 followers · 12 following
View GitHub Profile
@thesamesam
thesamesam / xz-backdoor.md
Last active May 4, 2024 09:26
xz-utils backdoor situation (CVE-2024-3094)

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Background

On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that

@killerbees19
killerbees19 / ptr-check.sh
Created January 21, 2023 15:06
Reverse DNS record check
#!/bin/bash
# v1.0.0 (2023-01-21) cs@fnx.li
HOSTS=(foo.example.org bar.example.com)
SIMPLE=(host1 host2 host3)
SUFFIX=".example.net"
for simple in "${SIMPLE[@]}"
do
HOSTS+=("${simple}${SUFFIX}")
done
@domeniko-gentner
domeniko-gentner / update_gitea.py
Last active February 26, 2022 17:51
Updating gitea automatically
#!/usr/bin/env python3
from requests import get
from requests import exceptions
from subprocess import run
def fetch_newest_gitea():
# change prefix as needed
GITEA_INSTALL = "/usr/local/bin/gitea"
@kvaps
kvaps / nfs-ganesha-vs-kernel-benchmark.md
Last active April 15, 2024 20:37
NFS-Ganesha vs NFS-Kernel-Server Benchmark

local read: IOPS=12308, BW=48.1MiB/s write: IOPS=4111, BW=16.0MiB/s

nfs3-ganesha read: IOPS=7039, BW=27.5MiB/s write: IOPS=2352, BW=9.2MiB/s

nfs3-kernel read: IOPS=6571, BW=25.7MiB/s

@david-zw-liu
david-zw-liu / remove_old_builds.sql
Last active January 4, 2024 06:31
Keep 1000 builds per repos for DroneCI (sqlite3 version >= 3.25 required)
-- Thank @sbengo to figure out foreign_keys constraints is defaults to false in sqlite
-- Enable to delete logs by cascading delete
PRAGMA foreign_keys = ON;
WITH n_build_ids_per_repo as (
SELECT build_id
FROM (
SELECT
build_id,
build_repo_id,
@Jiab77
Jiab77 / real-time-php-fpm-status.md
Last active May 5, 2024 16:13
Real-time PHP-FPM Status

Real-time PHP-FPM Status

This gist will explain you how to enable an undocumented feature of PHP-FPM which will give a real-time performance stats.

Everybody knows the famous phpinfo() and the page it generates, right? Then the real-time PHP-FPM status page design is very similar.

image

Some informations from the top are not displayed to avoid security issues.

Enable PHP-FPM Status

@roycewilliams
roycewilliams / clientside-software-update-verification-failures.md
Last active December 16, 2021 16:05
Exploitable vulnerabilities in client-side software update mechanisms that could have been mitigated by secure transport (TLS).

Client-side software update verification failures

Exploitable vulnerabilities in client-side software update mechanisms that could have been mitigated by secure transport (TLS). Contributions welcome. All text taken from the vulnerability descriptions themselves, with additional emphasis mine.

In scope:

  • I consider exploitation or privilege escalation of the package tool/system itself (that would have been mitigated by secure transport) to be in scope.
  • Issues only described as being triggered by malicious mirrors are assumed to also be vulnerable to MITM.
  • Failure to verify the software update at all is currently provisionally in scope if it could have been mitigated by secure transport, but I'm waffling about it. Most of these are actual signature verification failures, and my original purpose was to highlight cases where claims of "It's OK to be HTTP because verification!" seem to me to be specious.
  • Software components regularly used to verify integrity in other software pipelines are
@squidpickles
squidpickles / README.md
Last active January 31, 2024 12:48
Multi-platform (amd64 and arm) Kubernetes cluster

Multiplatform (amd64 and arm) Kubernetes cluster setup

The official guide for setting up Kubernetes using kubeadm works well for clusters of one architecture. But, the main problem that crops up is the kube-proxy image defaults to the architecture of the master node (where kubeadm was run in the first place).

This causes issues when arm nodes join the cluster, as they will try to execute the amd64 version of kube-proxy, and will fail.

It turns out that the pod running kube-proxy is configured using a DaemonSet. With a small edit to the configuration, it's possible to create multiple DaemonSets—one for each architecture.

Steps

Follow the instructions at https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/ for setting up the master node. I've been using Weave Net as the network plugin; it see

@Prof9
Prof9 / Readme.md
Last active February 1, 2024 07:02
THIS SCRIPT NO LONGER WORKS! Twitter has rolled out a fix for the web client hack. (Original text: Force enable cramming (280 character tweets) on Twitter. Use TamperMonkey. NOTE: Stops working when you switch pages, refresh to fix.)

As of 7 November 2017 everyone has access to 280 characters in supported clients, so you no longer need this script!

@EdOverflow
EdOverflow / github_bugbountyhunting.md
Last active April 29, 2024 14:36
My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output