Skip to content

Instantly share code, notes, and snippets.

View memogarcia's full-sized avatar
🇲🇽
I hacked the mainframe!

Guillermo García memogarcia

🇲🇽
I hacked the mainframe!
View GitHub Profile
@memogarcia
memogarcia / gist:30aec4532dd0ebd0acbb430fcadb81c3
Created April 13, 2020 05:00 — forked from zzzeek/gist:f5bc2a104ce6eed5187e268ccfd73c01
turn off pacemaker and bootstrap galera manually
--- 1. prevent pacemaker from managing galera
# pcs resource unmanage galera
--- 2. make sure ***mysql is not running on any node***. To bootstrap, mysql has to be completely shut down:
# ps -ef | grep mysql
< nothing, on all three controllers >
--- 3. Choose the node you want to bootstrap and run mysqld_safe with --wsrep-new-cluster:
@memogarcia
memogarcia / monitor_service.py
Created June 28, 2018 11:29 — forked from piraz/monitor_service.py
Script that monitors a service running on systemd. If service is not running the script will try to start the service.
#!/bin/python
#
# Copyright 2016 Flavio Garcia
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
@memogarcia
memogarcia / openssl.cnf
Created June 21, 2018 13:45
/root/ca/intermediate/openssl.cnf
[ ca ]
# `man ca`
default_ca = CA_default
[ CA_default ]
# Directory and file locations.
dir = /root/ca/intermediate
certs = $dir/certs
crl_dir = $dir/crl
new_certs_dir = $dir/newcerts
@memogarcia
memogarcia / ca_openssl.cnf
Created June 21, 2018 13:44
/root/ca/openssl.cnf
[ ca ]
# `man ca`
default_ca = CA_default
[ CA_default ]
# Directory and file locations.
dir = /root/ca
certs = $dir/certs
crl_dir = $dir/crl
new_certs_dir = $dir/newcerts
@memogarcia
memogarcia / fuck-openldap.sh
Created June 19, 2018 08:57 — forked from jaseg/README.md
Convert openldap .schema files to .ldif files
#!/usr/bin/env bash
# convert OpenLDAP schema file to LDIF file
#
# Copyright 2012 NDE Netzdesign und -entwicklung AG, Hamburg
# Written by Jens-U. Mozdzen <jmozdzen@nde.ag>
# Copyright 2014 jaseg <github@jaseg.net>
#
# Permission is granted to use, modify and redistribute this file as long as
# - this copyright notice is left unmodified and included in the final code
@memogarcia
memogarcia / console.log.md
Created June 14, 2018 11:26 — forked from mazgi/console.log.md
LDAP Auth for SSSD, SSH, SUDO
# uname -a
Linux base 4.0.5-gentoo #1 SMP Wed Jul 1 02:23:16 JST 2015 x86_64 Intel(R) Xeon(R) CPU E5-2640 0 @ 2.50GHz GenuineIntel GNU/Linux

Packages

# emerge -pvq openldap openssh sssd sudo
[ebuild R ] net-nds/openldap-2.4.38-r2 USE="berkdb crypt gnutls ipv6 minimal sasl ssl syslog tcpd -cxx -debug -experimental -icu -iodbc -kerberos -odbc -overlays -perl -samba (-selinux) -slp -smbkrb5passwd" ABI_X86="(64) -32 (-x32)" 
@memogarcia
memogarcia / driver.py
Created February 8, 2018 19:27
patch for virt/libvirt/driver.py
# Copyright 2010 United States Government as represented by the
# Administrator of the National Aeronautics and Space Administration.
# All Rights Reserved.
# Copyright (c) 2010 Citrix Systems, Inc.
# Copyright (c) 2011 Piston Cloud Computing, Inc
# Copyright (c) 2012 University Of Minho
# (c) Copyright 2013 Hewlett-Packard Development Company, L.P.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
@memogarcia
memogarcia / api.py
Created February 8, 2018 13:06
Nova patch for stable/pike sqlalchemy api
# Copyright (c) 2011 X.commerce, a business unit of eBay Inc.
# Copyright 2010 United States Government as represented by the
# Administrator of the National Aeronautics and Space Administration.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
@memogarcia
memogarcia / github_bugbountyhunting.md
Created October 7, 2017 08:27 — forked from EdOverflow/github_bugbountyhunting.md
My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output
@memogarcia
memogarcia / collector.py
Last active July 10, 2023 02:54
Python ZMQ Push Pull Pattern
import time
import zmq
import pprint
def result_collector():
context = zmq.Context()
results_receiver = context.socket(zmq.PULL)
results_receiver.bind("tcp://127.0.0.1:5558")
collecter_data = {}
for x in xrange(1000):