Skip to content

Instantly share code, notes, and snippets.

Avatar
💭
💪

Guillermo García memogarcia

💭
💪
View GitHub Profile
@memogarcia
memogarcia / gist:30aec4532dd0ebd0acbb430fcadb81c3
Created Apr 13, 2020 — forked from zzzeek/gist:f5bc2a104ce6eed5187e268ccfd73c01
turn off pacemaker and bootstrap galera manually
View gist:30aec4532dd0ebd0acbb430fcadb81c3
--- 1. prevent pacemaker from managing galera
# pcs resource unmanage galera
--- 2. make sure ***mysql is not running on any node***. To bootstrap, mysql has to be completely shut down:
# ps -ef | grep mysql
< nothing, on all three controllers >
--- 3. Choose the node you want to bootstrap and run mysqld_safe with --wsrep-new-cluster:
@memogarcia
memogarcia / monitor_service.py
Created Jun 28, 2018 — forked from piraz/monitor_service.py
Script that monitors a service running on systemd. If service is not running the script will try to start the service.
View monitor_service.py
#!/bin/python
#
# Copyright 2016 Flavio Garcia
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
@memogarcia
memogarcia / openssl.cnf
Created Jun 21, 2018
/root/ca/intermediate/openssl.cnf
View openssl.cnf
[ ca ]
# `man ca`
default_ca = CA_default
[ CA_default ]
# Directory and file locations.
dir = /root/ca/intermediate
certs = $dir/certs
crl_dir = $dir/crl
new_certs_dir = $dir/newcerts
@memogarcia
memogarcia / ca_openssl.cnf
Created Jun 21, 2018
/root/ca/openssl.cnf
View ca_openssl.cnf
[ ca ]
# `man ca`
default_ca = CA_default
[ CA_default ]
# Directory and file locations.
dir = /root/ca
certs = $dir/certs
crl_dir = $dir/crl
new_certs_dir = $dir/newcerts
@memogarcia
memogarcia / fuck-openldap.sh
Created Jun 19, 2018 — forked from jaseg/fuck-openldap.sh
Convert openldap .schema files to .ldif files
View fuck-openldap.sh
#!/usr/bin/env bash
# convert OpenLDAP schema file to LDIF file
#
# Copyright 2012 NDE Netzdesign und -entwicklung AG, Hamburg
# Written by Jens-U. Mozdzen <jmozdzen@nde.ag>
# Copyright 2014 jaseg <github@jaseg.net>
#
# Permission is granted to use, modify and redistribute this file as long as
# - this copyright notice is left unmodified and included in the final code
@memogarcia
memogarcia / console.log.md
Created Jun 14, 2018 — forked from mazgi/console.log.md
LDAP Auth for SSSD, SSH, SUDO
View console.log.md
# uname -a
Linux base 4.0.5-gentoo #1 SMP Wed Jul 1 02:23:16 JST 2015 x86_64 Intel(R) Xeon(R) CPU E5-2640 0 @ 2.50GHz GenuineIntel GNU/Linux

Packages

# emerge -pvq openldap openssh sssd sudo
[ebuild   R   ] net-nds/openldap-2.4.38-r2  USE="berkdb crypt gnutls ipv6 minimal sasl ssl syslog tcpd -cxx -debug -experimental -icu -iodbc -kerberos -odbc -overlays -perl -samba (-selinux) -slp -smbkrb5passwd" ABI_X86="(64) -32 (-x32)" 
@memogarcia
memogarcia / driver.py
Created Feb 8, 2018
patch for virt/libvirt/driver.py
View driver.py
# Copyright 2010 United States Government as represented by the
# Administrator of the National Aeronautics and Space Administration.
# All Rights Reserved.
# Copyright (c) 2010 Citrix Systems, Inc.
# Copyright (c) 2011 Piston Cloud Computing, Inc
# Copyright (c) 2012 University Of Minho
# (c) Copyright 2013 Hewlett-Packard Development Company, L.P.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
@memogarcia
memogarcia / api.py
Created Feb 8, 2018
Nova patch for stable/pike sqlalchemy api
View api.py
# Copyright (c) 2011 X.commerce, a business unit of eBay Inc.
# Copyright 2010 United States Government as represented by the
# Administrator of the National Aeronautics and Space Administration.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
@memogarcia
memogarcia / github_bugbountyhunting.md
Created Oct 7, 2017 — forked from EdOverflow/github_bugbountyhunting.md
My tips for finding security issues in GitHub projects.
View github_bugbountyhunting.md

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output
@memogarcia
memogarcia / collector.py
Last active Sep 8, 2016
Python ZMQ Push Pull Pattern
View collector.py
import time
import zmq
import pprint
def result_collector():
context = zmq.Context()
results_receiver = context.socket(zmq.PULL)
results_receiver.bind("tcp://127.0.0.1:5558")
collecter_data = {}
for x in xrange(1000):
You can’t perform that action at this time.