Skip to content

Instantly share code, notes, and snippets.

Avatar
💭
💪

Guillermo García memogarcia

💭
💪
View GitHub Profile
@memogarcia
memogarcia / gist:30aec4532dd0ebd0acbb430fcadb81c3
Created Apr 13, 2020 — forked from zzzeek/gist:f5bc2a104ce6eed5187e268ccfd73c01
turn off pacemaker and bootstrap galera manually
View gist:30aec4532dd0ebd0acbb430fcadb81c3
--- 1. prevent pacemaker from managing galera
# pcs resource unmanage galera
--- 2. make sure ***mysql is not running on any node***. To bootstrap, mysql has to be completely shut down:
# ps -ef | grep mysql
< nothing, on all three controllers >
--- 3. Choose the node you want to bootstrap and run mysqld_safe with --wsrep-new-cluster:
@memogarcia
memogarcia / monitor_service.py
Created Jun 28, 2018 — forked from piraz/monitor_service.py
Script that monitors a service running on systemd. If service is not running the script will try to start the service.
View monitor_service.py
#!/bin/python
#
# Copyright 2016 Flavio Garcia
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
@memogarcia
memogarcia / fuck-openldap.sh
Created Jun 19, 2018 — forked from jaseg/fuck-openldap.sh
Convert openldap .schema files to .ldif files
View fuck-openldap.sh
#!/usr/bin/env bash
# convert OpenLDAP schema file to LDIF file
#
# Copyright 2012 NDE Netzdesign und -entwicklung AG, Hamburg
# Written by Jens-U. Mozdzen <jmozdzen@nde.ag>
# Copyright 2014 jaseg <github@jaseg.net>
#
# Permission is granted to use, modify and redistribute this file as long as
# - this copyright notice is left unmodified and included in the final code
@memogarcia
memogarcia / console.log.md
Created Jun 14, 2018 — forked from mazgi/console.log.md
LDAP Auth for SSSD, SSH, SUDO
View console.log.md
# uname -a
Linux base 4.0.5-gentoo #1 SMP Wed Jul 1 02:23:16 JST 2015 x86_64 Intel(R) Xeon(R) CPU E5-2640 0 @ 2.50GHz GenuineIntel GNU/Linux

Packages

# emerge -pvq openldap openssh sssd sudo
[ebuild   R   ] net-nds/openldap-2.4.38-r2  USE="berkdb crypt gnutls ipv6 minimal sasl ssl syslog tcpd -cxx -debug -experimental -icu -iodbc -kerberos -odbc -overlays -perl -samba (-selinux) -slp -smbkrb5passwd" ABI_X86="(64) -32 (-x32)" 
@memogarcia
memogarcia / github_bugbountyhunting.md
Created Oct 7, 2017 — forked from EdOverflow/github_bugbountyhunting.md
My tips for finding security issues in GitHub projects.
View github_bugbountyhunting.md

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output
View frontendDevlopmentBookmarks.md