Aaron Meriwether p120ph37
p120ph37
/ VIPAccess.exp
Created
January 2, 2014 01:34
Command-line implementation of Symantec's "VIP Access" token application on OSX. This will read from the same secret key and produce the same time-based one-time-passwords as the GUI application, but with output that can be captured and used in scripts. This can be useful for things like automating two-factor AnyConnect VPN logins through openco…
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/expect -f | |
| # | |
| # VIPAccess.exp | |
| # | |
| # Command-line emulation of Symantec's VIP Access software token. | |
| # Usage: | |
| # ./VIPAccess.exp [v] | |
| # If the "v" argument (or any argument) is specified, verbose output | |
| # will be produced on stderr. The OTP value will be output on stdout. | |
| # |
p120ph37
/ cycle_passwords.exp
Created
February 3, 2026 17:06
A script that cycles through 25 password changes to clear your password history.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/expect -f | |
| # Script to cycle through password history on macOS | |
| # Usage: ./cycle_passwords.exp <current_password> <target_password> | |
| if {$argc != 2} { | |
| puts "Usage: $argv0 <current_password> <target_password>" | |
| puts "This script will change your password 25 times to clear history," | |
| puts "then set it to your target password." | |
| exit 1 |
p120ph37
/ discover_assumable_roles.py
Created
March 11, 2025 22:44
Python script to discover which roles you can assume in an AWS account
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import boto3 | |
| import botocore | |
| stsc = boto3.client('sts') | |
| iamc = boto3.client('iam') | |
| iamr = boto3.resource('iam') | |
| iam_paginator = iamc.get_paginator('list_roles') | |
| iam_page_iterator = iam_paginator.paginate() | |
| iam_user_arn = 'arn:aws:iam::369786485381:user/ameriwether' # iam_user.arn |
p120ph37
/ perl_inject.pl
Last active
January 23, 2025 00:21
Inject an eval into a running Perl process using GDB and temporarily capture STDERR.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/perl | |
| use warnings; | |
| use strict; | |
| use threads; | |
| use File::Temp; | |
| use POSIX qw/mkfifo/; | |
| my $pid = shift @ARGV; | |
| my $eval = shift @ARGV || 'require Carp; local $Carp::CarpLevel = 1; Carp::cluck(\'Currently\');'; | |
| my $thread = $ENV{'GDB_THREAD'} || 'all'; |
p120ph37
/ curl_file_exists.sh
Last active
January 2, 2024 23:36
How to test if a remote file exists from a shell script using curl.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| url='http://example.com/index.html' | |
| # "HEAD" request | |
| # (most servers support "HEAD", but some don't) | |
| if curl -sfILo/dev/null "$url"; then | |
| echo "URL exists" | |
| else | |
| echo "URL does not exist" | |
| fi |
p120ph37
/ csd-wrapper.sh
Last active
December 12, 2023 23:52
A simple implementation of a CSD-Wrapper as required for OpenConnect to comply with Cisco AnyConnect "hostscan" policies.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| unset URL TICKET STUB GROUP CERTHASH LANGSELEN | |
| shift | |
| while [ "$1" ]; do | |
| if [ "$1" == "-ticket" ]; then shift; TICKET=$1; fi | |
| if [ "$1" == "-stub" ]; then shift; STUB=$1; fi | |
| if [ "$1" == "-group" ]; then shift; GROUP=$1; fi | |
| if [ "$1" == "-certhash" ]; then shift; CERTHASH=$1; fi | |
| if [ "$1" == "-url" ]; then shift; URL=$1; fi |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| #################################################### | |
| ## ## | |
| ## PPP VPN split-network/split-DNS script for OSX ## | |
| ## by Aaron Meriwether ## | |
| ## ## | |
| ## installation: ## | |
| ## sudo cp thisfile /etc/ppp/ip-up ## | |
| ## sudo chmod 755 /etc/ppp/ip-up ## | |
| ## ## |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * HTTP POST with authentiction using "basic" method. | |
| * Hybrid of anyauthput.c and postinmemory.c | |
| * | |
| * Usage: | |
| * cc basicauthpost.c -lcurl -o basicauthpost | |
| * ./basicauthpost | |
| * | |
| */ | |
| #include <stdio.h> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| ((V=N=0)) | |
| while :; do | |
| ((V<<=6,++N)) | |
| IFS= read -n1 C && { | |
| printf -vC '%d' "'$C" | |
| ((C=C>64&&C<91?C-65:C>96&&C<123?C-71:C>47&&C<58?C+4:C==43?62:C==47?63:(V>>=6,--N,0),V|=C)) | |
| } | |
| ((N==4)) && { |
p120ph37
/ minio-client.sh
Last active
July 21, 2023 18:37
MinIO S3 in Alpine with instance-IAM-role credentials
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Using AWS instance IAM role to provide credentials to minio-client cli. | |
| # Works in Alpine 3.18+ (the minio-client package is not available in 3.17) | |
| # Should also work anywhere else minio, curl, and jq can run. | |
| # Provides a very-lightweight way to access S3 from Alpine | |
| apk add minio-client curl jq | |
| export MC_HOST_s3=$(curl -s http://169.254.169.254/latest/meta-data/iam/security-credentials/$(curl -s http://169.254.169.254/latest/meta-data/iam/security-credentials/ | head -1) | jq -r '"https://\(.AccessKeyId):\(.SecretAccessKey):\(.Token)@s3.amazonaws.com"') | |
| mcli ls s3/mybucket |
NewerOlder