Mischa Spiegelmock revmischa

## open_iot_security_cert.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                revmischa
                / open_iot_security_cert.md
            
            
              Created
              June 13, 2017 02:42
            
              
                Open IoT Security Certification Draft
              
          
    Level I - Basic

Network


Must use TLSv1.2 for all communications via WAN, preferably via LAN
Certificates must be verified on connection

Software/Firmware


No default username/password

Devices must not ship with a well-known username and/or password

Unless the password must be changed on first use
No backdoor passwords in firmware. This can be dumped and reversed and published.


## myapp.py

# sample usage:
class MyFlaskApp(Flask):
    ...
    def start_heartbeat(self):
        """Schedule periodic heartbeat updates."""
        if hasattr(self, 'heartbeat_sched'):
            raise Exception("Heartbeat already started")
        sched = self.get_scheduler()
        self.heartbeat_sched = sched

## xml2json.xslt
<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
<!--
  Copyright (c) 2006,2008 Doeke Zanstra
  All rights reserved.

  Redistribution and use in source and binary forms, with or without modification,
  are permitted provided that the following conditions are met:

  Redistributions of source code must retain the above copyright notice, this

## slack_mass_move.py
"""Mass invite users from one channel to another."""

from slacker import Slacker
from pprint import pprint

slack = Slacker('xxxxx')


me = slack.auth.test().body
me_id = me['user_id']

## queryparams.pl
#!/usr/bin/env perl

# convert postgres slow query log query w/ separate 'parameters:' line into an executable EXPLAIN ANALYZE query

use strict;
use warnings;
use Data::Dump qw/ddx/;

my $qfile = shift @ARGV or die "query file required";

## shitlink.pl
use vars qw/$VERSION %IRSSI/;
use strict;
use warnings;

$VERSION = '0.01';
%IRSSI = (
    authors     => 'revmischa',
    name        => "shitlink",
    description => 'Prevents visiting of shit links',
    license     => "BSD",

## gist:72134db9389c8c1ba439
#!/bin/bash

# usage: bin/slackmsg "blah blah blah"  =>  #engineering

# escape message for JSON:
MSG=$(printf '%q' $*)
echo $MSG

PAYLOAD="payload={\"channel\": \"#engineering\", \"username\": \"engbot\", \"text\": \"$MSG\", \"icon_emoji\": \":shipit:\"}"
echo $PAYLOAD

## gist:0ac56ddd2026ca1d05ee
        .section        .rodata
.hellostr:
        .string "Hello, world\n"

        .text
.globl _start
_start:
        pushq   %rbp
        movq    %rsp, %rbp

## install-plenv.sh
#!/bin/bash

# installs plenv, perl, carton, cpanminus, sets up environment in .bash_profile
# from https://github.com/tokuhirom/plenv#readme


PLENV_PERL_VERSION='5.18.1'

if [[ -n "$PERL_MB_OPT" ]]; then
    echo "You must unset your local::lib environment variables first"

## gist:7285088
0000000100000f2e        subq    $8, %rsp
0000000100000f32        xorl    %r12d, %r12d
0000000100000f35        leaq    68(%rip), %r14
0000000100000f3c        movl    $42, %r15d
new_line:
0000000100000f42        movswl  (%r14,%r12,2), %r13d
0000000100000f47        xorl    %ebx, %ebx
new_col:
0000000100000f49        btl     %ebx, %r13d
0000000100000f4d        movl    $95, %edi

	# sample usage:
	class MyFlaskApp(Flask):
	...
	def start_heartbeat(self):
	"""Schedule periodic heartbeat updates."""
	if hasattr(self, 'heartbeat_sched'):
	raise Exception("Heartbeat already started")
	sched = self.get_scheduler()
	self.heartbeat_sched = sched
	<?xml version="1.0" encoding="UTF-8"?>
	<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
	<!--
	Copyright (c) 2006,2008 Doeke Zanstra
	All rights reserved.

	Redistribution and use in source and binary forms, with or without modification,
	are permitted provided that the following conditions are met:

	Redistributions of source code must retain the above copyright notice, this
	"""Mass invite users from one channel to another."""

	from slacker import Slacker
	from pprint import pprint

	slack = Slacker('xxxxx')


	me = slack.auth.test().body
	me_id = me['user_id']
	#!/usr/bin/env perl

	# convert postgres slow query log query w/ separate 'parameters:' line into an executable EXPLAIN ANALYZE query

	use strict;
	use warnings;
	use Data::Dump qw/ddx/;

	my $qfile = shift @ARGV or die "query file required";
	use vars qw/$VERSION %IRSSI/;
	use strict;
	use warnings;

	$VERSION = '0.01';
	%IRSSI = (
	authors => 'revmischa',
	name => "shitlink",
	description => 'Prevents visiting of shit links',
	license => "BSD",
	#!/bin/bash

	# usage: bin/slackmsg "blah blah blah" => #engineering

	# escape message for JSON:
	MSG=$(printf '%q' $*)
	echo $MSG

	PAYLOAD="payload={\"channel\": \"#engineering\", \"username\": \"engbot\", \"text\": \"$MSG\", \"icon_emoji\": \":shipit:\"}"
	echo $PAYLOAD
	.section .rodata
	.hellostr:
	.string "Hello, world\n"

	.text
	.globl _start
	_start:
	pushq %rbp
	movq %rsp, %rbp
	#!/bin/bash

	# installs plenv, perl, carton, cpanminus, sets up environment in .bash_profile
	# from https://github.com/tokuhirom/plenv#readme


	PLENV_PERL_VERSION='5.18.1'

	if [[ -n "$PERL_MB_OPT" ]]; then
	echo "You must unset your local::lib environment variables first"
	0000000100000f2e subq $8, %rsp
	0000000100000f32 xorl %r12d, %r12d
	0000000100000f35 leaq 68(%rip), %r14
	0000000100000f3c movl $42, %r15d
	new_line:
	0000000100000f42 movswl (%r14,%r12,2), %r13d
	0000000100000f47 xorl %ebx, %ebx
	new_col:
	0000000100000f49 btl %ebx, %r13d
	0000000100000f4d movl $95, %edi