Skip to content

Instantly share code, notes, and snippets.

View russau's full-sized avatar

Russ Sayers russau

14 followers · 3 following
View GitHub Profile
@russau
russau / jwt_maker.py
Created March 23, 2024 21:05
Assume a role with open id connect
from jose import jwt
import datetime
import boto3
# private key
key = {
"p": "snip"
}
# create a JWT token that will be accepted by the role trust policy
@russau
russau / check_certs.sh
Last active January 11, 2024 07:59
Cert checker
for domain in labsportal.net guacz-us-west-2.labsportal.net \
guacz-ap-southeast-2.labsportal.net \
guacz-eu-central-1.labsportal.net \
guacz-ap-south-1.labsportal.net
do
echo "Domain: ${domain}"
echo | openssl s_client -connect sub.${domain}:443 2>&1 | openssl x509 -startdate -enddate -noout 2>&1 | grep -E 'notBefore|notAfter'
echo
done
@russau
russau / 1-setup.sh
Created January 2, 2024 21:57
#!/bin/bash
BUCKET_ID=$(dd if=/dev/random bs=8 count=1 2>/dev/null | od -An -tx1 | tr -d ' \t\n')
BUCKET_NAME=lambda-artifacts-$BUCKET_ID
echo $BUCKET_NAME > bucket-name.txt
aws s3 mb s3://$BUCKET_NAME
echo "Enter your cluster name: "
read CLUSTER_NAME
echo $CLUSTER_NAME > cluster-name.txt
@russau
russau / app.py
Last active August 22, 2023 01:42
Async aioboto3 from lambda
import asyncio
import aioboto3
session = aioboto3.Session()
async def main():
async with session.client("ec2") as ec2:
tasks = await asyncio.gather(
ec2.describe_regions(),
ec2.describe_instances()
@russau
russau / mod3_sdk_locking.py
Created November 30, 2022 08:54
# see a list of API versions here: https://github.com/boto/botocore/tree/master/botocore/data
import boto3
versions = ["2014-09-01",
"2014-10-01",
"2015-03-01",
"2015-04-15",
"2015-10-01",
"2016-04-01",
"2016-09-15",
@russau
russau / curl sig v4
Last active October 27, 2022 00:09
keys=($(aws sts assume-role --role-arn "arn:aws:iam::012345678912:role/ec2-readonly-role" \
--role-session-name session1 \
--query "[Credentials.AccessKeyId,Credentials.SecretAccessKey,Credentials.SessionToken]" \
--output text))
export AKI=${keys[1]} ; export SAK=${keys[2]} ; export ST=${keys[3]}
curl 'https://ec2.ap-southeast-2.amazonaws.com/?Action=DescribeInstances' \
--aws-sigv4 aws:amz:ap-southeast-2:ec2 \
--user "${AKI}:${SAK}" \
@russau
russau / cmd-eks.go
Created June 19, 2022 00:54
package main
import (
"context"
b64 "encoding/base64"
"fmt"
awsconfig "github.com/aws/aws-sdk-go-v2/config"
"github.com/aws/aws-sdk-go-v2/service/eks"
"github.com/aws/aws-sdk-go-v2/service/sts"
@russau
russau / clipboard.py
Created June 3, 2022 02:42
from pynput import keyboard
from pynput.keyboard import Key
import subprocess
file1 = open('clipboard.txt', 'r')
lines = file1.readlines()
controller = keyboard.Controller()
def copyAndPasta(command):
@russau
russau / certificate
Last active January 13, 2022 10:39
Verify EC2 PKCS7 Signature in Python
-----BEGIN CERTIFICATE-----
MIIC7TCCAq0CCQCWukjZ5V4aZzAJBgcqhkjOOAQDMFwxCzAJBgNVBAYTAlVTMRkw
FwYDVQQIExBXYXNoaW5ndG9uIFN0YXRlMRAwDgYDVQQHEwdTZWF0dGxlMSAwHgYD
VQQKExdBbWF6b24gV2ViIFNlcnZpY2VzIExMQzAeFw0xMjAxMDUxMjU2MTJaFw0z
ODAxMDUxMjU2MTJaMFwxCzAJBgNVBAYTAlVTMRkwFwYDVQQIExBXYXNoaW5ndG9u
IFN0YXRlMRAwDgYDVQQHEwdTZWF0dGxlMSAwHgYDVQQKExdBbWF6b24gV2ViIFNl
cnZpY2VzIExMQzCCAbcwggEsBgcqhkjOOAQBMIIBHwKBgQCjkvcS2bb1VQ4yt/5e
ih5OO6kK/n1Lzllr7D8ZwtQP8fOEpp5E2ng+D6Ud1Z1gYipr58Kj3nssSNpI6bX3
VyIQzK7wLclnd/YozqNNmgIyZecN7EglK9ITHJLP+x8FtUpt3QbyYXJdmVMegN6P
hviYt5JH/nYl4hh3Pa1HJdskgQIVALVJ3ER11+Ko4tP6nwvHwh6+ERYRAoGBAI1j
@russau
russau / README.md
Last active October 26, 2021 02:41
Extract Certificate from Vaccination QR

Getting my head around the QR codes in the International COVID-19 Vaccination Certificate. This will run in a ubuntu:20.04 container.

  • zbarimg decodes the QR
  • sed replaces out the non-json I don't want
  • jq gets the certificate from the json
  • tr convert from base64url to base64
  • openssl to dump the certificate