Skip to content

Instantly share code, notes, and snippets.

View taigrr's full-sized avatar
🧄
Working on grlx

Tai Groot taigrr

🧄
Working on grlx
View GitHub Profile
package main
import (
"fmt"
"os"
"time"
"github.com/charmbracelet/bubbles/stopwatch"
tea "github.com/charmbracelet/bubbletea"
)
@taigrr
taigrr / Megathread.md
Last active June 3, 2020 00:04
salt-store-miner megathread copypasta

SaltStack CVE-2020-11651 and CVE-2020-11652 Attack

Pre-Update

May 5, 7:00PM PST:

If you are reading this for the first time now, you will now need to nuke and destroy any system paired (e.g. minions) to an exploitable salt master. You should also create a new salt master. I recommend creating a backup first for forensics, but do not plan on ever reusing these systems. Information on how to tell if you could be affected is available below.

### Keybase proof
I hereby claim:
* I am taigrr on github.
* I am taigrr (https://keybase.io/taigrr) on keybase.
* I have a public key ASAXXeUAA5yDNZvfPfNDA54ovS-LAkP-ctMehvqpyWVrnAo
To claim this, I am signing this object: