I hereby claim:
- I am tam7t on github.
- I am tam7t (https://keybase.io/tam7t) on keybase.
- I have a public key whose fingerprint is B657 60A9 D721 1834 546F 17A3 5080 6B38 E22D 571D
To claim this, I am signing this object:
require 'rails_helper' | |
describe 'OpenSSL' do | |
describe 'configuration' do | |
it 'is secure' do | |
expect(JSON.parse(Faraday.get('https://www.howsmyssl.com/a/check').body)['rating']).to eq 'Probably Okay' | |
end | |
end |
I hereby claim:
To claim this, I am signing this object:
package main | |
import "fmt" | |
import "syscall" | |
import "os" | |
import "os/signal" | |
import "time" | |
import "runtime/pprof" | |
func main() { |
/* pemedit - certificate manipulation tool | |
* by @tam7t | |
* | |
* Usage: | |
* > go build pemedit.go | |
* > ./pemedit.go -in=server.pem -cn=google.com > cert.new.pem | |
* > openssl x509 -in cert.new.pem -text -noout | |
*/ | |
package main |
<html> | |
<head> | |
<title>title</title> | |
<script> | |
var someHtmlString = "</script><script>alert('hi!');</script><script>"; | |
</script> | |
</head> | |
<body> | |
<h1>this is a test</h1> |
# plusminus.rb by @tam7t | |
# | |
# Prereqs: | |
# gem install octokit time_diff colorize | |
# | |
# Usage: | |
# API_TOKEN=<GITHUB API TOKEN> ruby plusminus.rb | |
# | |
# Optional Params: | |
# ENDPOINT=<ghe endpoint> |
public class DoesNotWork { | |
public static void main(String[] args) { | |
// this will compile once, fail on execution, and subsequent compiles fail | |
Messages.Status me = Messages.Status.newBuilder().buildPartial(); | |
System.out.println("It Works!"); | |
} | |
} |
-----BEGIN CERTIFICATE----- | |
MIIDPzCCAiegAwIBAgIUHDx4FbvRISzuQcMBM78XW3fmzlUwDQYJKoZIhvcNAQEL | |
BQAwFDESMBAGA1UEAxMJbG9jYWxob3N0MB4XDTE1MTIxNDE3NDY1OFoXDTE1MTIx | |
NzE3NDY1OFowFDESMBAGA1UEAxMJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEF | |
AAOCAQ8AMIIBCgKCAQEArj3DK+XkPH4KKsB8qFzoLcNQf9wf+Pcp92sfY2/2T3Mw | |
+nkO5jjPGRQbshkU2WUe59uvaviUC8AdlazwJk4vi5H1n5ZMLfBjXZffhd0nJcsR | |
mHQJix/8jtBYlpzHv/4tVa9k3v+QA3yjfj6o9kpt5FA1wYmoiMd40aCwX1qWRVRD | |
HpUCh2+gIldj8y/GNEpxwTjPA1GAtxkkD+OS/mEV6Rse4et9D6uQoa69OvDtOyR1 | |
sNofuORiQ47MPNF56wNSGdrBFxFWErkZqYdYdAaqjOei9kdDmQ74C9rY6hkEvYO+ | |
Vkp3pYWj3Y5BQIUZa5DGBzmPlXWqKWfj7L+PlZww5QIDAQABo4GIMIGFMA4GA1Ud |
texas:~ tam7t$ python | |
Python 2.7.3 (v2.7.3:70274d53c1dd, Apr 9 2012, 20:52:43) | |
[GCC 4.2.1 (Apple Inc. build 5666) (dot 3)] on darwin | |
Type "help", "copyright", "credits" or "license" for more information. | |
>>> exit | |
Use exit() or Ctrl-D (i.e. EOF) to exit | |
>>> exit() | |
Segmentation fault: 11 |
A work in progress collection of resources for securing a kubernetes cluster.
A good understanding of the k8s architecture and automating operations of your cluster is probably the best place to start:
It should also be noted that the kubelet
api has no authentications and allows for remote code execution (this is how kubectl exec
works).