Skip to content

Instantly share code, notes, and snippets.

Tod Beardsley todb-r7

Block or report user

Report or block todb-r7

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View issw-turbo.md

ISSW Turbo Talks!

  1. No photography, recording, or other attribution of material.
  2. 10 minutes is good, 5 minutes is better.
  3. Get your last orders in before 13:15.
  4. Tell @todb if you're gonna talk.
  5. Speakers get $10 drink tickets!
  6. Join Slack, below!

@todb-r7
todb-r7 / .bashrc
Created Jan 15, 2016
Prompt for Ruby sanity
View .bashrc
# RVM prompt, two line style.
function git-current-branch {
git branch 2> /dev/null | sed -e '/^[^*]/d' -e 's/* \(.*\)/(\1) /'
}
export PS1="[\$(~/.rvm/bin/rvm-prompt)]\n\$(git-current-branch)$PS1"
@todb-r7
todb-r7 / module-commit-counts.txt
Created Dec 31, 2015
Modules sorted by commit counts, Dec 31, 2015
View module-commit-counts.txt
Sorted modules by commit counts
modules/exploits/windows/smb/psexec.rb 106
modules/exploits/windows/smb/ms08_067_netapi.rb 73
modules/exploits/multi/http/tomcat_mgr_deploy.rb 65
modules/exploits/multi/http/jboss_bshdeployer.rb 51
modules/exploits/multi/http/jboss_maindeployer.rb 49
modules/exploits/multi/http/jboss_deploymentfilerepository.rb 49
modules/exploits/windows/local/bypassuac.rb 47
modules/exploits/multi/browser/java_signed_applet.rb 47
@todb-r7
todb-r7 / r7-2015-05-advisory.md
Last active Aug 29, 2015
Ceragon FibeAir IP-10 SSH Private Key Exposure (CVE-2015-0936)
View r7-2015-05-advisory.md

Ceragon FibeAir IP-10 SSH Private Key Exposure (CVE-2015-0936)

Product Description

Ceragon produces a series of ruggedized, microwave backhaul devices used to provide connectivity to mobile, IP-based devices; usually, these devices are found in either large industrial environments, or installed on towers to provide "middle-mile" connectivity to mobile customers on behalf of ISPs. In other words, a FibeAir IP-10 typically act as a router of IP traffic. A compromise on these devices can expose the

View r7-new-community.txt
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On or around March 31, 2015, if you are a registered user of
the Rapid7 Community at community.rapid7.com, you will notice
that your password will be automatically expired out, you
will get a password reset notification from community@rapid7.com,
and you will notice some significant changes on the site.
This is not a trick. We have not suffered a redirection
View psqlfix.txt
mike@rbci:~$ psql -U postgres
psql (9.0.3)
Type "help" for help.
postgres=# update pg_database set datallowconn = TRUE where datname = 'template0';
UPDATE 1
postgres=# \c template0
You are now connected to database "template0".
template0=# update pg_database set datistemplate = FALSE where datname = 'template1';
UPDATE 1
@todb-r7
todb-r7 / .gitconfig
Created Nov 26, 2014
Safely publish local changes to upstream master
View .gitconfig
[alias]
# A pretty and short commit log which notes signed commits
nicelog = log --pretty=format:'%Cred%h%Creset -%Creset %s %Cgreen(%cr) %C(bold blue)<%aE>%Creset [%G?]'
# Get the current tracking branch, eg, upstream/master
tracking = !"git branch -vv | grep \\* | sed 's#.*\\[\\(.*\\)[]].*#\\1#' | cut -f 1 -d :"
# Get the current tracking branch remote, eg, upstream
tracking-remote = !"git tracking | cut -f 1 -d /"
# Fetch and rebase from the current tracking remote, preserving and re-signing local merges.
fetch-preserve-merges = !"git fetch $(git tracking-remote) && \
git rebase --preserve-merges && \
@todb-r7
todb-r7 / bio.md
Last active May 15, 2019
My standard bio
View bio.md

Less than 100 words:

Tod Beardsley is the Director of Research at Rapid7. He has over 30 years of hands-on security experience, stretching from in-band telephony switching to modern IoT implementations. He has held IT Ops and Security positions in large organizations such as 3Com, Dell, and Westinghouse, as both an offensive and defensive practitioner.

Today, Tod directs the security research program at Rapid7, is a frequent speaker at industry conferences, is a CVE Board member, and is a contributing author to a number of research papers produced by Rapid7.

Tod can be uniquely identified at https://keybase.io/todb.

Headshots:

View keybase.md

Keybase proof

I hereby claim:

  • I am todb-r7 on github.
  • I am todb (https://keybase.io/todb) on keybase.
  • I have a public key whose fingerprint is EE65 1F33 B47F 3016 ACDD 5EED BD63 D0A3 EA19 CAAC

To claim this, I am signing this object:

@todb-r7
todb-r7 / todb-key.txt
Created Nov 6, 2014
GPG/PGP Key EA19CAAC (replaces ADB9F193)
View todb-key.txt
Public Key Server -- Get `0xbd63d0a3ea19caac`
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: SKS 1.1.4
Comment: Hostname: pgp.mit.edu
mQINBFRb3ZcBEADUru6i1+uqptYb03/dECS0yL5i3dKhKjmdpBUFAnzl2ztPltTFyC3oUEna
vFshtz6rxwKeBYiDEBhJI5wC6GtjnPDLLwDDb1zQYidhOBv9U0gHYJT9qhIyVo6k9M925MAa
K7J2XjG7qR9RTIyw74i9trFVGr/m4+W6J5o2C1V/IZmwduZSMBrwpJKBdK74sIZI2RgIKS9z
zZb92ggZykyOXADESG1TgNmZ+evhKT7eCujYSW/gysgODHQwJhBGOdbod5MiLmsb5fjWD1AB
You can’t perform that action at this time.