Skip to content

Instantly share code, notes, and snippets.

View tomoyk's full-sized avatar
🐳
Containerize

Tomoyuki KOYAMA tomoyk

🐳
Containerize
61 followers · 141 following
View GitHub Profile
@walm
walm / main.go
Last active May 15, 2024 06:01
Simple Golang DNS Server
package main
import (
"fmt"
"log"
"strconv"
"github.com/miekg/dns"
)
@sagivo
sagivo / gist:3a4b2f2c7ac6e1b5267c2f1f59ac6c6b
Last active May 29, 2024 13:06
webRTC stun / turn server list
to check if the server works - https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice
stun:
stun.l.google.com:19302,
stun1.l.google.com:19302,
stun2.l.google.com:19302,
stun3.l.google.com:19302,
stun4.l.google.com:19302,
stun.ekiga.net,
stun.ideasip.com,
@smoser
smoser / README.md
Last active May 26, 2024 16:46
set up a ssh tunnel only user for ssh proxy jump

Set up a ssh tunnel only user

In order to give someone access to hosts that are available only by ssh "bouncing" (ProxyJump), add a user for this specific purpose.

We have an internal openstack where instances get IPs on per-tenant networks. Each tenant has a 'bastion' host that has a "public" ip (floating ip). You can access other instances by bouncing through the bastion. From time to time I want to let someone else into an instance. This could be done either with:

a.) just give them shell access to the bastion and let them hop through. Sharing an unrestricted shell account on my bastion is less than ideal. b.) assign a floating/"public" IP to the instance so they could go directly in. Floating IPs are limited, so this is less than ideal.

So instead, I have set up a single user as described here that can only be used for ProxyJump. It allows others proxied access to my instances but without granting them full shell access.

@ykst
ykst / lua-nginx-cheatsheet.md
Last active February 7, 2024 15:17
逆引きlua-nginx-module
@akashnimare
akashnimare / README.md
Last active May 28, 2024 14:40
A Beginners Guide to writing a Kickass README ✍

Project title

A little info about your project and/ or overview that explains what the project is about.

Motivation

A short description of the motivation behind the creation and maintenance of the project. This should explain why the project exists.

Build status

Build status of continus integration i.e. travis, appveyor etc. Ex. -

Build Status

@gcchaan
gcchaan / 研修資料まとめ.md
Last active June 9, 2024 14:07
@udzura
udzura / peco-git-checkout.zsh
Created June 14, 2016 05:53
function peco-git-checkout () {
local selected_branch=$(git branch --list --no-color | colrm 1 2 | peco)
if [ -n "$selected_branch" ]; then
BUFFER="git checkout ${selected_branch}"
zle accept-line
fi
}
zle -N peco-git-checkout
bindkey '^[;^[c' peco-git-checkout
@kmassada
kmassada / NGINX-GROK-ELASTICSEARCH.md
Last active August 3, 2022 16:26
nginx grok

http://grokdebug.herokuapp.com

SAMPLE

127.0.0.1 - - [26/Mar/2016:19:09:19 -0400] "GET / HTTP/1.1" 401 194 "" "Mozilla/5.0 Gecko" "-"

MATCH

%{IPORHOST:clientip} (?:-|(%{WORD}.%{WORD})) %{USER:ident} \[%{HTTPDATE:timestamp}\] "(?:%{WORD:verb} %{NOTSPACE:request}(?: HTTP/%{NUMBER:httpversion})?|%{DATA:rawrequest})" %{NUMBER:response} (?:%{NUMBER:bytes}|-) %{QS:referrer} %{QS:agent} %{QS:forwarder}

Output

@apolloclark
apolloclark / Kali 2016.1, Docker Install script
Last active February 23, 2022 15:10
#!/bin/bash
# update apt-get
export DEBIAN_FRONTEND="noninteractive"
sudo apt-get update
# remove previously installed Docker
sudo apt-get purge lxc-docker*
sudo apt-get purge docker.io*
@nishimunea
nishimunea / cve_2015_6759.md
Created December 18, 2015 21:26

Cross-origin Data leakage in Chrome

これは「脆弱性"&'<<>\ Advent Calendar 2015」の12月19日の記事です。

この記事では Chrome 46 で修正された CVE-2015-6759 を紹介します。この脆弱性は先月の AVTOKYO 2015 でも披露したので、ご存じの方もいるかもしれません。

この脆弱性は、data:blob: という2つの特殊なURLを組み合わせることにより、Chrome のオリジン判定を誤らせ、結果として、ネットワーク上から file: スキームの localStorage のデータを読み出すことができるというものです。仮にユーザが file: スキームの localStorage にトークンなどの機密情報を格納している場合、悪意のあるリンクを開くだけでそれらの情報が盗まれてしまいます。

この脆弱性のメカニズムはやや複雑ですので、data: URL と blob: URL の性質から順を追って説明します。これらをある程度知っている方は、前半部分を読み飛ばしても構いません。