Skip to content

Instantly share code, notes, and snippets.

View tonejito's full-sized avatar
🐰
= ^ . ^ =

Andres Hernandez tonejito

🐰
= ^ . ^ =
43 followers · 6 following
View GitHub Profile
@tonejito
tonejito / Makefile
Last active September 29, 2022 00:39
Full width separator with Perl or (bash) shell magic
SHELL=/bin/bash
# = ^ . ^ =
SEP?=-
COLS=$(shell tput cols)
.PHONY: separator test
test:
@$(MAKE) -s separator
@tonejito
tonejito / patch_zoom-us_vuln_CVE-2019-13450.sh
Last active July 9, 2019 19:11
Patch @zoom-us vulnerability on macOS (CVE-2019-13450) reported by @JLLeitschuh
#!/bin/bash -vxe
# = ^ . ^ =
# https://medium.com/@jonathan.leitschuh/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5
# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13449
# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13450
# https://gist.github.com/JLLeitschuh/e2550ddd8d6dfd94447b0b557891ba30.git
# https://gist.github.com/tonejito/6a564deb45b50407f6bc8a8a140f027b.git
# https://twitter.com/JLLeitschuh/status/1148310958391091200
# https://twitter.com/jdpearce/status/1148507087862947840
@tonejito
tonejito / iptables-apache
Last active April 8, 2019 21:37
Log and DROP "abnormal" @apache / HTTPD connections
# Generated by iptables-save v1.4.21 on Wed Dec 26 00:02:00 2018
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:APACHE - [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -s 10.0.0.0/8 -j ACCEPT
@tonejito
tonejito / audit-apache-procs
Last active April 8, 2019 21:17
Audit @apache HTTPD processes for live forensic analysis
#!/bin/bash
# Create and change to ${TMP_DIR}
TMP_DIR=${HOME}/tmp
test -e ${TMP_DIR} || mkdir -vp ${TMP_DIR}
cd ${TMP_DIR}
# Output files in ${TMP_DIR}
PS_FILE=ps.log
NETSTAT_FILE=netstat.log
@tonejito
tonejito / append-docker-logout.sh
Created March 26, 2019 00:48
Append @docker logout to ~/.bash_logout
#!/bin/bash
# https://docs.docker.com/engine/reference/commandline/login/
# https://docs.docker.com/engine/reference/commandline/logout/
BASH_LOGOUT=~/.bash_logout
grep "docker logout" ${BASH_LOGOUT}
test -e ${BASH_LOGOUT} -a "$?" -eq 0 || echo "docker logout" | tee -a ${BASH_LOGOUT}
@tonejito
tonejito / pizzas.py
Last active March 21, 2019 19:09
Creo que deberíamos de comer mas sano CC @nehnemini
#!/usr/bin/env python
# = ^ . ^ =
import math
pi = math.pi
a = 2 * pi
print "a = 2 * pi => " , a
b = pi ** a
@tonejito
tonejito / helm-install.md
Last active February 19, 2019 00:41
Installing helm on OpenSUSE Kubic kubeadm host
@tonejito
tonejito / copy-id.awk
Created January 24, 2019 20:03
Copy ssh public key for mass deployments
{print " export SSHPASS=\""$2"\"; sshpass -e ssh-copy-id -o StrictHostKeyChecking=no -i "$3" root@"$1""}
@tonejito
tonejito / check_CVE-2019-3462.sh
Last active January 24, 2019 00:25
Check @Debian and @ubuntu #GNU / @Linux for CVE-2019-3462 in APT
#!/bin/bash
# https://www.debian.org/security/2019/dsa-4371
# https://security-tracker.debian.org/tracker/CVE-2019-3462
function check()
{
dpkg --compare-versions ${1} ge ${2}
if [ "$?" -eq 0 ]
@tonejito
tonejito / apt-dep-list
Created January 18, 2019 05:07
List all dependencies of a @Debian package via apt-cache
#!/bin/bash -vx
# SBoM - Software Bill of Materials
# As seen in @TheHackersNews
# https://twitter.com/TheHackersNews/status/1085606422379970560?s=19
apt-cache depends --recurse \
--no-recommends --no-suggests --no-conflicts --no-breaks --no-replaces --no-enhances --no-pre-depends \
${1}
| grep "^\w"
| sort -u