Lars Vierbergen vierbergenlars

## nmbs-update.sh
#!/bin/bash -e
data="$(curl -A "delay-notification/1.0 (irail@vbgn.be)" https://api.irail.be/connections/\?from\=$IRAIL_FROM\&to\=$IRAIL_TO\&format\=json\&time=$IRAIL_TIME)"

connection="$(echo "$data" |  jq '[.connection[] | select(has("vias") == false and .departure.left == "0")][0]')" # First one that goes straight through and has not left
delay="$[ $(echo "$connection" | jq '.departure.delay' -r) / 60 ]"
train_id="$(echo "$connection" | jq '.departure.vehicle' -r)"
departure_time_unix="$(echo "$connection" | jq  '(.departure.delay|tonumber) + (.departure.time|tonumber)' -r)"
departure_time="$(date --date=@$departure_time_unix +%R)"
canceled="$(echo "$connection" | jq '.departure.canceled' -r)"

## README.md

      
              3 files
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                vierbergenlars
                / README.md
            
            
              Last active
              July 20, 2019 11:39
            
          
    Breaking consul DNS with dnsmasq forwarding

Reproduction steps


docker-compose up
Find the UDP port that dnsmasq is listening on (docker ps)
Send a DNS query.

dig @127.0.0.1 -p <dnsmasq port> A consul.service.consul (This works and resolves to 127.0.0.1)
dig @127.0.0.1 -p <dnsmasq port> DS consul.service.consul (This does not work and times out in dig)


Have a look at your consul and dnsmasq logs. You have now succesfully DoS'ed consul and dnsmasq DNS.


## docker-intercept.sh
#!/bin/bash
# Call as docker-intercept <container-name> <port-inside-container> <port-on-host>
set -e
container="$1"
container_port="$2"
host_port="$3"

network_id="$(docker inspect "$container" | jq '.[0].NetworkSettings.Networks | to_entries | .[0].value.NetworkID' -r)"
container_ip="$(docker inspect "$container" | jq '.[0].NetworkSettings.Networks | to_entries | .[0].value.IPAddress' -r)"

## AuthenticationHandler.java
package com.activiti.extension.bean.eu.xenit.xyz.repo.workflow.activiti;

import net.sf.acegisecurity.providers.dao.User;
import org.activiti.engine.delegate.DelegateExecution;
import org.activiti.engine.delegate.DelegateTask;
import org.activiti.engine.delegate.ExecutionListener;
import org.activiti.engine.delegate.JavaDelegate;
import org.activiti.engine.delegate.TaskListener;
import org.activiti.engine.delegate.VariableScope;
import org.alfresco.repo.security.authentication.AuthenticationUtil;

## build.gradle
plugins {
    id 'eu.xenit.docker-alfresco' version '4.0.2'
}

repositories {
    mavenCentral()
    jcenter()
    maven {
        url "https://artifacts.alfresco.com/nexus/content/groups/public/"
    }

## statistics.sh
git ls-files | grep -v .jpg$ | grep -v .min.js$ | grep -v composer | grep -v views/errors | grep -v application/config | xargs -n1 git blame -w | ruby -n -e '$_ =~ /^.*\(([a-zA-Z ]+)\d{4}/; puts $1' | sed 's/ //g' | sort -f | uniq -c | sort -n

git log --no-merges --shortstat --use-mailmap --format='%aE'  -- application/cache application/config application/controllers application/core application/helpers application/hooks application/index.html application/language application/libraries application/logs application/migrations application/models application/resources application/third_party application/views |sed 's/\(.*\)@.*/\1/' | grep -v "^$" | awk 'BEGIN { line=""; } !/^ / { if (line=="" || !match(line, $0)) {line = $0 "," line }} /^ / { print line " # " $0; line=""}' | sort | sed -E 's/# //;s/ files? changed,//;s/([0-9]+) ([0-9]+ deletion)/\1 0 insertions\(+\), \2/;s/\(\+\)$/\(\+\), 0 deletions\(-\)/;s/insertions?\(\+\), //;s/ deletions?\(-\)//' | awk 'BEGIN {name=""; files=0; insertions=0; deletions=0;}

## a-wp-update-notfier-crontab
0 0 * * 1 bash -c 'update_check=$($HOME/bin/wp core check-update --path=$HOME/apps/wordpress-main); if [[ ! "$update_check" =~ ^Success: ]]; then echo -e "Please update wordpress to the latest version.\n$update_check"| mail $USER -s "Wordpress update"; fi'

## migrate-dokuwiki-to-authserver.php
<?php

if($_SERVER['argc'] != 2) {
    printf("%s dokuwiki_users\n", $_SERVER['argv'][0]);
    echo "Converts all users found in the dokuwiki users.auth.php file 'dokuwiki_users'\n";
    echo "to SQL to be imported in the authserver database. (on stdout) \n";
    exit(1);
}
$dokuwikiUsers = file($_SERVER['argv'][1], FILE_SKIP_EMPTY_LINES|FILE_IGNORE_NEW_LINES);
$dokuwikiUsers = array_filter($dokuwikiUsers, function($line) { return $line[0] !== '#'; });

## gist:5459016b021ee604bd72
bad_trees=$(git fsck 2>&1 | awk '{print $4}' | sed s/://)
commits_with_bad_root_tree=$(git log --pretty=format:%H:%T | grep -E '('$(echo "$bad_trees" | tr "\n" '|' | sed s/.$//)')$' | cut -d: -f1)

echo "$bad_trees" | wc -l
echo "$commits_with_bad_root_tree" | wc -l

echo "$commits_with_bad_root_tree" | git log --stdin

## 01-lexer.php
<?php

namespace vierbergenlars\Norch\QueryParser;

class Lexer
{

    /**
     * This class should not be instanciated
     */
	#!/bin/bash -e
	data="$(curl -A "delay-notification/1.0 (irail@vbgn.be)" https://api.irail.be/connections/\?from\=$IRAIL_FROM\&to\=$IRAIL_TO\&format\=json\&time=$IRAIL_TIME)"

	connection="$(echo "$data" \| jq '[.connection[] \| select(has("vias") == false and .departure.left == "0")][0]')" # First one that goes straight through and has not left
	delay="$[ $(echo "$connection" \| jq '.departure.delay' -r) / 60 ]"
	train_id="$(echo "$connection" \| jq '.departure.vehicle' -r)"
	departure_time_unix="$(echo "$connection" \| jq '(.departure.delay\|tonumber) + (.departure.time\|tonumber)' -r)"
	departure_time="$(date --date=@$departure_time_unix +%R)"
	canceled="$(echo "$connection" \| jq '.departure.canceled' -r)"
	#!/bin/bash
	# Call as docker-intercept <container-name> <port-inside-container> <port-on-host>
	set -e
	container="$1"
	container_port="$2"
	host_port="$3"

	network_id="$(docker inspect "$container" \| jq '.[0].NetworkSettings.Networks \| to_entries \| .[0].value.NetworkID' -r)"
	container_ip="$(docker inspect "$container" \| jq '.[0].NetworkSettings.Networks \| to_entries \| .[0].value.IPAddress' -r)"
	package com.activiti.extension.bean.eu.xenit.xyz.repo.workflow.activiti;

	import net.sf.acegisecurity.providers.dao.User;
	import org.activiti.engine.delegate.DelegateExecution;
	import org.activiti.engine.delegate.DelegateTask;
	import org.activiti.engine.delegate.ExecutionListener;
	import org.activiti.engine.delegate.JavaDelegate;
	import org.activiti.engine.delegate.TaskListener;
	import org.activiti.engine.delegate.VariableScope;
	import org.alfresco.repo.security.authentication.AuthenticationUtil;
	plugins {
	id 'eu.xenit.docker-alfresco' version '4.0.2'
	}

	repositories {
	mavenCentral()
	jcenter()
	maven {
	url "https://artifacts.alfresco.com/nexus/content/groups/public/"
	}
	git ls-files \| grep -v .jpg$ \| grep -v .min.js$ \| grep -v composer \| grep -v views/errors \| grep -v application/config \| xargs -n1 git blame -w \| ruby -n -e '$_ =~ /^.*\(([a-zA-Z ]+)\d{4}/; puts $1' \| sed 's/ //g' \| sort -f \| uniq -c \| sort -n

	git log --no-merges --shortstat --use-mailmap --format='%aE' -- application/cache application/config application/controllers application/core application/helpers application/hooks application/index.html application/language application/libraries application/logs application/migrations application/models application/resources application/third_party application/views \|sed 's/\(.\)@./\1/' \| grep -v "^$" \| awk 'BEGIN { line=""; } !/^ / { if (line=="" \|\| !match(line, $0)) {line = $0 "," line }} /^ / { print line " # " $0; line=""}' \| sort \| sed -E 's/# //;s/ files? changed,//;s/([0-9]+) ([0-9]+ deletion)/\1 0 insertions\(+\), \2/;s/\(\+\)$/\(\+\), 0 deletions\(-\)/;s/insertions?\(\+\), //;s/ deletions?\(-\)//' \| awk 'BEGIN {name=""; files=0; insertions=0; deletions=0;}
	<?php

	if($_SERVER['argc'] != 2) {
	printf("%s dokuwiki_users\n", $_SERVER['argv'][0]);
	echo "Converts all users found in the dokuwiki users.auth.php file 'dokuwiki_users'\n";
	echo "to SQL to be imported in the authserver database. (on stdout) \n";
	exit(1);
	}
	$dokuwikiUsers = file($_SERVER['argv'][1], FILE_SKIP_EMPTY_LINES\|FILE_IGNORE_NEW_LINES);
	$dokuwikiUsers = array_filter($dokuwikiUsers, function($line) { return $line[0] !== '#'; });
	bad_trees=$(git fsck 2>&1 \| awk '{print $4}' \| sed s/://)
	commits_with_bad_root_tree=$(git log --pretty=format:%H:%T \| grep -E '('$(echo "$bad_trees" \| tr "\n" '\|' \| sed s/.$//)')$' \| cut -d: -f1)

	echo "$bad_trees" \| wc -l
	echo "$commits_with_bad_root_tree" \| wc -l

	echo "$commits_with_bad_root_tree" \| git log --stdin
	<?php

	namespace vierbergenlars\Norch\QueryParser;

	class Lexer
	{

	/**
	* This class should not be instanciated
	*/