Skip to content

Instantly share code, notes, and snippets.

Avatar

Steve Woodrow woodrow

View GitHub Profile
@woodrow
woodrow / fido_u2f_dissector.lua
Created Dec 16, 2019
wireshark fido/u2f dissector
View fido_u2f_dissector.lua
-- started based on https://gist.github.com/z4yx/218116240e2759759b239d16fed787ca
cbor = Dissector.get("cbor")
iso7816 = Dissector.get("iso7816")
ctaphid_proto = Proto("CTAPHID","FIDO Client to Authenticator Protocol over USB HID")
ctaphidfield_cid = ProtoField.uint32("ctaphid.cid", "Channel ID", base.HEX)
ctaphidfield_cmd = ProtoField.uint8("ctaphid.cmd", "Command", base.HEX)
ctaphidfield_bcnt = ProtoField.uint16("ctaphid.bcnt", "Payload Length", base.DEC_HEX)
ctaphidfield_seq = ProtoField.uint8("ctaphid.seq", "Packet Sequence", base.HEX)
View cluster_role_diff.sh-session
kubectl get clusterroles admin --output=json | jq '.rules | map(. as $rule | .apiGroups | map(. as $apiGroup | $rule.resources | map(. as $resource | $rule.verbs | map(. as $verb | $apiGroup + ":" + $resource + ":" + $verb)))) | flatten | sort' > /tmp/admin.json
kubectl get clusterroles edit --output=json | jq '.rules | map(. as $rule | .apiGroups | map(. as $apiGroup | $rule.resources | map(. as $resource | $rule.verbs | map(. as $verb | $apiGroup + ":" + $resource + ":" + $verb)))) | flatten | sort' > /tmp/edit.json
kubectl get clusterroles view --output=json | jq '.rules | map(. as $rule | .apiGroups | map(. as $apiGroup | $rule.resources | map(. as $resource | $rule.verbs | map(. as $verb | $apiGroup + ":" + $resource + ":" + $verb)))) | flatten | sort' > /tmp/view.json
vimdiff /tmp/edit.json /tmp/admin.json
vimdiff /tmp/view.json /tmp/edit.json
View great_aws_jqs.sh
# check for open ports in security groups
aws ec2 describe-security-groups | jq '.SecurityGroups | map(select(.IpPermissions[] | select(.FromPort >= 443 and .ToPort <= 443)))
@woodrow
woodrow / onc_converter.py
Created Apr 27, 2016
Convert OpenVPN config files to ChromeOS ONC files
View onc_converter.py
import argparse
import json
import re
import sys
import uuid
class OpenVPNNetworkConfiguration(object):
KNOWN_CONFIG_KEYS = {
'name': {'key': 'Name'},
@woodrow
woodrow / etc-motd
Created Dec 1, 2014
MOTD: BEWARE OF DOGE.
View etc-motd
SO SECURE SYSTEM. AMAZE.
UNAUTHORIZED ACCESS MUCH PROHIBITED.
BEWARE OF DOGE. WOW.
░░░░░░░░░▄░░░░░░░░░░░░░░▄░░░░
░░░░░░░░▌▒█░░░░░░░░░░░▄▀▒▌░░░
░░░░░░░░▌▒▒█░░░░░░░░▄▀▒▒▒▐░░░
░░░░░░░▐▄▀▒▒▀▀▀▀▄▄▄▀▒▒▒▒▒▐░░░
░░░░░▄▄▀▒░▒▒▒▒▒▒▒▒▒█▒▒▄█▒▐░░░
░░░▄▀▒▒▒░░░▒▒▒░░░▒▒▒▀██▀▒▌░░░
View keybase.md

Keybase proof

I hereby claim:

  • I am woodrow on github.
  • I am woodrow (https://keybase.io/woodrow) on keybase.
  • I have a public key whose fingerprint is 7901 C8DB 4886 EB01 4FC7 EBBA 8A10 C01C F186 88B8

To claim this, I am signing this object:

@woodrow
woodrow / ca_certs.patch
Created Mar 1, 2014
Root certificate changes in OSX 10.9.2/Security Update 2014-001
View ca_certs.patch
--- ca_certs-10.9.1.txt 2014-02-28 18:24:53.365172328 -0800
+++ ca_certs-10.9.2.txt 2014-02-28 18:25:18.209171996 -0800
@@ -1,1 +1,1 @@
-System Version: OS X 10.9.1 (13B42)
+System Version: OS X 10.9.2 (13C64)
@@ -2132,0 +2132,119 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
View ca_certs.sh
#!/bin/bash
mkdir -p /tmp/ca_certs/ && rm -f /tmp/ca_certs/*
cd /tmp/ca_certs/
# dump root certs and split on cert boundary (assuming no more than 1000 root certs)
security find-certificate -a -p /System/Library/Keychains/SystemRootCertificates.keychain | csplit -s -k -f ca_cert -n 3 - '/-----BEGIN CERTIFICATE-----/' '{1000}' >/dev/null 2>&1
# rename the certs based on their openssl subject_hash to ensure the certs are sortable
ls /tmp/ca_certs/ | xargs -n 1 sh -c 'mv $0 $(openssl x509 -hash -noout -in $0)'
# print the OS version in the first line
system_profiler SPSoftwareDataType | grep -o 'System Version.*$' > /tmp/ca_certs.txt
# dump the text of the certs in subject_hash-sorted order into certs.txt
@woodrow
woodrow / hpkp_hashes.sh
Created Feb 21, 2014
Public key pinning digest generation
View hpkp_hashes.sh
# get the SHA-1 digest of the subjectPublicKeyInfo of a certificate as used by Chromium's preloaded public key pinning
# http://src.chromium.org/viewvc/chrome/trunk/src/net/http/transport_security_state_static.h?r1=191212&r2=191211&pathrev=191212
curl -s https://pki.google.com/GIAG2.crt | openssl x509 -inform der -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha1
# (stdin)= 43dad630ee53f8a980ca6efd85f46aa37990e0ea
# get the base64-encoded SHA-256 digest of the subjectPublicKeyInfo of a certificate as used by HTTP Public Key Pinning
# (http://tools.ietf.org/html/draft-ietf-websec-key-pinning-11)
curl -s https://pki.google.com/GIAG2.crt | openssl x509 -inform der -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | base64
# 7HIpactkIAq2Y49orFOOQKurWxmmSFZhBCoQYcRhJ3Y=
View list_customers_by_coupon.rb
#!/usr/bin/env ruby
require 'stripe'
Stripe.api_key = 'API_KEY'
customers_by_coupon = {}
customer_count = nil
batch_count = 100
batch_offset = 0