Skip to content

Instantly share code, notes, and snippets.

Avatar

Deniz Adrian zined

View GitHub Profile
@zined
zined / 20200114-TLP-WHITE_CVE-2020-0601.md
Created Jan 16, 2020 — forked from SwitHak/20200114-TLP-WHITE_CVE-2020-0601.md
BlueTeam CheatSheet * CVE-2020-0601 * crypt32.dll | Last updated: 2020-01-16 1758 UTC
View 20200114-TLP-WHITE_CVE-2020-0601.md

CVE-2020-0601 AKA ChainOfFools

General

  • Microsoft disclosed a vulnerability in their monthly Patch Tuesday referenced under CVE-2020-0601.
  • The vulnerability was discovered by the U.S. National Security Agency, anounced today (2020-01-14) in their press conference, followed by a blog post and an official security advisory.
  • The flaw is located in the "CRYPT32.DLL" file under the C:\Windows\System32\ directory.

Vulnerability explanation

  • NSA description:
  • NSA has discovered a critical vulnerability (CVE-2020-0601) affecting Microsoft Windows® cryptographic functionality.
@zined
zined / Insomnihack_Teaser_2017_winworld_exploit.py
Created Jan 7, 2019 — forked from j00ru/Insomnihack_Teaser_2017_winworld_exploit.py
Insomni'hack Teaser 2017 "winworld" exploit by Mateusz "j00ru" Jurczyk
View Insomnihack_Teaser_2017_winworld_exploit.py
# Insomni'hack Teaser 2017 "winworld" task exploit
#
# Author: Mateusz "j00ru" Jurczyk
# Date: 21 January 2017
#
import os
import random
import string
import sys
import struct
@zined
zined / get-public-keys-for-users-in-group
Created Jun 22, 2018
get-public-keys-for-users-in-group
View get-public-keys-for-users-in-group
#!/usr/bin/env bash
set -eu
USERS="$( aws iam get-group --group-name ssh --query 'Users[].UserName' --output text )"
for USER in $USERS; do
PUBLIC_KEY_IDS="$( aws iam list-ssh-public-keys --user-name $USER --query 'SSHPublicKeys[].SSHPublicKeyId' --output text )"
for PUBLIC_KEY_ID in $PUBLIC_KEY_IDS; do
PUBLIC_KEY=$( aws iam get-ssh-public-key --user-name $USER --ssh-public-key-id $PUBLIC_KEY_ID --encoding SSH --query 'SSHPublicKey.SSHPublicKeyBody' --output text )
@zined
zined / dump_mongodb_collections_for_database.sh
Created Jan 3, 2018
dump mongodb collections for database in json
View dump_mongodb_collections_for_database.sh
#!/bin/bash
usage() {
echo "usage: ${0} database target_directory"
exit 127
}
database="${1}"
if [ -z "${database}" ]; then
usage
View stackset-testing.md

Enforce CloudTrail in Child Accounts via Cloudformation Cross-Account StackSets

Prepare StackSet IAM Roles

Following http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs.html

View RHEL7.3 works like a charm, out of the box.
[dadrian@platzhalter.gmbh@ip-10-0-9-244 ~]$ kdestroy -A
[dadrian@platzhalter.gmbh@ip-10-0-9-244 ~]$ klist
klist: Credentials cache keyring 'persistent:818801110:krb_ccache_eHUMT0r' not found
[dadrian@platzhalter.gmbh@ip-10-0-9-244 ~]$
[dadrian@platzhalter.gmbh@ip-10-0-9-244 ~]$ ssh $( hostname -f )
dadrian@platzhalter.gmbh@ip-10-0-9-244.platzhalter.gmbh's password:
[dadrian@platzhalter.gmbh@ip-10-0-9-244 ~]$
[dadrian@platzhalter.gmbh@ip-10-0-9-244 ~]$ kinit dadrian@PLATZHALTER.GMBH
Password for dadrian@PLATZHALTER.GMBH:
View .k5login debugging
[dadrian@platzhalter.gmbh@ip-10-0-7-64 ~]$ klist
Ticket cache: KEYRING:persistent:818801110:krb_ccache_hPVo69Y
Default principal: dadrian@PLATZHALTER.GMBH
Valid starting Expires Service principal
07/22/2017 13:02:14 07/23/2017 13:02:14 krbtgt/PLATZHALTER.GMBH@PLATZHALTER.GMBH
renew until 07/29/2017 13:02:14
[dadrian@platzhalter.gmbh@ip-10-0-7-64 ~]$ ssh $( hostname -f )
dadrian@platzhalter.gmbh@ip-10-0-7-64.platzhalter.gmbh's password:
@zined
zined / get_aws_saml_token.sh
Created May 6, 2017 — forked from lantrix/get_aws_saml_token.sh
How to request SAML assertion from ADFS for Amazon Web Services using curl
View get_aws_saml_token.sh
curl https://youradfsserver.com.au/adfs/services/trust/13/usernamemixed --data @aws_saml_request.xml -H "Content-Type: application/soap+xml" --verbose -o "saml.xml"
@zined
zined / aws_saml_request.xml
Created May 6, 2017 — forked from lantrix/aws_saml_request.xml
SOAP request for a SAML token for Amazon Web Services from an ADFS SOAP endpoint
View aws_saml_request.xml
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
xmlns:a="http://www.w3.org/2005/08/addressing"
xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<a:Action s:mustUnderstand="1">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</a:Action>
<a:To s:mustUnderstand="1">https://youradfsserver.com.au/adfs/services/trust/13/usernamemixed</a:To>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<o:UsernameToken u:Id="uuid-6a13a244-dac6-42c1-84c5-cbb345b0c4c4-1">
<o:Username>user@domain.com.au</o:Username>
<o:Password>password</o:Password>
View docker-btrfs.patch
--- docker/daemon/graphdriver/btrfs/btrfs.go 2016-03-09 12:13:24.000000000 -0800
+++ docker/daemon/graphdriver/btrfs/btrfs.go 2016-04-17 04:34:27.188376720 -0700
@@ -7,6 +7,10 @@ package btrfs
#include <dirent.h>
#include <btrfs/ioctl.h>
#include <btrfs/ctree.h>
+
+static void set_name_btrfs_ioctl_vol_args_v2(struct btrfs_ioctl_vol_args_v2* btrfs_struct, const char* value) {
+ snprintf(btrfs_struct->name, BTRFS_SUBVOL_NAME_MAX, "%s", value);
+}
You can’t perform that action at this time.