Skip to content

Instantly share code, notes, and snippets.

Deniz Adrian zined

Block or report user

Report or block zined

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@SwitHak
SwitHak / 20200114-TLP-WHITE_CVE-2020-0601.md
Last active May 26, 2020
BlueTeam CheatSheet * CVE-2020-0601 * crypt32.dll | Last updated: 2020-01-21 1817 UTC
View 20200114-TLP-WHITE_CVE-2020-0601.md

CVE-2020-0601 AKA ChainOfFools OR CurveBall

General

  • Microsoft disclosed a vulnerability in their monthly Patch Tuesday referenced under CVE-2020-0601.
  • The vulnerability was discovered by the U.S. National Security Agency, anounced today (2020-01-14) in their press conference, followed by a blog post and an official security advisory.
  • The flaw is located in the "CRYPT32.DLL" file under the C:\Windows\System32\ directory.

Vulnerability explanation

  • NSA description:
  • NSA has discovered a critical vulnerability (CVE-2020-0601) affecting Microsoft Windows® cryptographic functionality.
@j00ru
j00ru / Insomnihack_Teaser_2017_winworld_exploit.py
Created Jan 7, 2019
Insomni'hack Teaser 2017 "winworld" exploit by Mateusz "j00ru" Jurczyk
View Insomnihack_Teaser_2017_winworld_exploit.py
# Insomni'hack Teaser 2017 "winworld" task exploit
#
# Author: Mateusz "j00ru" Jurczyk
# Date: 21 January 2017
#
import os
import random
import string
import sys
import struct
@mlafeldt
mlafeldt / postmortem.md
Last active May 11, 2020
Example Postmortem from SRE book, pp. 487-491
View postmortem.md

Shakespeare Sonnet++ Postmortem (incident #465)

Date

2015-10-21

Authors

  • jennifer
  • martym
@mlafeldt
mlafeldt / Rakefile
Last active Apr 6, 2016
Rake task I use for starting a new article for Production Ready
View Rakefile
require "stringex"
desc "Create a new letter"
task :new_letter, :title do |t, args|
title = args[:title] || "New Letter"
num = File::basename(Dir['letters/*'].last)[0,3].to_i + 1
filename = "letters/%03d-%s.md" % [num, title.to_url]
date = Time.now.strftime("%Y-%m-%d")
puts "==> Creating new letter: #{filename}"
@mlafeldt
mlafeldt / Rakefile
Last active Apr 20, 2018
The Rake tasks I use to manage my blog
View Rakefile
require 'stringex'
POSTS_DIR = '_posts'
BUILD_DIR = '_site'
DEPLOY_DIR = '_deploy'
DEPLOY_BRANCH = 'master'
def git(*args)
sh 'git', *args
end
@lantrix
lantrix / get_aws_saml_token.sh
Created Feb 6, 2015
How to request SAML assertion from ADFS for Amazon Web Services using curl
View get_aws_saml_token.sh
curl https://youradfsserver.com.au/adfs/services/trust/13/usernamemixed --data @aws_saml_request.xml -H "Content-Type: application/soap+xml" --verbose -o "saml.xml"
@lantrix
lantrix / aws_saml_request.xml
Last active May 6, 2017
SOAP request for a SAML token for Amazon Web Services from an ADFS SOAP endpoint
View aws_saml_request.xml
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
xmlns:a="http://www.w3.org/2005/08/addressing"
xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<a:Action s:mustUnderstand="1">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</a:Action>
<a:To s:mustUnderstand="1">https://youradfsserver.com.au/adfs/services/trust/13/usernamemixed</a:To>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<o:UsernameToken u:Id="uuid-6a13a244-dac6-42c1-84c5-cbb345b0c4c4-1">
<o:Username>user@domain.com.au</o:Username>
<o:Password>password</o:Password>
@rofl0r
rofl0r / init.c
Created Aug 6, 2013
minimal init daemon by rich felker, author of musl libc
View init.c
#define _XOPEN_SOURCE 700
#include <signal.h>
#include <unistd.h>
int main()
{
sigset_t set;
int status;
if (getpid() != 1) return 1;
You can’t perform that action at this time.