| #!/bin/bash | |
| if [ $# -lt 2 ]; then | |
| echo "Usage: $0 [domain to connect] [password]" | |
| exit 1 | |
| fi | |
| set -e | |
| red='\033[0;31m' |
| // You don't want to serve HTTPS supporting for SSL3.0 any longer, see: | |
| // http://googleonlinesecurity.blogspot.de/2014/10/this-poodle-bites-exploiting-ssl-30.html | |
| import ( | |
| "crypto/tls" | |
| "net/http" | |
| ) | |
| // This code supports SSL3.0, TLS1.0, TLS1.1 and TLS1.2 | |
| // Chances are you currently do this but want to stop due to the POODLE | |
| err := http.ListenAndServeTLS(addr, "crtfile", "keyfile", handler) |
| #!/bin/bash | |
| # | |
| # Generates client and server certificates used to enable HTTPS | |
| # remote authentication to a Docker daemon. | |
| # | |
| # See http://docs.docker.com/articles/https/ | |
| # | |
| # To start the Docker Daemon: | |
| # | |
| # sudo docker -d \ |
| <?xml version="1.0" encoding="utf-8"?> | |
| <unattend xmlns="urn:schemas-microsoft-com:unattend"> | |
| <settings pass="generalize"> | |
| <component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> | |
| <SkipRearm>1</SkipRearm> | |
| </component> | |
| <component name="Microsoft-Windows-PnpSysprep" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> | |
| <PersistAllDeviceInstalls>false</PersistAllDeviceInstalls> | |
| <DoNotCleanUpNonPresentDevices>false</DoNotCleanUpNonPresentDevices> | |
| </component> |
The plan is to create a pair of executables (ngrok and ngrokd) that are connected with a self-signed SSL cert. Since the client and server executables are paired, you won't be able to use any other ngrok to connect to this ngrokd, and vice versa.
Add two DNS records: one for the base domain and one for the wildcard domain. For example, if your base domain is domain.com, you'll need a record for that and for *.domain.com.
| // Copyright (c) 2017 Ismael Celis | |
| // Permission is hereby granted, free of charge, to any person obtaining a copy | |
| // of this software and associated documentation files (the "Software"), to deal | |
| // in the Software without restriction, including without limitation the rights | |
| // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
| // copies of the Software, and to permit persons to whom the Software is | |
| // furnished to do so, subject to the following conditions: | |
| // The above copyright notice and this permission notice shall be included in all |
| Overview | |
| ======== | |
| Students in my Web Programming class (G. Brown, S. Prassad, et al) | |
| discovered that MongoDB request injection attacks also work on Node.js | |
| + Express web applications. MongoDB request injection attacks have | |
| been known for PHP web applications. | |
| Impact | |
| ====== | |
| Attacker can view and download all the data in a MongoDB database |
| #! /bin/bash | |
| # HEADS UP! Make sure to use '*' or a valid hostname for the FDQN prompt | |
| echo 01 > ca.srl | |
| openssl genrsa -des3 -out ca-key.pem | |
| openssl req -new -x509 -days 365 -key ca-key.pem -out ca.pem | |
| openssl genrsa -des3 -out server-key.pem | |
| openssl req -new -key server-key.pem -out server.csr |
| config.vm.provider :vmware_fusion do |vm| | |
| vdiskmanager = '/Applications/VMware\ Fusion.app/Contents/Library/vmware-vdiskmanager' | |
| dir = "#{ENV['HOME']}/vagrant-additional-disk" | |
| unless File.directory?( dir ) | |
| Dir.mkdir dir | |
| end |
sudo defaults write /Library/Preferences/com.apple.windowserver.plist DisplayResolutionEnabled -bool true