Skip to content

Instantly share code, notes, and snippets.

View ZaphodB's full-sized avatar

Stefan Schmidt ZaphodB

22 followers · 73 following
  • Berlin
View GitHub Profile
@gmurdocca
gmurdocca / socat_caesar_dpi.md
Last active May 2, 2025 06:17
Circumventing Deep Packet Inspection with Socat and rot13

Circumventing Deep Packet Inspection with Socat and rot13

I have a Linux virtual machine inside a customer's private network. For security, this VM is reachable only via VPN + Citrix + Windows + a Windows SSH client (eg PuTTY). I am tasked to ensure this Citrix design is secure, and users can not access their Linux VM's or other resources on the internal private network in any way outside of using Citrix.

The VM can access the internet. This task should be easy. The VM's internet gateway allows it to connect anywhere on the internet to TCP ports 80, 443, and 8090 only. Connecting to an internet bastion box on one of these ports works and I can send and receive clear text data using netcat. I plan to use good old SSH, listening on tcp/8090 on the bastion, with a reverse port forward configured to expose sshd on the VM to the public, to show their Citrix gateway can be circumvented.

Rejected by Deep Packet Inspection

I hit an immediate snag. The moment I try to establish an SSH or SSL connection over o

@SwitHak
SwitHak / 20211210-TLP-WHITE_LOG4J.md
Last active May 26, 2025 21:01
BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

  • If you want to add a link, comment or send it to me
  • Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

  • Royce Williams list sorted by vendors responses Royce List
  • Very detailed list NCSC-NL
  • The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List
@lrvick
lrvick / github-troll.md
Last active May 24, 2025 01:11
Trolling Github's DMCA repo with their own security flaws.
@TimothyStiles
TimothyStiles / gif_url_to_ft.py
Created September 27, 2018 02:52
My little script to download gifs, convert them to movies, loop them, and then send them to noisebridge's flaschen taschen.
import os
import sys
url = sys.argv[2]
os.system("curl " + url + " > ~/gifs/temp.gif")
os.system("ffmpeg -y -f gif -i ~/gifs/temp.gif ~/gifs/temp.mp4")
os.system("ffmpeg -y -f concat -i ~/gifs/list.txt -c copy ~/gifs/looptemp.mp4")
os.system("~/git/noisebrdige/ft-demos/black -l14 -t3600 & ~/git/noisebrdige/ft-demos/ft/client/send-video -l15 ~/gifs/looptemp.mp4")
@Disassembler0
Disassembler0 / dovecot-archive.sh
Created May 14, 2017 13:27
dovecot-archive.sh
#!/bin/bash
USER="[email protected]"
RETENTION=120
ARCHIVE_ROOT="Archiv"
BOXES_TO_ARCHIVE=("INBOX" "Odeslaná pošta")
# Load all existing subfolders in BOXES_TO_ARCHIVE
BOXES=()
@djoreilly
djoreilly / ovs-cheat.md
Last active April 25, 2025 19:31
OVS cheat sheet

DB

ovs-vsctl list open_vswitch
ovs-vsctl list interface
ovs-vsctl list interface vxlan-ac000344
ovs-vsctl --columns=options list interface vxlan-ac000344
ovs-vsctl --columns=ofport,name list Interface
ovs-vsctl --columns=ofport,name --format=table list Interface
ovs-vsctl -f csv --no-heading --columns=_uuid list controller
ovs-vsctl -f csv --no-heading -d bare --columns=other_config list port
@xbb
xbb / README
Last active May 24, 2025 11:40
IDRAC6 Virtual Console Launcher
Use this as an example on how to start the virtual console without the need of Java Web Start or accessing it from the web interface.
You can use the user and password that you use for the web interface.
You need an old JRE... I used 1.7.0_80 from the Server JRE package, also I have tested successfully 1.7.0_79 with MacOS.
You don't need to install it, just extract it or copy the files in "jre" folder.
Open the viewer.jnlp file that you get by launching the virtual console from the web interface with a text editor.
Note the urls to the jar files. Download the main jar file avctKVM.jar and the libs for your operating system and architecture.
Extract the dlls (.so Linux, .jnilib MacOS) from the jar libs.
@ahupowerdns
ahupowerdns / simple-adblock-powerdns.md
Last active July 31, 2024 21:11
How to do really simple adblocking with the PowerDNS Recursor 4.x

First, clone the Mozilla focus project and make it fetch its list:

$ git clone https://github.com/mozilla/focus.git
$ cd focus
$ ./checkout.sh
$ cd Lists

This delivers several JSON formatted files, of which we are going to use disconnect-advertising.json. We'll filter out the good bits using jq, and create a Lua representation:

(
@rgreenjr
rgreenjr / postgres_queries_and_commands.sql
Last active June 5, 2025 12:35
Useful PostgreSQL Queries and Commands
-- show running queries (pre 9.2)
SELECT procpid, age(clock_timestamp(), query_start), usename, current_query
FROM pg_stat_activity
WHERE current_query != '<IDLE>' AND current_query NOT ILIKE '%pg_stat_activity%'
ORDER BY query_start desc;
-- show running queries (9.2)
SELECT pid, age(clock_timestamp(), query_start), usename, query
FROM pg_stat_activity
WHERE query != '<IDLE>' AND query NOT ILIKE '%pg_stat_activity%'