Skip to content

Instantly share code, notes, and snippets.

[
{
"id": "LW107",
"name": "Dowell",
"lat": "47.630226",
"lng": "-122.270691",
"explored": "YES",
"depth": "-59.20",
"desc": "Wreck",
"documented": "YES",
@archisgore
archisgore / forproc
Last active May 9, 2018 14:39
For all processes with an command, run this command under their /proc/<pid>
function filter_pids() {
oifs="$IFS"
IFS=$'\n'
for stuff in $1; do
if [[ -f $stuff/cmdline ]]; then
echo "$stuff"
fi
done
IFS="$oifs"
@archisgore
archisgore / alice-vs-bob-benefit-matrix
Last active November 23, 2018 18:34
blog-post-table-1.txt
+----------+---------------------+-----------------------------+
| | Dr. Alice | Dr. Bob |
+==========+=====================+=============================+
| Benefits | Will cure Influenza | Strives to cure in 24 hours |
| | Might take 8 days | Has success references |
| | No rules to follow | Some rules to follow |
| | Plans for failure | Does not want to fail |
+----------+---------------------+-----------------------------+
@archisgore
archisgore / alice-vs-bob-payoff-matrix
Created November 23, 2018 18:49
blog-post-table-2
+-----------------------+---------------------+-----------------------------+
| | Dr. Alice | Dr. Bob |
+-----------------------+---------------------+-----------------------------+
| When done correctly | | Strives to cure in 24 hours |
| | | Has success references |
| | | Some rules to follow |
| | | Does not want to fail |
| --------------------- | ------------------- | --------------------------- |
| When done Incorrectly | Will cure Influenza | |
| | Might take 8 days | |
@archisgore
archisgore / applyTagAt
Created August 18, 2019 19:48
Apply HTML tags across spans of text using Javascript.
function applyTagAt(text, start, end, startTag, endTag) {
var text2 = "";
var counter = 0;
var intag = false;
var inescape = false;
var tagstarted = false;
for (var i = 0; i < text.length; i++) {
if (text.charAt(i) == '<') {
@archisgore
archisgore / aws-cdk-s3-notification-from-existing-bucket.ts
Last active June 17, 2021 12:44
AWS CDK add notification from existing S3 bucket to SQS queue
import * as cr from '@aws-cdk/custom-resources';
import * as logs from '@aws-cdk/aws-logs';
import * as s3 from '@aws-cdk/aws-s3';
import * as sqs from '@aws-cdk/aws-sqs';
import * as iam from '@aws-cdk/aws-iam';
import {Construct} from '@aws-cdk/core';
// You can drop this construct anywhere, and in your stack, invoke it like this:
// const s3ToSQSNotification = new S3NotificationToSQSCustomResource(this, 's3ToSQSNotification', existingBucket, queue);
@archisgore
archisgore / gist:d1dda9965db63342546501689fa3f309
Created May 3, 2020 07:05
Convert json-schema into AWS Glue struct schema (for automating JSON parsing in Glue using AWS CDK)
import request from 'sync-request';
import * as glue from '@aws-cdk/aws-glue';
export function polytectJsonSchemaToGlue(): glue.Type {
console.log("Getting Polytect reference schema...")
const res = request('GET', 'https://raw.githubusercontent.com/polyverse/polytect/master/reference/schema.json');
const body = res.getBody();
const schema = JSON.parse(body.toString());
return recursiveGlueColumns(schema, schema.definitions);
}
@archisgore
archisgore / gist:ed301e6e674218f24d6930f4367b61c2
Created September 3, 2020 02:43
Access to blockchain server
ssh 107.180.100.242
@archisgore
archisgore / ffbuilds
Last active November 23, 2020 05:36
FireFox builds
SOURCE:
https://polyverse-downloads.s3.amazonaws.com/firefox/mozilla-unified.tar.bz2
BUILDS:
https://polyverse-downloads.s3.amazonaws.com/firefox/plain-firefox-85.0a1.en-US.linux-x86_64.tar.bz2
https://polyverse-downloads.s3.amazonaws.com/firefox/gcc-firefox-85.0a1.en-US.linux-x86_64.tar.bz2
https://polyverse-downloads.s3.amazonaws.com/firefox/debug-new-static-firefox-85.0a1.en-US.linux-x86_64.tar.bz2
@archisgore
archisgore / npm_dependency_confusion.md
Last active February 17, 2021 05:52
NPM/Node.js code injection attack

NPM/Node.js recently had a clever, yet simple, code injection attack using "dependency confusion" as the vulnerability. I describe the attack as conducted (simulated, really), and a systemic solution Polyverse has been building for the past two years designed to solve specifically this problem.

A recap of the attack, for baseline:

Node dependencies are specified by name and version but not address/location, i.e., {“sorter”: “1.0”, “binary-search”: “2.0”, “polyverse-billing”: 1.0}.

Notice the last one? It’s intended to be Polyverse internal and contains our proprietary (and sensitive) billing code. Obviously it does not exist on npmjs.com, the public upstream node package repository. It instead comes from a private repository hosted by Polyverse.

In a Sequence Diagram, this is how the flow worked before the attack. Pretty straight-forward.