Skip to content

Instantly share code, notes, and snippets.

View craig-m-unsw's full-sized avatar

Craig M craig-m-unsw

16 followers · 43 following
View GitHub Profile
@craig-m-unsw
craig-m-unsw / socat_caesar_dpi.md
Created February 28, 2022 02:28 — forked from gmurdocca/socat_caesar_dpi.md
Circumventing Deep Packet Inspection with Socat and rot13

Circumventing Deep Packet Inspection with Socat and rot13

I have a Linux virtual machine inside a customer's private network. For security, this VM is reachable only via VPN + Citrix + Windows + a Windows SSH client (eg PuTTY). I am tasked to ensure this Citrix design is secure, and users can not access their Linux VM's or other resources on the internal private network in any way outside of using Citrix.

The VM can access the internet. This task should be easy. The VM's internet gateway allows it to connect anywhere on the internet to TCP ports 80, 443, and 8090 only. Connecting to an internet bastion box on one of these ports works and I can send and receive clear text data using netcat. I plan to use good old SSH, listening on tcp/8090 on the bastion, with a reverse port forward configured to expose sshd on the VM to the public, to show their Citrix gateway can be circumvented.

Rejected by Deep Packet Inspection

I hit an immediate snag. the moment I try to establish an SSH or SSL connection over o

@craig-m-unsw
craig-m-unsw / asciichar.c
Last active March 15, 2022 08:35 — forked from codebrainz/main.c
ASCII Characters
#include <stdio.h>
static struct {
const char *oct;
const char *hex;
const char *bin;
const char *asc;
const char *desc;
} ascii_table[128] = {
{ "000", "00", "00000000", "NUL", "Null char" },
@craig-m-unsw
craig-m-unsw / bash_strict_mode.md
Created April 7, 2022 10:26 — forked from mohanpedala/bash_strict_mode.md
set -e, -u, -o, -x pipefail explanation
@craig-m-unsw
craig-m-unsw / nfs-tunnel.md
Created April 27, 2022 01:24 — forked from proudlygeek/nfs-tunnel.md
Mount NFS Folder via SSH Tunnel

1. Install NFS on Server

Install the required packages (Ubuntu 12.04):

apt-get install nfs-kernel-server portmap

2. Share NFS Folder

Open the exports file:

vim /etc/exports
@craig-m-unsw
craig-m-unsw / README.MD
Created August 30, 2022 00:21 — forked from RichardBronosky/README.MD
cb - A leak-proof tee to the clipboard - Unify the copy and paste commands into one intelligent chainable command.

cb

A leak-proof tee to the clipboard

This script is modeled after tee (see [man tee][2]) and works on Linux, macOS, Cygwin, WSL/WSL2

It's like your normal copy and paste commands, but unified and able to sense when you want it to be chainable.

This project started as an answer to the StackOverflow question: [How can I copy the output of a command directly into my clipboard?][3]

@craig-m-unsw
craig-m-unsw / 00_README.md
Created September 6, 2022 22:34 — forked from CrackerJackMack/00_README.md
ansible fact caching redis password different port

Everything I've read is that redis fact caching in ansible doesn't support db/password/ports, but that is untrue. It's undocumented and it will most likely change in the future but here is how it works. it takes the fact_caching_connection and split's it on the colon and passes it as *args to redis.StrictRedis. Db is typically 0 if you weren't sure. If you aren't sure if the ansible version you are using supports this, just check the plugins/redis.py for how it passes the connection string to StrictRedis. Works with 2.2.0.0 at least.

# hostname:port:db:password
localhost:6379:0:secret
public_ip:293451:0:supersercretnobodycanguessthis
@craig-m-unsw
craig-m-unsw / test.py
Created September 9, 2022 13:25 — forked from dmsimard/test.py
ara with ansible-runner
#!/usr/bin/env python3
# Proof of concept ara with ansible-runner
# Requires https://github.com/ansible/ansible-runner/issues/219#issuecomment-496191227
import ansible_runner
import os
from ara.setup import callback_plugins
PLAYBOOK = """
- name: Test for ansible-runner
@craig-m-unsw
craig-m-unsw / edit_ubuntu_autoinstall.py
Created September 20, 2022 22:39 — forked from utkonos/edit_ubuntu_autoinstall.py
Simple Python Script to Edit an Ubuntu ISO to Add Automated Server Install Capability
import io
import pathlib
import pycdlib
ubuntu = pathlib.Path('ubuntu-22.04-live-server-amd64.iso')
new_iso_path = pathlib.Path('ubuntu-22.04-live-server-amd64-auto.iso')
iso = pycdlib.PyCdlib()
iso.open(ubuntu)
@craig-m-unsw
craig-m-unsw / 55-bytes-of-css.md
Last active December 15, 2022 06:14 — forked from JoeyBurzynski/55-bytes-of-css.md
58 bytes of css to look great nearly everywhere

58 bytes of CSS to look great nearly everywhere

When making this website, i wanted a simple, reasonable way to make it look good on most displays. Not counting any minimization techniques, the following 58 bytes worked well for me:

main {
  max-width: 38rem;
  padding: 2rem;
  margin: auto;
}
@craig-m-unsw
craig-m-unsw / 00_README.md
Last active May 6, 2026 12:45 — forked from RichardBronosky/mkpasswd.py
Platform independent way of generating Linux compatible crypt(3) sha512 hashes ($6$ style). For systems (like macOS/OSX) where you can't `mkpasswd -m sha-512`.

Create Linux password hashes from Python

Platform independent way of generating Linux compatible crypt(3) sha512 hashes ($6$ style). For use in cloud-init, preseed files, or altering /etc/shadow. Use on systems where you can't mkpasswd -m sha-512 (which gets installed from sudo apt install whois weirdly on Ubuntu/Deb systems).

setup

We can install Passlib in a virtual environment anywhere we can run Python from with a small script.

So Install Python by downloading or using a package manager (eg sudo apt-get install python3 python3-virtualenv -y).