Dan Lenski dlenski
dlenski
/ jun_ssl_log.py
Last active
May 21, 2024 19:30
Juniper VPN logging script for mitmproxy v4.0.4
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| # Run like this with mitmproxy v4.0.4: | |
| # mitmdump --script jun_ssl_log.py --tcp-hosts JUNIPER.SERVER.COM | |
| # | |
| # It will dump the TCP flows with the server in a raw-ish format to /tmp/TCPFlow*, | |
| # and will replace the MD5 hash of the "real" server certificate with that of the | |
| # MITM'ed server certificate (as provided to the client) anywhere it appears in the | |
| # TCP flows' content. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # This script takes one or more x509 certificates in .PEM format (from | |
| # stdin or files listed on command line) and adds helpful "bag | |
| # attributes" before each certificate. This makes it easier for | |
| # humans to identify the contents of the bundle. | |
| # | |
| # Requires (g)awk and openssl's x509 command line utility. | |
| # | |
| # Output fields included can be specified via openssl-x509 options: |
dlenski
/ fake_PAN_GlobalProtect_server.py
Created
May 29, 2018 18:16
quick-and-dirty simulator of PAN GlobalProtect server
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # This is used for testing openconnect's (https://github.com/dlenski/openconnect). | |
| # handling of the atrocious XML+JavaScript mess used for | |
| # authenticating to a PAN GlobalProtect VPN. | |
| # | |
| # Requires a recent version of Flask and Python 3.x, and a server.pem | |
| # | |
| # Should be fairly easy to tweak to fit various authentication scenarios. |
dlenski
/ gist:3adcdd3dd5ed897a8e8c4f172726aaca
Created
January 20, 2018 03:23
— forked from kzap/gist:5819745
If you want to give only Travis-CI access to a private key or secret file in your repository, you will need to encrypt it, but rather than storing the entire encrypted file in an environment variable, just store the a secret password in a secure environment variable that you will use to encrypt and decrypt your private key file. The encryption o…
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # generate your private key, put the public key on the server you will be connecting to | |
| ssh-keygen -t rsa -f ./my_key | |
| # generate the password/secret you will store encrypted in the .travis.yml and use to encrypt your private key | |
| cat /dev/urandom | head -c 10000 | openssl sha1 > ./secret | |
| # encrypt your private key using your secret password | |
| openssl aes-256-cbc -pass "file:./secret" -in ./my_key -out ./my_key.enc -a | |
| # download your Travis-CI public key via the API. eg: https://api.travis-ci.org/repos/travis-ci/travis-ci/key |
dlenski
/ ssh-cipher-benchmark.sh
Last active
December 6, 2022 09:14
Check speed of ssh cipher(s) on your system
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Based on: http://www.systutorials.com/5450/improving-sshscp-performance-by-choosing-ciphers/#comment-28725 | |
| # | |
| # You should set up PublicKey authentication so that you don't have to type your | |
| # password for every cipher tested. | |
| set -o pipefail | |
| ciphers="$@" |
dlenski
/ lookup_entities.py
Last active
April 7, 2016 03:01
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """Example of using hangups to lookup contacts by id.""" | |
| import sys | |
| import asyncio | |
| import hangups | |
| # Path where OAuth refresh token is saved, allowing hangups to remember your |
dlenski
/ filter_messages_from_pidgin_log.py
Last active
January 29, 2016 21:58
Filter raw protocol messages from Pidgin debug log (`pidgin -d`)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #/usr/bin/env python2 | |
| from __future__ import print_function | |
| from sys import stdin, stderr, stdout | |
| import re | |
| message = [] | |
| message_started = message_ended = None | |
| for line in stdin: |
NewerOlder