Skip to content

Instantly share code, notes, and snippets.

@gladiopeace
gladiopeace / answerfile
Created March 13, 2025 01:03 — forked from oofnikj/answerfile
Install Docker on Termux
KEYMAPOPTS="us us"
HOSTNAMEOPTS="-n alpine"
INTERFACESOPTS="auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
hostname alpine
"
TIMEZONEOPTS="-z UTC"
@gladiopeace
gladiopeace / Caddyfile
Created December 5, 2024 01:12 — forked from vanodevium/Caddyfile
Caddy server: enable CORS for any domain
(cors) {
@cors_preflight method OPTIONS
header {
Access-Control-Allow-Origin "{header.origin}"
Vary Origin
Access-Control-Expose-Headers "Authorization"
Access-Control-Allow-Credentials "true"
}
@gladiopeace
gladiopeace / proxmox-ceph.md
Created October 9, 2024 02:53 — forked from scyto/proxmox-ceph.md
setting up the ceph cluster

CEPH HA Setup

Note this should only be done once you are sure you have reliable TB mesh network.

this is because proxmox UI seems fragile wrt to changing underlying network after configuration of ceph.

All installation done via command line due to gui not understanding the mesh network

This setup doesn't attempt to seperate the ceph public network and ceph cluster network (not same as proxmox clutser network), The goal is to get an easy working setup.

this gist is part of this series

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC06CcxPhXbrrYL6fDQ4YGUJvETwirmTS4lyHzQaB6VJgMtNI5yMa1IJuGUq4MimiKhSSH8N5xOhsImDJeCeByOoHrwP5u9FKRInyTE+KnbxbqfufvUr4O3r1umEdBts1JjrlmdjcdQQIXswEV+Q9ULcy283LaRfkkcUw2TNkVU3UJ2tNVCN/2fBd+G7VAvhx8SosvkC00eY8rRh95MAYHP5M7/c5Pn+Z3pOwCHNEqgXECzBXEWC5ZmgsT2ibj9rgriGZI6QYIEVg86jtBIIuUQdZx47OX2cCT/3Gx7MAUyd/+cvAN5AMpiLIZJubnmOV6Hq6z/XUO3xW9ShmF43vJf
@gladiopeace
gladiopeace / 0-wireguard-readme.md
Created August 14, 2024 00:39 — forked from PhilipSchmid/0-wireguard-readme.md
Wireguard installation on CentOS/RHEL 8 server and Ubuntu 20.04 client (IPv6 dual stack)

Wireguard VPN Setup

This two scripts install & configure Wireguard on a CentOS8 "server" (peer) and on a Ubuntu 18.04 "client" peer. Of course, if you replace the # Installation script parts, these instructions can also be used on other distributions like Debian, CentOS 7, Fedora, etc..

Possible pitfall: When you change something in the /etc/wireguard/wg0.conf configuration file on the server, ensure to disable the wg-quick@wg0 service in advance:

sudo systemctl stop wg-quick@wg0
sudo systemctl disable wg-quick@wg0
sudo vim /etc/wireguard/wg0.conf    # edit what ever you like
sudo systemctl enable --now wg-quick@wg0
@gladiopeace
gladiopeace / sacred_omniboard_mongoku_docker.md
Created August 3, 2024 10:57 — forked from RemiRigal/sacred_omniboard_mongoku_docker.md
How to easily setup Sacred + Omniboard + Mongoku using docker-compose.

Sacred

The opensource tool Sacred helps configuring, organizing, logging and reproducing experiments in Deep Learning projects. It's a Python package allowing to log data in a MongoDB database, among others.

Install Sacred:

pip install sacred

The documentation is hosted on ReadTheDocs.

# Requires running as Administrator
# This is a simplified example and may need modifications to work in your environment
$windowsInstallations = Get-WindowsInstallations # Custom function to detect Windows installations
foreach ($install in $windowsInstallations) {
$description = "Windows on " + $install.DriveLetter
$guid = (bcdedit /copy {current} /d $description).Trim().Split(" ")[2]
bcdedit /set $guid device partition=$install.DriveLetter
bcdedit /set $guid osdevice partition=$install.DriveLetter
https://docs.google.com/document/d/1LQiPiatabyuLVzeTSWMSx05k150VFLJVCxLxEea5diU/edit

Sandbox Escape in [email protected]

A sandbox escape vulnerability exists in vm2 for versions up to 3.9.17. It abuses an unexpected creation of a host object based on the specification of Proxy, and allows RCE via Function in the host context.

Impact

A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox.

PoC

0.414 | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
0.414 /home/arch/docker-eyeos/darwin-xnu/bsd/sys/kpi_socket.h:46:30: note: in ex pansion of macro '__API_DEPRECATED'
0.414 46 | #define __NKE_API_DEPRECATED __API_DEPRECATED("Network Kernel Exte nsion KPI is deprecated", macos(10.4, 10.15))
0.414 | ^~~~~~~~~~~~~~~~
0.414 /home/arch/docker-eyeos/darwin-xnu/bsd/sys/kpi_socket.h:463:1: note: in ex pansion of macro '__NKE_API_DEPRECATED'
0.414 463 | __NKE_API_DEPRECATED;
0.414 | ^~~~~~~~~~~~~~~~~~~~
0.415 /home/arch/docker-eyeos/darwin-xnu/EXTERNAL_HEADERS/Availability.h:407:31: error: expected '=', ',', ';', 'asm' or '__attribute__' before '__