Skip to content

Instantly share code, notes, and snippets.

View joekir's full-sized avatar

Joe Kirwin joekir

13 followers · 10 following
View GitHub Profile
@joekir
joekir / generate.sh
Last active January 27, 2020 18:27
Super Simple local HTTPS Server
#!/bin/bash
set -eu
CERTNAME=cert.pem
KEYNAME=key.pem
COMBINED=certs_and_key.pem
openssl req -x509 -newkey rsa:1024 -keyout ${KEYNAME} -out ${CERTNAME} -days 365 -subj '/CN=localhost' -passout pass:foobar
openssl rsa -in ${KEYNAME} -out ${KEYNAME} -passin pass:foobar
@joekir
joekir / sshPubFromGenericPriv.md
Last active October 5, 2018 22:59
reminder on how to gen rsa pub from priv and export to ssh pub 
// generate rsa pub from priv
$ openssl rsa -in ~/.ssh/foo -pubout > foo.pub

// format that to ssh-rsa from the pubout
$ ssh-keygen -f ~/.ssh/foo.pub -i -mPKCS8 > bar.pub

// for some reason you can't redirect to the file being read in
$ mv bar.pub foo.pub
@joekir
joekir / gdb_tips.md
Last active January 17, 2019 21:11
GDB Tips

gdb commands to remember

command what it does
info sharedlibrary list shared libraries
tui enable enable gui debugger
b <linenumber> add breakpoint at line number
b <function name> add breakpoint for function name
info b show breakpoints
d delete a breakpoint by number
@joekir
joekir / day1.md
Last active August 29, 2018 17:21
LSS2018
@joekir
joekir / MurmurHash3Test.java
Last active April 7, 2018 23:01
Code snippets for blog https://josephkirwin.com/2018/04/07/z3-hash-inversions
class MurmurTest {
public static void main(String args[]){
byte[] data = { 90, 1, 2, 44};
System.out.format("0x%x\n", murmurhash3_x86_32(data, 0, data.length, 0xefef));
}
/*
* This is verbatim from:
* https://raw.githubusercontent.com/yonik/java_util/master/src/util/hash/MurmurHash3.java
*/
@joekir
joekir / makefile
Last active December 9, 2017 20:18
A script that uses all available gcc flags to catch security issues when compiling c
.SILENT:
FILES = main.c
OUT_BIN = out
build: $(FILES)
# https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html
gcc -Werror=all -Werror=conversion -Werror=stack-protector \
-Werror=pointer-sign -Werror=cast-align -Werror=cast-qual \
-Wextra -Werror=format-security -Wfatal-errors -o $(OUT_BIN) $(FILES)
@joekir
joekir / boom.go
Created September 5, 2017 21:38
Weird differences in behaviours
package main
import "fmt"
func main() {
const big int = 0x7FFFFFFF/2
s := [big]int{3}
fmt.Println(s[big-1])
}
@joekir
joekir / qrfuzz.sh
Created September 3, 2017 20:15
Takes a plaintext input fuzzes it and generates the QR code output of that in a file called test.png
#! /bin/bash
if [ -z "$1" ]; then
echo please provide the input qr content file name
exit 1
fi
qrencode -s 10 -d 10000 -o test.png `cat $1 | radamsa` && display test.png
@joekir
joekir / setting-up-fwknop.md
Last active October 15, 2021 14:42
Getting fwknop to work

How to setup fwknop

Cloud Setup

  • Using sshd_conf from my other place configure a bastion to run on 2 ports
    • use the other random port to help you set all this up!
  • expose them on GCP
  • also expose udp/62201 for the knock (62201 is the default, but you can change in the config)
  • on a debian instance install fwknop-server
  • configure ip tables as follows:
@joekir
joekir / sshd_config
Created May 16, 2017 06:38
sshd hardened config
Port <some high port>
PermitRootLogin no
PubkeyAuthentication yes
IgnoreRhosts yes
PasswordAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
X11Forwarding no
PrintMotd no
PrintLastLog yes