Skip to content

Instantly share code, notes, and snippets.

View jordimassaguerpla's full-sized avatar

Jordi Massaguer Pla jordimassaguerpla

43 followers · 6 following
View GitHub Profile
@jordimassaguerpla
jordimassaguerpla / gist:7485966
Created November 15, 2013 15:19
a script to change the default boot in grub 2. It parses the grub2 configuration to show you the options
#!/usr/bin/ruby
GRUB_CFG = "/mnt/boot_loader/boot/grub/grub.cfg"
def read_menu_entries(cfg_file)
menu_entries = []
File.readlines(cfg_file).each do |line|
next if !line.include?("menuentry")
entry = line.match(/menuentry.*['"](.*)['"].*/)[1]
menu_entries << entry
@jordimassaguerpla
jordimassaguerpla / unsafe_query_risk_check_1.rb
Last active August 29, 2015 14:01
unsafe_query_risk_check_1
# this checks for "unsafe query risks in active record" by reading your
# db/schema.rb file, according to
# https://groups.google.com/forum/#!topic/rubyonrails-security/8CVoclw-Xkk
class MockTable
@@tables = {}
def self.tables
@@tables
end
@jordimassaguerpla
jordimassaguerpla / create_default_pool_for_libvirt
Created June 12, 2015 11:04
create_default_pool_for_libvirt
mkdir -p /var/lib/virt/
virsh pool-define-as --name default --type dir --target /var/lib/virt/images
virsh pool-autostart default
virsh pool-build default
virsh pool-start default
@jordimassaguerpla
jordimassaguerpla / get_download_link_from_obs
Created June 15, 2015 10:45
get download link for a binary in open suse build service
@jordimassaguerpla
jordimassaguerpla / get_ruby_sec_status.rb
Created July 13, 2015 10:18
# Use this ruby script on a rubysec/ruby-advisory-db checkout
# to get the number of security issues on ruby gems per year
require "yaml"
if ARGV.length != 1
puts "usage: ruby get_stats.rb YEAR"
exit -1
end
if ARGV[0] !~ /\d\d\d\d/
puts "usage: ruby get_stats.rb YEAR"
@jordimassaguerpla
jordimassaguerpla / dockerfile
Last active December 1, 2015 14:22
netcat docker example
FROM opensuse:latest
MAINTAINER Jordi Massaguer "[email protected]"
RUN echo -e "#!/bin/sh\n \nnc -l 80" > /bin/hello-world-server
RUN chmod +x /bin/hello-world-server
RUN zypper -n install "netcat-openbsd"
EXPOSE 80
CMD /bin/hello-world-server
# test me with "telnet IP 80"
# get the ip with docker inspect CONTAINER
@jordimassaguerpla
jordimassaguerpla / zypper-docker-demo-cve-2014-6271.txt
Created December 1, 2015 15:39
zypper-docker demo for cve-2014-6271
-----------Dockerfile ---------------------------------------------------------------
FROM suse/sles11sp3:latest
MAINTAINER Jordi Massaguer <[email protected]>
# Import the crt file of our private SMT server
ADD http://docker-smt.suse.de//smt.crt /etc/ssl/certs/smt.pem
RUN c_rehash /etc/ssl/certs
# Refresh the list of repositories
@jordimassaguerpla
jordimassaguerpla / keybase.md
Last active April 1, 2016 14:34

Keybase proof

I hereby claim:

  • I am jordimassaguerpla on github.
  • I am jordi_m_p (https://keybase.io/jordi_m_p) on keybase.
  • I have a public key whose fingerprint is 6D6D 82FF F63E AC94 9526 C4CE C053 1054 598C 0AE7

To claim this, I am signing this object:

@jordimassaguerpla
jordimassaguerpla / Dockerfile_opensuse_leap_vulnerable
Created June 27, 2016 11:18
Docker file for creating an opensuse vulnerable image
FROM opensuse:leap
MAINTAINER Jordi
# openssh-6.6p1-6.3 contains at least this vulnerability
# https://lists.opensuse.org/opensuse-updates/2016-01/msg00038.html
# CVE-2016-0777 and CVE-2016-0778
# Which is considered a security issue of level *critical*
RUN zypper -n install --oldpackage openssh-6.6p1-6.3
# copy this file as Dockerfile
@jordimassaguerpla
jordimassaguerpla / rubysec_get_stats.rb
Created July 6, 2017 11:02
get ruby security statistics based on [email protected]:rubysec/ruby-advisory-db.git
require "yaml"
if ARGV.length != 1
puts "usage: ruby get_stats.rb YEAR"
exit -1
end
if ARGV[0] !~ /\d\d\d\d/
puts "usage: ruby get_stats.rb YEAR"
exit -2
end
year = Integer(ARGV[0])