Skip to content

Instantly share code, notes, and snippets.

View kholia's full-sized avatar
🎯
Focusing

Dhiru Kholia kholia

🎯
Focusing
View GitHub Profile
@smerrill
smerrill / openshift-origin-instructions.md
Last active December 18, 2015 13:39
Instructions on how you can get your own OpenShift Origin machine running on RHEL/CentOS 6 to closely match OpenShift Origin for cartridge development.

This document describes installing an OpenShift Origin server on RHEL/CentOS 6.4.

It uses named (because the Avahi support does not work on RHEL 6 yet) and assumes a domain name of "broker.openshiftorigin" and a domain of "openshiftorigin"

First, kickstart a machine using the kickstart below.

Next, log into the machine as root:openshift and do the following to get it provisioned:

  • cd /etc/puppet
  • Create the site.pp file, grabbing the DNSSEC key
@kholia
kholia / ASLR+vsyscall.rst
Last active February 23, 2025 15:55
Notes on ASLR and vsyscall page

Goals

This documents tries to address some concerns with enabling PIE.

Argument 1

One of the criticism of "Using PIE by default on AMD64" is,

@drawveloper
drawveloper / compress-pdf-with-gs.md
Created August 30, 2013 14:39
Compress PDF files with ghostscript

This can reduce files to ~15% of their size (2.3M to 345K, in one case) with no obvious degradation of quality.

ghostscript -sDEVICE=pdfwrite -dCompatibilityLevel=1.4 -dPDFSETTINGS=/printer -dNOPAUSE -dQUIET -dBATCH -sOutputFile=output.pdf input.pdf

Other options for PDFSETTINGS:

  • /screen selects low-resolution output similar to the Acrobat Distiller "Screen Optimized" setting.
  • /ebook selects medium-resolution output similar to the Acrobat Distiller "eBook" setting.
  • /printer selects output similar to the Acrobat Distiller "Print Optimized" setting.
  • /prepress selects output similar to Acrobat Distiller "Prepress Optimized" setting.
@vrde
vrde / bootstrap-myproject.sh
Last active December 27, 2015 22:19
#!/bin/sh
# Setup some variables needed for bootstrapping the environment
ROOT=/home/vrde/projectz/myproject
REPOS=${ROOT}/repos
export PYTHONPATH=${REPOS}
@sensepost
sensepost / x3270-hack.patch
Created November 22, 2013 22:24
Patch to x3270 to make it ignore protected fields, and allow them to be modified. This provided some significant pwnage on an assessment where the mainframe (IMS) application appeared to pass the username from one field to another. I'm still researching this, and it could turn out to be very specific to the set of apps I'm testing (maybe CICS ap…
diff -u x3270-3.3/ctlr.c x3270-3.3-hacked/ctlr.c
--- x3270-3.3/ctlr.c 2013-07-11 17:03:24.000000000 -0500
+++ x3270-3.3-hacked/ctlr.c 2013-11-22 15:30:50.000000000 -0600
@@ -334,8 +334,10 @@
ea_buf[-1].fa = FA_PRINTABLE | FA_MODIFY;
aea_buf[-1].fa = FA_PRINTABLE | FA_MODIFY;
} else {
- ea_buf[-1].fa = FA_PRINTABLE | FA_PROTECT;
- aea_buf[-1].fa = FA_PRINTABLE | FA_PROTECT;
+ //ea_buf[-1].fa = FA_PRINTABLE | FA_PROTECT;
@lmacken
lmacken / Wall-format-security-critpath-ftbfs.py
Last active December 29, 2015 09:39
Determine how many critical path packages failed to build from source using gcc -Werror=format-security
# Determine how many critical path packages failed to build from source using
# gcc -Werror=format-security. https://fedoraproject.org/wiki/Changes/FormatSecurity
import os
import subprocess
from collections import defaultdict
from fedora.client import PackageDB
pkgdb = PackageDB('https://admin.fedoraproject.org/pkgdb')
@manuels
manuels / dtls-client.py
Last active September 11, 2020 08:55
dtls for python
# -*- coding: latin-1 -*-
#
# Copyright (C) AB Strakt
# Copyright (C) Jean-Paul Calderone
# See LICENSE for details.
"""
Simple SSL client, using blocking I/O
"""
@axt
axt / bbhit.c
Last active September 18, 2020 07:56
Naive hit tracer implementation using DynamoRIO.
/*
* Naive hit tracer implementation using DynamoRIO.
*
* Author: axt
*
* Build it with the following commands:
* gcc -Dbbhit_EXPORTS -DSHOW_RESULTS -DSHOW_SYMBOLS -fPIC -I../include -I../ext/include -DX86_64 -DLINUX -O2 -fno-stack-protector -o bbhit.c.o -c bbhit.c
* gcc -fPIC -O2 -DX86_64 -DLINUX -fno-stack-protector -fPIC -shared -lgcc -Wl,--hash-style=both -shared -Wl,-soname,libbbhit.so -o libbbhit.so bbhit.c.o ../lib64/debug/libdynamorio.so.4.2 ../ext/lib64/debug/libdrsyms.so
*/
#include <stddef.h>
@SpaHost
SpaHost / SCRAM-SHA-1 Validator for XMPP Prosody
Last active March 20, 2017 07:41
<?php
// SCRAM-SHA-1 Validator PHP
//
// PHP 5.5.0 or greater required
//
// Lorenzo J. Gonzalez
// A.k.a: SpaHost
// Xmpp: [email protected]
//
// Thanks to [email protected] for helping me and repeat everytime this and this:
@bonsaiviking
bonsaiviking / NmapHeartbleed.md
Last active September 20, 2021 23:31
Guide to using Nmap to scan for the Heartbleed bug.

Requirements

  1. Nmap. The script requires version 6.25 or newer. The latest version, 6.47, already includes the next 3 dependencies, so you can skip directly to the Scanning section below.
    • An easy way to get the latest Nmap release is to use Kali Linux.
    • Binary installers are available for Windows.
    • RPM installer available for Linux, or install from source.
    • .dmg installer available for Mac OS X.
  2. tls.lua. The script requires this Lua library for TLS handshaking.
  3. ssl-heartbleed.nse. This is the script itself.