kwilczynski

server_names = [
        'cloudflare',
        'doh-crypto-sx',
        'ams-doh-nl',
# Possible issues.
#        'faelix-ch-ipv4-doh',
        'doh.ffmuc.net'
]

listen_addresses = [

avoidik

#!/bin/bash

flag_iptables=true
flag_dry_run=true

while getopts ":nf" arg; do
  case $arg in
    n) # Dry-run - does not preserve iptables rules.
      flag_dry_run=false
      ;;

kwilczynski

// Based on https://github.com/ericwbailey/millennials-to-snake-people.

function walkTextNodes(rootNode) {
    let walker = document.createTreeWalker(rootNode, NodeFilter.SHOW_TEXT,
        function(node) {
            if (node.textContent.length === 0) {
                return NodeFilter.FILTER_SKIP;
            }
            return NodeFilter.FILTER_ACCEPT
        },

kwilczynski

make clean
export PATH='/usr/local/bin:/usr/local/sbin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'

make DESTDIR='/tmp/cppcheck' MATCHCOMPILER=yes HAVE_RULES=yes FILESDIR='/usr/share/cppcheck' CXXFLAGS='-O2 -DNDEBUG -Wall -Wno-sign-compare -Wno-unused-function' -j$(nproc) install

OR

sudo make MATCHCOMPILER=yes HAVE_RULES=yes FILESDIR='/usr/share/cppcheck' CXXFLAGS='-O2 -DNDEBUG -Wall -Wno-sign-compare -Wno-unused-function' -j$(nproc) install

kwilczynski

make clean
export PATH='/usr/local/bin:/usr/local/sbin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
make PREFIX='/usr' -j$(nproc)
make DESTDIR='/tmp/sparse' PREFIX='/usr' install

terjanq

A TL;DR solution to Security Driven by @terjanq

For this year's Google CTF, I prepared a challenge that is based on a real-world vulnerability. The challenge wasn't solved by any team during the competition so here is the proof that the challenge was in fact solvable! :)

• Link to the challenge: https://capturetheflag.withgoogle.com/challenges/web-security-driven
• Link to the PoC: https://github.com/google/google-ctf/tree/master/2021/quals/web-security-driven/solution

The goal of the challenge was to send a malicious file to the admin and leak their file with a flag. The ID of the file was embedded into the challenge description (/file?id=133711377731) and only admin had access to it, because the file was private.

Disclamer: The write-up is written on airplane therefore the quality of it is poor, mostly to showcase the required steps to solve the challenge

peterpme

## Home Assistant OS (Latest as of July 17th, 2021)
## Installation using Ubuntu 20.04 Server and KVM
## Thanks to:
# https://gist.github.com/dsbaars/82a31303f50da08edb422fdc15031257
# https://community.home-assistant.io/t/install-home-assistant-os-with-kvm-on-ubuntu-headless-cli-only/254941

# /var/lib/libvirt/images/hassos-vm
## Everything lives here
mkdir -vp /var/lib/libvirt/images/hassos-vm && cd /var/lib/libvirt/images/hassos-vm

kwilczynski

Install the "xdotool" utility as usual on Ubuntu, then go to "/lib/systemd/system-sleep"
directory and create a small shell script called "capslock" with the following content:

#!/bin/sh

case "$1" in
        post)
		/usr/bin/logger -t suspend -s 'Resetting CapsLock key'
                /usr/bin/xdotool --clearmodifiers --delay 500 --repeat 2 Caps_Lock
        ;;

aojea

How to run Kubernetes conformance test

Conformance test are a subset of the e2e test Kubernetes test.

The e2e tests are based on Ginkgo https://onsi.github.io/ginkgo/ and live in the Kubernetes repository https://github.com/kubernetes/kubernetes/tree/master/test/e2e.

There is no guarantee of compatibility for the e2e binaries, hence the e2e binary version MUST match your kubernetes cluster version.

kwilczynski

[Unit]
Description=Dummy unit to create log directory for Nginx
After=network.target

[Service]
Type=oneshot
ExecStart=/bin/mkdir -p /var/log/nginx
ExecStart=/bin/chown root:adm /var/log/nginx
ExecStart=/bin/chmod 755 /var/log/nginx