Skip to content

Instantly share code, notes, and snippets.

View marcinantkiewicz's full-sized avatar

Marcin Antkiewicz marcinantkiewicz

1 follower · 2 following
View GitHub Profile
@marcinantkiewicz
marcinantkiewicz / newline_in_search_params.yaml
Created March 23, 2023 21:33
nuclei template - newline in search params
id: newline_search_params
info:
name: newline_search_params
author: f
severity: low
description: search param set to newline results in empty response
tags: inputvalidation
requests:
@marcinantkiewicz
marcinantkiewicz / list_repos.js
Created March 18, 2023 23:47
List GitHub repos via browser console
// go to https://github.com/orgs/ORGNAME/repositories, open JS console
// run the below. Once done, extract with "JSON.parse(sessionStorage.repolist).forEach((e)=>{console.log(e)})"
//
// The following will covert from https to ssh endpoint link
// %s/$/.git/
// %s/https:\/\//git@/
// %s/\.com\//\.com:/
//
extract();
function extract(){
@marcinantkiewicz
marcinantkiewicz / _ verify_curl_bash.md
Last active February 8, 2023 22:49
This repo provides a trivial example script, and shows how SpectreOps preflight adds a checksum verification step to the curl| bash.. pipe installer.

verify packages installed via 'curl | bash'

Spectral Ops preflight provides an easy way to add an integrity check to the pipe installed, turning them into 'curl | checksum | bash'.

preflight-error

The process takes has two steps:

  1. calculate the checksum
  2. pass the downloaded script through preflight when executing, preflight will pass the input to its output if the calculated and provided hashes match.
@marcinantkiewicz
marcinantkiewicz / sudo Powershell
Created October 19, 2022 03:21
if (-Not([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")){
Write-Host "Not admin, elvevating"
Start-Process powershell.exe "-NoProfile -ExecutionPolicy Bypass -File `"$PSCommandPath`"" -Verb RunAs; exit
}
else {
Write-Host "I hate PS so, so much"
Start-Sleep -Second 5
}
@marcinantkiewicz
marcinantkiewicz / AuthyToOtherAuthenticator.md
Created August 15, 2022 23:12 — forked from gboudreau/AuthyToOtherAuthenticator.md
Export TOTP tokens from Authy

Generating Authy passwords on other authenticators

There is an increasing count of applications which use Authy for two-factor authentication. However many users who aren't using Authy, have their own authenticator setup up already and do not wish to use two applications for generating passwords.

Since I use 1Password for all of my password storing/generating needs, I was looking for a solution to use Authy passwords on that. I couldn't find any completely working solutions, however I stumbled upon a gist by Brian Hartvigsen. His post had a neat code with it to generate QR codes for you to use on your favorite authenticator.

His method is to extract the secret keys using Authy's Google Chrome app via Developer Tools. If this was not possible, I guess people would be reverse engineering the Android app or something like that. But when I tried that code, nothing appeared on the screen. My guess is that Brian used the

@marcinantkiewicz
marcinantkiewicz / bootstrap AWS security
Created July 22, 2022 20:04
ASAP
* No IAM users, the exceptions are cases where username/password is a requirement that cannot be changed.
* Users login as roles, it OK to start with * for Action and Resource
* Role policy requires MFA
* use aws-vault
Practices/functionality to adopt soon
* create org structure
* terraform (or similar)
* account per project/environment
@marcinantkiewicz
marcinantkiewicz / AWS Parameter Store and Openssl
Created May 30, 2022 20:41
# defaults for you, change the CMD if you do not use aws-okta anymore
NAME_PREFIX="${1:-test}"; shift;
SUBJECT="${1:-/[email protected]/O=ExampleOrg/OU=SRE/C=US/ST=CA/L=SanDiego}"; shift;
AWS_CMD="aws-okta exec labs -- aws";
PARAM_NAME="${1:-/certs/${NAME_PREFIX}/pass}";
DAYS_VALID="3650";
# - in my use case the cert does not have name (CAN or CN) but email address: /[email protected]/O=ExampleOrg/OU=SRE/C=US/ST=CA/L=Lodi" \
# if SAN or CN are needed, remove email from the subject and add to the openssl command another argument:
# -addext "subjectAltName = DNS:sre.example.com"
@marcinantkiewicz
marcinantkiewicz / scan net for specified ports
Created May 16, 2022 20:01
# scan network for open ports, list IPs that have something listening on those ports
# You can list multiple ports, separate them by commas (22,80,443).
function check_port() { NETWORK="$1"; shift; PORTS="$1"; shift; [ -z "$PORTS" ] && echo "Use: check_port CIDR PORTS - scans CIDR, prints ip if it listens on comma separated PORTS." && return 1; nmap --open -p "${PORTS}" "${NETWORK}" -oG - | awk '/\/open/ {print $2 }'; }
function check_port() {
NETWORK="$1"; shift;
PORTS="$1"; shift;
@marcinantkiewicz
marcinantkiewicz / devtools - each tag
Created January 2, 2022 22:47
// note: document.get_elementByTagName returns HTMLCollection which is not an array, and does not implement foreach().
// ... turns htmlcolleciton into an array. Array.from(a) would do same here.
// This also an example of design decision that did not age well.
// ref: https://stackoverflow.com/questions/22754315/for-loop-for-htmlcollection-elements/22754453 or so.
[...document.getElementsByTagName('img')].forEach(a=>console.log(a.style.visibility='hidden'))
[...document.getElementsByTagName('img')].forEach(a=>console.log(a.style.height='100px'))
[...document.getElementsByTagName('img')].forEach(a=>my_function(a))
@marcinantkiewicz
marcinantkiewicz / Linksys guest network login script
Last active January 5, 2022 00:42
#! /bin/sh
# +---------------------------------
# Enter madtown pw: dd
# Sanity check:
# default iface en0
# mac_addr 0c:e4:41:d9:63:89
# ip_addr 192.168.1.202
#
# Type Y to proceed.