Skip to content

Instantly share code, notes, and snippets.

View marcinantkiewicz's full-sized avatar

Marcin Antkiewicz marcinantkiewicz

1 follower · 2 following
View GitHub Profile
@marcinantkiewicz
marcinantkiewicz / AuthyToOtherAuthenticator.md
Created August 15, 2022 23:12 — forked from gboudreau/AuthyToOtherAuthenticator.md
Export TOTP tokens from Authy

Generating Authy passwords on other authenticators

There is an increasing count of applications which use Authy for two-factor authentication. However many users who aren't using Authy, have their own authenticator setup up already and do not wish to use two applications for generating passwords.

Since I use 1Password for all of my password storing/generating needs, I was looking for a solution to use Authy passwords on that. I couldn't find any completely working solutions, however I stumbled upon a gist by Brian Hartvigsen. His post had a neat code with it to generate QR codes for you to use on your favorite authenticator.

His method is to extract the secret keys using Authy's Google Chrome app via Developer Tools. If this was not possible, I guess people would be reverse engineering the Android app or something like that. But when I tried that code, nothing appeared on the screen. My guess is that Brian used the

@marcinantkiewicz
marcinantkiewicz / bootstrap AWS security
Created July 22, 2022 20:04
ASAP
* No IAM users, the exceptions are cases where username/password is a requirement that cannot be changed.
* Users login as roles, it OK to start with * for Action and Resource
* Role policy requires MFA
* use aws-vault
Practices/functionality to adopt soon
* create org structure
* terraform (or similar)
* account per project/environment
@marcinantkiewicz
marcinantkiewicz / AWS Parameter Store and Openssl
Created May 30, 2022 20:41
# defaults for you, change the CMD if you do not use aws-okta anymore
NAME_PREFIX="${1:-test}"; shift;
SUBJECT="${1:-/[email protected]/O=ExampleOrg/OU=SRE/C=US/ST=CA/L=SanDiego}"; shift;
AWS_CMD="aws-okta exec labs -- aws";
PARAM_NAME="${1:-/certs/${NAME_PREFIX}/pass}";
DAYS_VALID="3650";
# - in my use case the cert does not have name (CAN or CN) but email address: /[email protected]/O=ExampleOrg/OU=SRE/C=US/ST=CA/L=Lodi" \
# if SAN or CN are needed, remove email from the subject and add to the openssl command another argument:
# -addext "subjectAltName = DNS:sre.example.com"
@marcinantkiewicz
marcinantkiewicz / scan net for specified ports
Created May 16, 2022 20:01
# scan network for open ports, list IPs that have something listening on those ports
# You can list multiple ports, separate them by commas (22,80,443).
function check_port() { NETWORK="$1"; shift; PORTS="$1"; shift; [ -z "$PORTS" ] && echo "Use: check_port CIDR PORTS - scans CIDR, prints ip if it listens on comma separated PORTS." && return 1; nmap --open -p "${PORTS}" "${NETWORK}" -oG - | awk '/\/open/ {print $2 }'; }
function check_port() {
NETWORK="$1"; shift;
PORTS="$1"; shift;
@marcinantkiewicz
marcinantkiewicz / devtools - each tag
Created January 2, 2022 22:47
// note: document.get_elementByTagName returns HTMLCollection which is not an array, and does not implement foreach().
// ... turns htmlcolleciton into an array. Array.from(a) would do same here.
// This also an example of design decision that did not age well.
// ref: https://stackoverflow.com/questions/22754315/for-loop-for-htmlcollection-elements/22754453 or so.
[...document.getElementsByTagName('img')].forEach(a=>console.log(a.style.visibility='hidden'))
[...document.getElementsByTagName('img')].forEach(a=>console.log(a.style.height='100px'))
[...document.getElementsByTagName('img')].forEach(a=>my_function(a))
@marcinantkiewicz
marcinantkiewicz / Linksys guest network login script
Last active January 5, 2022 00:42
#! /bin/sh
# +---------------------------------
# Enter madtown pw: dd
# Sanity check:
# default iface en0
# mac_addr 0c:e4:41:d9:63:89
# ip_addr 192.168.1.202
#
# Type Y to proceed.
@marcinantkiewicz
marcinantkiewicz / git log
Created December 2, 2021 02:38
function _gitlog_list_committers () {
DAYS=${1:-1}; # check last day unless more requested
git log --pretty=format:'%<(20)%cn %ce' \ # committer name and email
--after=$(date -v "-${DAYS}d" +%F) \ # in the past DAYS
--invert-grep --committer='GitHub' \ # just people, no bots
--all | \ # all branches
sort -u ;
}
@marcinantkiewicz
marcinantkiewicz / userscript - pause playback
Last active November 5, 2021 04:43
// userscript parts to pause playback in all open tabs, save for the current one.
// handles http video and audio tags, this will pause what is playing.
// Swap pause() to play() to reverse. Other controls:
// .volume (goes on interval from 0-1.0)
// .muted (bool)
['video','audio'].forEach((tag)=>{
player = document.getElementsByTagName(tag)
if(!![...player].find((e)=>e && !(e.paused && e.ended && e.muted))){
@marcinantkiewicz
marcinantkiewicz / falconpython
Created July 20, 2021 19:19
def get_detects():
# other parameters: for pagination: limit (max on page) and offset, and for ordering: sort. I want detections from last 5min.
parameters = {"filter":"last_behavior:>'now-5m'"}
d = detects.Detects(creds={ 'client_id': cid,'client_secret': key})
response = d.QueryDetects(parameters)
if response:
if response['body']['meta']['pagination']['total'] > 0:
return response['body']['resources']
else:
@marcinantkiewicz
marcinantkiewicz / 99-redirect-to-unifi.conf
Created February 18, 2021 17:29
lighttpd: redirect default ports to the unifi controller
# tls has to be enabled on :443 so that the connection can be terminated there before the redirect is sent back.
$SERVER["socket"] == ":80" {
$HTTP["host"] =~ ".*" {
url.redirect = (""=>"https://%0:8443/manage/site/default/dashboard")
}
}
$SERVER["socket"] == ":443" {
$HTTP["host"] =~ ".*" {