Skip to content

Instantly share code, notes, and snippets.

View mschmitt's full-sized avatar
🥾
Busier than a one-legged man in an ass-kicking contest.

Martin Schmitt mschmitt

🥾
Busier than a one-legged man in an ass-kicking contest.
39 followers · 10 following
View GitHub Profile
@mschmitt
mschmitt / sosreport-receiver
Last active August 19, 2020 15:23
#!/usr/bin/haserl --upload-limit=100000 --shell=/bin/bash
Content-Type: text/plain
<%
targetdir=/var/tmp
if [[ "$POST_upload_token" == "yolo" ]]
then
find "$targetdir" -name 'sosreport*tar.xz' -mtime +7 -print0 | xargs -0 rm
if [[ -s "$HASERL_file_path" ]]
then
@mschmitt
mschmitt / yolo.sh
Last active June 5, 2020 19:32
Debian Maillog Cleanup
# „This has mostly historical reasons.“ - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508376
# curl --silent https://gist.githubusercontent.com/mschmitt/401fe835cdbb8f87650a5a145fa9dca4/raw/yolo.sh | bash -x
perl -i.bak -pe 's/^(mail.(info|warn|err))/#$1/' /etc/rsyslog.conf
systemctl restart rsyslog || /etc/init.d/rsyslog restart
rm -vf /var/log/mail.{info,warn,err}*
@mschmitt
mschmitt / 61-usbstorage-policy.rules
Last active May 14, 2020 09:26
Prohibit use of unencrypted USB storage
# Match disks and partitions with non-null FS type which is not crypto_LUKS
ACTION=="add",ENV{ID_BUS}=="usb",ENV{DEVTYPE}=="disk",ENV{ID_FS_TYPE}!="",ENV{ID_FS_TYPE}!="crypto_LUKS",GOTO="deauth_device"
ACTION=="add",ENV{ID_BUS}=="usb",ENV{DEVTYPE}=="partition",ENV{ID_FS_TYPE}!="",ENV{ID_FS_TYPE}!="crypto_LUKS",GOTO="deauth_device"
# Nothing matched; skip deauthorization step
GOTO="eof"
# Deauthorize entire device if any other FS type than crypto_LUKS detected
LABEL="deauth_device"
RUN+="/usr/bin/logger -t 61-usbstorage-policy.rules -p kern.info -- '$env{ID_FS_TYPE} on $env{DEVPATH}'"
@mschmitt
mschmitt / ed.txt
Last active April 26, 2020 10:29
Ed ist der Standard!
Date: Fri, 16 Apr 2004 09:29:32 +0200
Ed ist der Standard!
Wenn ich mich mit meinem 300-Baud-Akustikkoppler auf meiner Minix-286-Kiste
einwähle sind Emacs und vi zu langsam für alles und geben massenweise
Schwachsinn wie "Press C-h for help" oder "File is read-only" aus. Also
bietet sich der Editor an, der meine KOSTBARE Zeit nicht verschleudert:
man ed, Mann!!!
@mschmitt
mschmitt / autostart
Last active May 9, 2020 21:53
Raspbian kiosk script so I don't have to write it from scratch for the n+1th time.
# .config/lxsession/LXDE-pi/autostart
@lxpanel --profile LXDE-pi
@pcmanfm --desktop --profile LXDE-pi
@/home/pi/bin/kiosk.sh
@mschmitt
mschmitt / packagemanagement-wrapper
Last active April 1, 2020 14:51
A wrapper for running apt-get and apt under sudo.
#!/usr/bin/env python3
# /usr/local/bin/packagemanagement is symlinked as /usr/local/bin/{apt,apt-get}
# and when called from sudo cleans the environment and refuses to accept
# configuration overrides and to directly install packages.
import sys
import os
import re
import syslog
@mschmitt
mschmitt / Workarounds for Netflix and the blocking of IPv6 tunnels.md
Created March 8, 2020 17:26 — forked from jamesmacwhite/Workarounds for Netflix and the blocking of IPv6 tunnels.md
Prevent proxy/VPN streaming error messages from Netflix when using an IPv6 tunnelf

Workarounds for Netflix and the blocking of IPv6 tunnels

The dreaded "You seem to be using an unblocker or proxy." error message. Cool story bro.

This gist was essentially created out of my own rant about Netflix being hostile to IPv6 tunnel services since June 2016. You are welcome to read my opinion on the matter, this is the more technical side to the issue and how to combat it within your own network.

Since I wrote this, various GitHub users have contributed their thoughts and ideas which has been incorporated into this gist. Thank you to everyone who have contributed their own methods and implementations.

The problem

Netflix now treats IPv6 tunnel brokers (such as Hurricane Electric) as proxy servers. A while ago it became apparent to users and Netflix that somewhat by accident, IPv6 tunnel users were being served content outside of their geolocation because of the way Netflix was identifying the tunnel servi

@mschmitt
mschmitt / MegaJiggler.md
Last active January 24, 2023 17:29
Mouse Jiggler for Atmega32U4-based BadUSB Beetles
@mschmitt
mschmitt / -
Created March 6, 2020 09:45
Script for checking a remote APT repository
#!/bin/bash -e
repos[0]='deb http://de.deb.devuan.org/merged ascii main contrib non-free'
repos[1]='deb http://de.deb.devuan.org/merged ascii-security main contrib non-free'
pgpkey[0]='https://git.devuan.org/devuan-packages/devuan-keyring/raw/master/keyrings/devuan-archive-keyring.gpg?inline=false'
pgpkey[1]='https://git.devuan.org/devuan-packages/devuan-keyring/raw/master/keyrings/devuan-archive-keyring.gpg?inline=false'
function cleanup() {
printf "Cleaning up %s\n" "${tempdir}"
(
@mschmitt
mschmitt / doh.sh
Last active November 16, 2022 20:02
doh.sh - A highly non-scalable CGI DNS-over-HTTPS proxy in Bash. Have fun.
#!/bin/bash
# A highly non-scalable CGI DNS-over-HTTPS proxy in Bash. Have fun.
# Here's an endpoint running this script: https://doh.team-frickel.de
# Relevant Firefox settings:
# network.trr.mode = 2 -> DoH and fall back to DNS (default)
# network.trr.mode = 3 -> DoH only -> MUST use bootstrapAddress
# network.trr.uri = https://doh.team-frickel.de