Skip to content

Instantly share code, notes, and snippets.

View ollytheninja's full-sized avatar

Olly E ollytheninja

View GitHub Profile
import binascii
sbox = [
[0xA3, 0xB0, 0x80, 0xC6, 0xB2, 0xF4, 0x5C, 0x6C, 0x81, 0xF1, 0xBB, 0xEB, 0x55, 0x67, 0x3C, 0x05],
[0x1A, 0x0E, 0x61, 0xF6, 0x22, 0xCE, 0xAA, 0x8F, 0xBD, 0x3B, 0x1F, 0x5E, 0x44, 0x04, 0x51, 0x2E],
[0x4D, 0x9A, 0x84, 0xEA, 0xF8, 0x66, 0x74, 0x29, 0x7F, 0x70, 0xD8, 0x31, 0x7A, 0x6D, 0xA4, 0x00],
[0x82, 0xB9, 0x5F, 0xB4, 0x16, 0xAB, 0xFF, 0xC2, 0x39, 0xDC, 0x19, 0x65, 0x57, 0x7C, 0x20, 0xFA],
[0x5A, 0x49, 0x13, 0xD0, 0xFB, 0xA8, 0x91, 0x73, 0xB1, 0x33, 0x18, 0xBE, 0x21, 0x72, 0x48, 0xB6],
[0xDB, 0xA0, 0x5D, 0xCC, 0xE6, 0x17, 0x27, 0xE5, 0xD4, 0x53, 0x42, 0xF3, 0xDD, 0x7B, 0x24, 0xAC],
[0x2B, 0x58, 0x1E, 0xA7, 0xE7, 0x86, 0x40, 0xD3, 0x98, 0x97, 0x71, 0xCB, 0x3A, 0x0F, 0x01, 0x9B],
@ollytheninja
ollytheninja / check-accounts.sh
Created May 28, 2023 23:05
Find the Auditor role and account name for an account ID, assume it and print EC2 instances
aws ec2 describe-instances | jq '.Reservations[].Instances[] | {InstanceId,KeyName,Tags,SecurityGroups}'
foreach ACCOUNT (1234567890 0987654321)
ROLE=$(cat ~/.aws/config | grep -B 3 $ACCOUNT | grep Auditor | sed -e 's/.* \(.*\)./\1/g')
echo $ROLE
assume $ROLE
aws ec2 describe-instances | jq '.Reservations[].Instances[] | {InstanceId,KeyName,Tags,SecurityGroups}'
end
# Install Brew
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
# Install CLI basics
brew install go jq gh multi-git-status zsh coreutils findutils gnu-tar gnu-sed gawk gnutls gnu-indent gnu-getopt grep
# Install oh my zsh
sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"
# Install UI apps and dev tools
@ollytheninja
ollytheninja / Athena_Table_Central_Cloudtrail.sql
Last active March 17, 2023 01:22
Athena Table for querying a centralised CloudTrail log store. You will need to replace S3BUCKETNAME, ORGID and 111111111111,222222222222 with your desired values, your bucket may also not use quite the same path.
CREATE EXTERNAL TABLE cloudtrail_logs (
eventVersion STRING,
userIdentity STRUCT<
type: STRING,
principalId: STRING,
arn: STRING,
accountId: STRING,
invokedBy: STRING,
accessKeyId: STRING,
userName: STRING,
###############################################
# Generate a JWK file to connect Vault to GCP #
# by providing GCP our own private key #
###############################################
# Inspired by:
# https://binx.io/2021/03/08/how-to-create-your-own-google-service-account-key-file/
# And for my later self - GCP does indeed want a public key certificate - not just a bare public key!
@ollytheninja
ollytheninja / syno_tailscale_enable.sh
Last active September 12, 2022 05:55
Enable outbound Tailscale connections from synology NAS
# FROM https://tailscale.com/kb/1131/synology/#enabling-synology-outbound-connections
# Add CAP_NET_ADMIN to the binary; required if manually installing the
# Tailscale *.spk file.
# This step is required every time you upgrade Tailscale.
sudo setcap cap_net_admin+eip /var/packages/Tailscale/target/bin/tailscaled
# These three commands are only needed once and persist over restarts.
sudo mkdir -p /dev/net
sudo mknod /dev/net/tun c 10 200
@ollytheninja
ollytheninja / helm-repos.sh
Created May 9, 2022 05:07
Helm repos that might be useful!
#!/bin/bash
helm repo add rancher-stable https://releases.rancher.com/server-charts/stable
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo add k8s-at-home https://k8s-at-home.com/charts/
helm repo add mojo2600 https://mojo2600.github.io/pihole-kubernetes/
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm repo add stable https://charts.helm.sh/stable
helm repo add devtron https://helm.devtron.ai
helm repo add fluxcd https://charts.fluxcd.io
#!/bin/bash
# Install relevant dependencies for NFS / Longhorn
sudo apt install nfs-common open-iscsi
curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="---options---" sh -
Options:
--disable traefik
--disable servicelb
#!/bin/bash
# First copy your ssh key over
ssh-copy-id pi
# then ssh to the pi
ssh pi
# change the default password
sudo passwd pi
@ollytheninja
ollytheninja / ssh_config
Last active April 5, 2022 04:19
Handy defaults to add to your ~/.ssh/config file
Host *
UseKeychain yes
AddKeysToAgent yes
IdentityFile ~/.ssh/id_rsa
Host pi
HostName raspberrypi.local
User pi
StrictHostKeyChecking no
UserKnownHostsFile=/dev/null