Skip to content

Instantly share code, notes, and snippets.

View tribut's full-sized avatar
🕺
Never gonna give you up

Felix Eckhofer tribut

🕺
Never gonna give you up
View GitHub Profile
@thesamesam
thesamesam / xz-backdoor.md
Last active November 17, 2024 13:13
xz-utils backdoor situation (CVE-2024-3094)

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Background

On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that

@laundmo
laundmo / compose-check.py
Last active December 23, 2022 07:45
Check which docker-compose services were changed since last "up" and which containers need to be restarted
#!/usr/bin/env python3
# This code is available under the MIT license: https://opensource.org/licenses/MIT
from pathlib import Path
import subprocess
import json
from dataclasses import dataclass
from typing import List, Optional
@SwitHak
SwitHak / 20211210-TLP-WHITE_LOG4J.md
Last active November 8, 2024 17:29
BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

  • If you want to add a link, comment or send it to me
  • Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

  • Royce Williams list sorted by vendors responses Royce List
  • Very detailed list NCSC-NL
  • The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List
@Neo23x0
Neo23x0 / log4j_rce_detection.md
Last active September 11, 2024 21:41
Log4j RCE CVE-2021-44228 Exploitation Detection

log4j RCE Exploitation Detection

You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228

Grep / Zgrep

This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders

sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log
@z3dm4n
z3dm4n / systemd-run-as-atd-replacement.md
Last active November 2, 2023 13:47
Using systemd-run as atd replacement to run jobs at scheduled times
$ sudo systemd --version
systemd 237
+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN -PCRE2 default-hierarchy=hybrid

$ sudo systemd-run --property=WorkingDirectory=/foo/bar --property=TimeoutSec=5min --on-active="10min" command args
Running timer as unit: run-1.timer
Will run service as unit: run-1.service

$ sudo systemctl list-timers
using REPL
using REPL.LineEdit
# basically the same as Base's `display_error`, just with different frames removed
function display_error(io, err, st)
ind = findfirst(frame -> frame.file == Symbol(@__FILE__) && frame.func == :repleval, st)
st = st[1:(ind == nothing ? end : ind - 2)]
printstyled(io, "ERROR: "; bold=true, color=Base.error_color())
showerror(IOContext(io, :limit => true), err, st)
println(io)
end
@xsot
xsot / instructions.md
Last active March 3, 2024 13:42
sed maze solver

Usage

sed -E -f solver.sed input where input is a file containing the maze.

For best results, resize your terminal to match the height of the maze. To disable animations, delete the lines containing p.

Maze format

The solver assumes the following:

  • The maze only contains the characters # \nSE
  • Every line has the same number of characters
  • There is only one start (S) and end (E)
@timvisee
timvisee / falsehoods-programming-time-list.md
Last active November 18, 2024 07:43
Falsehoods programmers believe about time, in a single list

Falsehoods programmers believe about time

This is a compiled list of falsehoods programmers tend to believe about working with time.

Don't re-invent a date time library yourself. If you think you understand everything about time, you're probably doing it wrong.

Falsehoods

  • There are always 24 hours in a day.
  • February is always 28 days long.
  • Any 24-hour period will always begin and end in the same day (or week, or month).
@ageis
ageis / systemd_service_hardening.md
Last active November 15, 2024 09:28
Options for hardening systemd service units

security and hardening options for systemd service units

A common and reliable pattern in service unit files is thus:

NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
DevicePolicy=closed
ProtectSystem=strict
@ViktorNova
ViktorNova / rotate-video.sh
Created August 8, 2016 21:33
Rotate a video with FFmpeg (100% lossless, and quick)
$INPUTVIDEO='input.mp4'
$OUTPUTVIDEO='output.mp4'
ffmpeg -i $INPUTVIDEO -metadata:s:v rotate="-90" -codec copy $OUTPUTVIDEO