Joshua Cornutt 01000101
01000101
/ barbican-kmip-rsa-store.sh
Last active
December 1, 2020 19:12
Using OpenStack Barbican to store an RSA public key with a KMIP / SafeNet backend
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Create an RSA 2048-bit private key (PEM format) | |
| openssl genrsa -out my-secret.pem 2048 | |
| # Extract the RSA public key | |
| openssl rsa -in my-secret.pem -out my-secret.pem.pub -pubout | |
| # Store the RSA public key in Barbican | |
| # This was tested against a SafeNet AT KeySecure G460 HSM (via KMIP) | |
| openstack secret store \ | |
| --algorithm rsa \ |
01000101
/ verify-wp-bulk.sh
Created
November 30, 2020 12:05
Shell script to validate Wordpress installs on a cPanel server. This is very useful for identifying compromised sites and removing unexpected files.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| for i in `/usr/local/cpanel/bin/apitool listaccts --output json | jq -r '.data.acct[] | select(.suspended == 0) | .user'`; do | |
| echo "Verifying account: ${i}"; | |
| sketchy=$(su -s /bin/bash -c "wp core verify-checksums --path=/home/${i}/public_html/" ${i} 2>&1 | grep 'File should not exist' | awk -F' ' '{print $NF}') | |
| for sketch in $sketchy; do | |
| echo "++ Removing file: /home/${i}/public_html/${sketch}"; | |
| rm -f /home/${i}/public_html/${sketch} |
01000101
/ cpanel-wp-update-all.sh
Last active
November 9, 2020 21:03
Updates all standard WordPress sites hosted on a cPanel server - both core and plugins. Also snoops for WP installs in a root directory (sub-sites).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| for i in `/usr/local/cpanel/bin/apitool listaccts --output json | jq -r '.data.acct[] | select(.suspended == 0) | .user'`; do | |
| echo "Updating account: ${i}"; | |
| su -s /bin/bash -c "wp core update --path=/home/${i}/public_html/" $i; | |
| su -s /bin/bash -c "wp plugin update --path=/home/${i}/public_html/ --all" $i; | |
| for subsite in `find /home/${i}/public_html/ -name "wp-config.php" | grep -Po "/home/${i}/public_html/\K.*(?=/wp-config.php)"`; do | |
| echo "Updating sub-site account: ${subsite}"; | |
| su -s /bin/bash -c "wp core update --path=/home/${i}/public_html/${subsite}/" $i; |
01000101
/ fix-gp-routes.ps1
Created
May 13, 2020 12:02
PowerShell script to remove unwanted "full tunnel" Palo Alto GlobalProtect VPN routes.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Description name of the GlobalProtect interface | |
| $gp_iface = "PANGP Virtual Ethernet Adapter" | |
| # Routes to remove from the GlobalProtect interface | |
| $bad_routes = @( | |
| '0.0.0.0/0', | |
| '10.1.10.0/24', | |
| '10.1.10.255/32', | |
| '172.16.100.0/24', | |
| '192.168.1.0/24') | |
| # How many loops used to remove routes. |
01000101
/ openstack-saml-ecp-test.py
Last active
May 13, 2018 02:06
Example script for testing OpenStack Keystone SAML 2.0 ECP authentication with Python libraries
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| Example script for testing OpenStack Keystone SAML 2.0 ECP authentication | |
| This script expects the following OS environment variables to be defined: | |
| OS_AUTH_URL | |
| OS_USERNAME | |
| OS_PASSWORD | |
| OS_PROJECT_ID | |
| OS_PROJECT_NAME | |
| OS_PROTOCOL |