Bryan Helmkamp brynary

gpg-agent setup

Need to setup gpg-agent first, on OSX I use keychain (it also does ssh-agent)

$ brew info keychain
keychain: stable 2.8.5
User-friendly front-end to ssh-agent(1)
https://www.funtoo.org/Keychain
/usr/local/Cellar/keychain/2.8.5 (7 files, 108.5KB) *

	data "aws_caller_identity" "current" {} # data.aws_caller_identity.current.account_id
	data "aws_region" "current" {} # data.aws_region.current.name

	output "account_id" {
	description = "Selected AWS Account ID"
	value = data.aws_caller_identity.current.account_id
	}

	output "region" {
	description = "Details about selected AWS region"

	#!/bin/bash -e

	##
	# Use this annotated script a base for launching an interactive console task on Amazon ECS
	#
	# more info: https://engineering.loyaltylion.com/running-an-interactive-console-on-amazon-ecs-c692f321b14d
	#
	# Requirements:
	# - `jq` must be installed on both the client and server
	##

	require 'omniauth'
	require 'omniauth-saml'

	class MultiProviderSamlHandler
	UUID_REGEX = /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/

	attr_reader :path_prefix, :provider_name

	def initialize(path_prefix: OmniAuth.config.path_prefix, provider_name: 'saml')
	@path_prefix = path_prefix

	#!/usr/bin/sudo sh

	## ruby_revealer.sh -- decrypt obfuscated GHE .rb files. 2.0.0 to 2.3.1+.

	## From `strings ruby_concealer.so`:
	##
	## > This obfuscation is intended to discourage GitHub Enterprise customers
	## > from making modifications to the VM.
	##
	## Well, good, as long as its not intended to discourage me from doing this!

	#cloud-config

	coreos:
	etcd:
	# generate a new token for each unique cluster from https://discovery.etcd.io/new
	discovery: https://discovery.etcd.io/<token>
	# multi-region deployments, multi-cloud deployments, and droplets without
	# private networking need to use $public_ipv4
	addr: $private_ipv4:4001
	peer-addr: $private_ipv4:7001

	WITH btree_index_atts AS (
	SELECT nspname, relname, reltuples, relpages, indrelid, relam,
	regexp_split_to_table(indkey::text, ' ')::smallint AS attnum,
	indexrelid as index_oid
	FROM pg_index
	JOIN pg_class ON pg_class.oid=pg_index.indexrelid
	JOIN pg_namespace ON pg_namespace.oid = pg_class.relnamespace
	JOIN pg_am ON pg_class.relam = pg_am.oid
	WHERE pg_am.amname = 'btree'
	),

	# docker build -t="rails" .

	FROM ubuntu:12.04

	RUN apt-get update

	## MYSQL
	RUN apt-get install -y -q mysql-client libmysqlclient-dev

	## RUBY

	#!/usr/bin/env ruby
	#
	# Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0156)
	#
	# ## Advisory
	#
	# https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
	#
	# ## Caveats
	#

	-- show running queries (pre 9.2)
	SELECT procpid, age(clock_timestamp(), query_start), usename, current_query
	FROM pg_stat_activity
	WHERE current_query != '<IDLE>' AND current_query NOT ILIKE '%pg_stat_activity%'
	ORDER BY query_start desc;

	-- show running queries (9.2)
	SELECT pid, age(clock_timestamp(), query_start), usename, query
	FROM pg_stat_activity
	WHERE query != '<IDLE>' AND query NOT ILIKE '%pg_stat_activity%'