Skip to content

Instantly share code, notes, and snippets.

View bahorn's full-sized avatar
🏴‍☠️

B. Horn bahorn

🏴‍☠️
View GitHub Profile
@bahorn
bahorn / pcrtest.py
Created November 20, 2024 23:47
Quick and dirty detection script for recent versions of the KoviD LKM rootkit
"""
PCRtest.py - bah / November 2024
A quick / dirty test for recent versions of the Kovid LKM rootkit.
If you write to /proc/sys/kernel/tainted, kovid unset a few bits.
You can use resetting behaviour to detect it.
Run this script as root.
"""

Keybase proof

I hereby claim:

  • I am bahorn on github.
  • I am bahorn (https://keybase.io/bahorn) on keybase.
  • I have a public key whose fingerprint is 8109 2732 6173 4511 5F4A 7A54 5D62 4999 8486 EE8F

To claim this, I am signing this object:

@bahorn
bahorn / catchsudo.py
Last active May 4, 2024 20:12
A POC for the user readable pty allowing you to capture your password, but with sudo. Has constraints, read docstring.
"""
A POC for the user readable pty allowing you to capture your password,
but with sudo. You might need to press enter once at the password prompt
to get this to work, bit of a race condition there. Should be noted that
a root owned tty only starts after a correct password, but you can still
log keys after that with this (but it will break the terminal and will
need to be killed).
The only advantage to targeting systemd-run --pty is that you don't seem to
need to kill -9 the targeted session afterwards so it behaves a bit better.
@bahorn
bahorn / badbackground.py
Created May 3, 2024 21:23
A bad background task that will inject stuff into shells.
#!/usr/bin/env python3
"""
So... I got nerd snipped by someone talking about a fake bug.
But in the process I got to learn a bit about an old trick and convert it into
a mildly interesting backdoor that lets you misuse a sudo session if started
from one the basic user you owned.
Run like:
python3 this.py &
@bahorn
bahorn / BGPNotes.md
Last active July 10, 2021 00:28
Playing with BGP

BGP with RPKI on KVM

Hacky setup to build a test BGP network with RPKI enabled on it.

Written from memory, does disable some security things, Not how you'd do this in production, etc.

Routers

Two Vyos Routers:

import colorsys
import random
import string
import sys
import multiprocessing
import time
import os
sys.path.append(os.path.realpath('openrgb'))
import openrgb
from openrgb.utils import DeviceType, ModeData, RGBColor, ZoneType
@bahorn
bahorn / fantasy.zsh-theme
Last active June 20, 2020 20:21
personal zsh theme. mixed cloud with evan.
# Cloud mixed with evan.
if [[ -z $ZSH_THEME_CLOUD_PREFIX ]]; then
ZSH_THEME_CLOUD_PREFIX=$(hostname | cut -c1)
fi
PROMPT='%{$fg_bold[cyan]%}$ZSH_THEME_CLOUD_PREFIX %{$fg_bold[green]%}%p%{$fg[green]%}%2~%{$fg_bold[cyan]%}$(git_prompt_info)%{$fg_bold[blue]%} % %{$reset_color%}»%b '
ZSH_THEME_GIT_PROMPT_PREFIX=" %{$fg[green]%}[%{$fg[cyan]%}"
ZSH_THEME_GIT_PROMPT_SUFFIX="%{$reset_color%}"
@bahorn
bahorn / cmds.sh
Last active June 10, 2020 02:20
random commands
grep "^mem" UCD-SNMP-MIB.txt | cut -f 1 -d ' ' | xargs -n 1 -I {} printf "[[inputs.snmp.field]]\nname = \"{}\"\noid = \"UCD-SNMP-MIB:::{}\"\n\n" | clip
opkg update; opkg list-upgradable | cut -f 1 -d ' ' | xargs opkg upgrade
@bahorn
bahorn / timing.html
Last active May 27, 2020 20:55
turns out having devtools open makes this slower
<script>
const count = 500;
function timeFunction(fun, arg) {
var start = new Date().getTime();
fun(arg);
var end = new Date().getTime();
return (end - start);
}
version: '3'
services:
minio:
image: 'bahorn/minio:latest'
command: minio server /data
restart: always
ports:
- '9000:9000'
volumes: