profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/eaglenutz/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.

eaglenutz/IITBreachers-wiki 0

Tutorial, wiki and assignments related to CTFs and cybersecurity

pull request commenttrimstray/the-book-of-secret-knowledge

Add 'DIRB'

I'm not seeing the change though

update done

khabib97

comment created time in 19 hours

Pull request review commenttrimstray/the-book-of-secret-knowledge

Add 'DIRB'

 CyberTalks</b></a> - talks, interviews, and article about cybersecurity.<br> &nbsp;&nbsp;:small_orange_diamond: <a href="https://github.com/gentilkiwi/mimikatz"><b>mimikatz</b></a> - a little tool to play with Windows security.<br> &nbsp;&nbsp;:small_orange_diamond: <a href="https://github.com/sherlock-project/sherlock"><b>sherlock</b></a> - hunt down social media accounts by username across social networks.<br> &nbsp;&nbsp;:small_orange_diamond: <a href="https://owasp.org/www-project-threat-dragon/"><b>OWASP Threat Dragon</b></a> - is a tool used to create threat model diagrams and to record possible threats.<br>+&nbsp;&nbsp;:small_orange_diamond: <a href="https://tools.kali.org/web-applications/dirb"><b>DIRB</b></a> - is a Web Content Scanner. It looks for existing (and/or hidden) Web+Objects. It basically works by launching a dictionary based attack against a web server and analizing the response.<br>

Removed

khabib97

comment created time in 19 hours

pull request commenttrimstray/the-book-of-secret-knowledge

Add 'DIRB'

I'm not seeing the change though

khabib97

comment created time in 19 hours

pull request commenttrimstray/the-book-of-secret-knowledge

Add 'DIRB'

It seems ok

No

I told new change is ok. Sorry for the misunderstanding.

khabib97

comment created time in a day

pull request commenttrimstray/the-book-of-secret-knowledge

Add 'DIRB'

It seems ok

No

khabib97

comment created time in a day

Pull request review commenttrimstray/the-book-of-secret-knowledge

Add 'DIRB'

 CyberTalks</b></a> - talks, interviews, and article about cybersecurity.<br> &nbsp;&nbsp;:small_orange_diamond: <a href="https://github.com/gentilkiwi/mimikatz"><b>mimikatz</b></a> - a little tool to play with Windows security.<br> &nbsp;&nbsp;:small_orange_diamond: <a href="https://github.com/sherlock-project/sherlock"><b>sherlock</b></a> - hunt down social media accounts by username across social networks.<br> &nbsp;&nbsp;:small_orange_diamond: <a href="https://owasp.org/www-project-threat-dragon/"><b>OWASP Threat Dragon</b></a> - is a tool used to create threat model diagrams and to record possible threats.<br>+&nbsp;&nbsp;:small_orange_diamond: <a href="https://tools.kali.org/web-applications/dirb"><b>DIRB</b></a> - is a Web Content Scanner. It looks for existing (and/or hidden) Web+Objects. It basically works by launching a dictionary based attack against a web server and analizing the response.<br>

I would remove the line explaining the implementation details as the what is more important than the how in this project:

It basically works by launching a dictionary based attack against a web server and analizing the response.
khabib97

comment created time in a day

issue openedtrimstray/the-book-of-secret-knowledge

Listz

created time in 3 days

PR opened trimstray/the-book-of-secret-knowledge

add Alacritty

Alacritty is A fast, cross-platform, OpenGL terminal emulator

+1 -0

0 comment

1 changed file

pr created time in 3 days

push eventtrimstray/the-book-of-secret-knowledge

trimstray

commit sha abb586b22a2016fd2d1d4e3e4ef4aac018f29961

add 'macos_security' - signed-off-by: trimstray <trimstray@gmail.com>

view details

push time in 13 days

pull request commentsaltstack/salt

Reinstate ignore_cidr option in salt-cloud openstack driver

@mark-hyde that test is still being a problem child and we do have someone looking into it.

mark-hyde

comment created time in 22 days

pull request commentsaltstack/salt

fixing hosts module making it OS and standard compliant

I am still genuinely interested to know what standard this change is complying to. It appears only to be a personal page on University of Wollongong, Australia's website with no other references.

@leeclemens great point!

tacf

comment created time in 22 days

pull request commentsaltstack/salt

Updated index.rst (example grain reference)

@ajjii Would you be able to rebase this PR against the master branch. Thanks!

@sagetherage my apologies...I'm not really following. What do I need to do?

ajjii

comment created time in 22 days

issue commentsaltstack/salt

[BUG] napalm proxy saltcheck.run_state_tests

Failure is occurring due to the following:

1721 [TRACE   ] Error loading module.napalm_network: "net"" (/usr/lib/python3.6/site-packages/salt/modules/napalm_network.py) cannot be loaded: NAPALM is not installed: ``pip install napalm``

this is even with init.sls containing:

root@Unknown:/srv/salt/saltcheck# cat init.sls 
ensure_capirca:
  cmd.run:
    - name: |
        /usr/bin/pip3 install capirca

ensure_napalm:
  cmd.run:
    - name: |
        /usr/bin/pip3 install napalm

pip3_list:
  cmd.run:
    - name: |
        echo "DGM was here"
        /usr/bin/pip3 list

Digging further as to why napalm is not found when using saltcheck module_and_run

network-shark

comment created time in 22 days

PR closed saltstack/salt

Added logic to pull vault config from pillar data Reviewers Assigned develop

What does this PR do?

This adds the ability to load vault config values from pillars. This includes being able to use GPG encrypted pillars to be able to store vault config values. I have been able to successfully test using encrypted vault policy tokens.

What issues does this PR fix or reference?

With vault, each time a new policy is created, the vault token needs to be updated for all masters. In a large, multi-tenant vault deployment, this can mean updating the token multiple times per week or even day. This forces you to have to restart all of your salt masters to pick up the updated token values each time. Adding the option to keep the data in pillars allows you to update the value without the need to restart your salt-masters

Tests written?

No. I have tried to test the functionality to the best of my ability in our current vault environment. I am unable to validate all vault functions as I am not the owner of our vault service and cannot reproduce all the use cases that the vault runner covers. I welcome help in trying to validate the changes I've made.

Commits signed with GPG?

No

+46 -8

7 comments

3 changed files

justindesilets

pr closed time in 22 days

pull request commentsaltstack/salt

Added logic to pull vault config from pillar data

@sagetherage , closing this PR. I will revisit this feature request when I have some time to dig into it.

justindesilets

comment created time in 22 days

issue commentsaltstack/salt

[BUG] Memory leak in master ProcessManager

Possible breadcrumb: On an idle 3003 master with no minions connected, I see a leak of 50-100MB per hour. I do have an engine running that does nothing except call salt.utils.event.get_master_event() every few seconds.

pprkut

comment created time in 22 days

PR opened saltstack/salt

Add Kafka event return support

What does this PR do?

Add event return support to Kafka returner module.

Also added a test module and refactored the module.

Previous Behavior

Event returns were not supported by the Kafka returner module.

New Behavior

Event returns are now supported by the Kafka returner module.

Merge requirements satisfied?

[NOTICE] Bug fixes or features added to Salt require tests. <!-- Please review the test documentation for details on how to implement tests into Salt's test suite. -->

  • [Y] Docs
  • [N] Changelog - https://docs.saltstack.com/en/master/topics/development/changelog.html
  • [Y] Tests written/updated

Commits signed with GPG?

Yes

+302 -36

0 comment

2 changed files

pr created time in 22 days

Pull request review commentsaltstack/salt

Drop python 2 code from entire codebase

 def _Popen(     directory = os.path.abspath(directory)     if isinstance(command, list):         command = " ".join(command)-    LOG.debug("Running {0}".format(command))  # pylint: disable=str-format-in-logging+    LOG.debug("Running {}".format(command))  # pylint: disable=str-format-in-logging

We can't do that here, this module is using some weird custom logger. Looks like it's used to get logging in the execution function returns. I'm not going to untangle this mess in the PR.

dwoz

comment created time in 22 days

issue commentsaltstack/salt

[BUG] napalm minion KeyError: 'napalm.get_reboot_active'

@danielrobbins Could this also be related to this ?

root@debian10:~# salt '*' napalm.netmiko_commands 'show version'

r1:
    The minion function caused an exception: Traceback (most recent call last):
      File "/usr/lib/python3/dist-packages/salt/metaproxy/proxy.py", line 475, in thread_return
        opts, data, func, args, kwargs
      File "/usr/lib/python3/dist-packages/salt/loader.py", line 1235, in __call__
        return self.loader.run(run_func, *args, **kwargs)
      File "/usr/lib/python3/dist-packages/salt/loader.py", line 2268, in run
        return self._last_context.run(self._run_as, _func_or_method, *args, **kwargs)
      File "/usr/lib/python3/dist-packages/salt/loader.py", line 2283, in _run_as
        return _func_or_method(*args, **kwargs)
      File "/usr/lib/python3/dist-packages/salt/executors/direct_call.py", line 12, in execute
        return func(*args, **kwargs)
      File "/usr/lib/python3/dist-packages/salt/loader.py", line 1235, in __call__
        return self.loader.run(run_func, *args, **kwargs)
      File "/usr/lib/python3/dist-packages/salt/loader.py", line 2268, in run
        return self._last_context.run(self._run_as, _func_or_method, *args, **kwargs)
      File "/usr/lib/python3/dist-packages/salt/loader.py", line 2283, in _run_as
        return _func_or_method(*args, **kwargs)
      File "/usr/lib/python3/dist-packages/salt/utils/napalm.py", line 508, in func_wrapper
        ret = func(*args, **kwargs)
      File "/usr/lib/python3/dist-packages/salt/modules/napalm_mod.py", line 614, in netmiko_commands
        conn = netmiko_conn(**kwargs)
      File "/usr/lib/python3/dist-packages/salt/utils/napalm.py", line 508, in func_wrapper
        ret = func(*args, **kwargs)
      File "/usr/lib/python3/dist-packages/salt/modules/napalm_mod.py", line 714, in netmiko_conn
        return __salt__["netmiko.get_connection"](**kwargs)
      File "/usr/lib/python3/dist-packages/salt/loader_context.py", line 72, in __getitem__
        return self.value()[item]
      File "/usr/lib/python3/dist-packages/salt/loader.py", line 1403, in __getitem__
        func = super().__getitem__(item)
      File "/usr/lib/python3/dist-packages/salt/utils/lazy.py", line 108, in __getitem__
        raise KeyError(key)
    KeyError: 'netmiko.get_connection'
ERROR: Minions returned with non-zero exit code
network-shark

comment created time in 23 days

issue commentsaltstack/salt

[BUG] Snapper module _is_text_file function broken

@sagetherage Ah sorry, I thought I had included it in the original report but couldn't check due to encrypting it :facepalm:

stealthcopter

comment created time in 23 days

Pull request review commentsaltstack/salt

Fix regression, allow for templates without keywords specified

 def install_config(path=None, **kwargs):             log.error(message)             ret["message"] = message             ret["out"] = False+        except Exception as exception:  # pylint: disable=broad-except
        except Exception as exc:  # pylint: disable=broad-except

No need to be so verbose and it's also more consistent with the bad majority of our code. Yes, this module has other bad examples :)

dmurphy18

comment created time in 23 days

Pull request review commentsaltstack/salt

Fix regression, allow for templates without keywords specified

 def __enter__(self):                 master_hash = __salt__["cp.hash_file"](self._file_path)                 proxy_hash = __salt__["file.get_hash"](local_cache_path)                 # check if hash is same, else copy newly+                mhash = master_hash.get("hsum")                 if master_hash.get("hsum") == proxy_hash:-                    # kwargs will have values when path is a template-                    if self._kwargs:-                        self._cached_file = salt.utils.files.mkstemp()-                        # local copy is a template, hence need to render-                        with salt.utils.files.fopen(self._cached_file, "w") as fp:-                            template_string = __salt__["slsutil.renderer"](-                                path=local_cache_path,-                                default_renderer="jinja",-                                **self._kwargs-                            )-                            fp.write(template_string)-                        return self._cached_file-                    else:-                        return local_cache_path-                # continue for else part-            if self._kwargs:-                self._cached_file = salt.utils.files.mkstemp()-                __salt__["cp.get_template"](-                    self._file_path, self._cached_file, **self._kwargs-                )-            else:-                self._cached_folder = tempfile.mkdtemp()-                log.debug(-                    "Caching file {} at {}".format(self._file_path, self._cached_folder)-                )-                self._cached_file = __salt__["cp.get_file"](-                    self._file_path, self._cached_folder-                )-            if self._cached_file != "":-                return self._cached_file-        else:-            # check for local location of file-            if __salt__["file.file_exists"](self._file_path):-                if self._kwargs:                     self._cached_file = salt.utils.files.mkstemp()+                    # local copy is a template, hence need to render                     with salt.utils.files.fopen(self._cached_file, "w") as fp:                         template_string = __salt__["slsutil.renderer"](-                            path=self._file_path,+                            path=local_cache_path,                             default_renderer="jinja",-                            **self._kwargs+                            **self._kwargs,                         )                         fp.write(template_string)                     return self._cached_file-                else:-                    return self._file_path++                # continue for else part
            # continue for else part

?

dmurphy18

comment created time in 23 days

issue commentsaltstack/salt

[BUG] Snapper module _is_text_file function broken

@stealthcopter

Note that I attempted to notify you of this via the security email address but was ignored. I have detailed the security vulnerability that was fixed by the previous pull request here: https://sec.stealthcopter.com/saltstack-snapper-minion-privledge-escaltion/

I will look into this, we did receive other emails, but it is true I didn't see one around this issue described. I will get back to you on any findings.

stealthcopter

comment created time in 23 days

pull request commentsaltstack/salt

fixing hosts module making it OS and standard compliant

@sagetherage I am still genuinely interested to know what standard this change is complying to. It appears only to be a personal page on University of Wollongong, Australia's website with no other references.

tacf

comment created time in 23 days

push eventsaltstack/salt

Daniel A. Wozniak

commit sha 27b402a5ed5925c392d8baf43a0ba62db139bae7

Use contextvars from site-packages for thin If a contextvars package exists one of the site-packages locations use it for the generated thin tarball. This overrides python's builtin contextvars and allows salt-ssh to work with python <=3.6 even when the master's python is >3.6 (Fixes #59942)

view details

Daniel A. Wozniak

commit sha cd4c6842d116d61c2bfd4f08d2143f783ce95c9d

Add regression test for #59942

view details

Daniel A. Wozniak

commit sha 36340da12dae30d4b7a905f67bca1751f0ab8fad

Add changelog for #59942

view details

Daniel A. Wozniak

commit sha 056772d5bb1c9980be699ce3ce8621de71d9630f

Update filemap to include test_py_versions

view details

Daniel A. Wozniak

commit sha b44033fffda5ac3c1a4a22be08cc465afd1866ec

Fix broken thin tests

view details

Pedro Algarvio

commit sha dac44cd8e5f90d16e554e4a411bfa335629a31cc

Always install the `contextvars` backport, even on Py3.7+ Without this change, salt-ssh cannot target systems with Python <= 3.6

view details

Pedro Algarvio

commit sha baad7a4b543f5c324d9a1f43528b9379494380f5

Use salt-factories to handle the container. Don't override default roster

view details

Daniel A. Wozniak

commit sha c52479243ad829598eaf68550e554c93f4b6d749

Fix thin tests on windows

view details

Daniel A. Wozniak

commit sha e6129687b8a2f75729e6a2344904008992303316

No need to use warn log level here

view details

Daniel A. Wozniak

commit sha 4013eebd38ad85cc7ba02d7fe7c467f7179effbc

Fix getsitepackages for old virtualenv versions

view details

push time in 23 days

PR merged saltstack/salt

[freeze] Add contextvars from site-packages to thin tarball Aluminium has-failing-test point-release

What does this PR do?

Adds contextvars package from site-packages to thin tarball instead of python's builtin contextvars if the contextvars package from pypi is installed. This makes salt-ssh work with targets that have python <3.7

What issues does this PR fix or reference?

Fixes: #59942

Merge requirements satisfied?

[NOTICE] Bug fixes or features added to Salt require tests. <!-- Please review the test documentation for details on how to implement tests into Salt's test suite. -->

  • [ ] Docs
  • [x] Changelog - https://docs.saltstack.com/en/master/topics/development/changelog.html
  • [x] Tests written/updated
+399 -90

2 comments

43 changed files

dwoz

pr closed time in 23 days

issue commentsaltstack/salt

[BUG] state file.patch pretend to apply malformed patch

@msciciel Thank your for your PR. I have reviewed it, and added a comment with suggested minor changes. If these changes look good to you, please submit an updated PR and I will then support having this fix added to salt.

msciciel

comment created time in 23 days

Pull request review commentsaltstack/salt

Return error if patch file passed to state file.patch is malformed

 def _patch(patch_file, options=None, dry_run=False):             patch_opts.append("-p{}".format(strip))          pre_check = _patch(patch_file, patch_opts)++        if os.path.getsize(patch_rejects) == 0 and pre_check['retcode'] != 0:+            ret['comment'] = pre_check['stderr']+            ret['result'] = False+            return ret+         if pre_check["retcode"] != 0:             # Try to reverse-apply hunks from rejects file using a dry-run.

Just to be super-safe, I would suggest the following change. Move your new code inside the if pre_check["retcode"] != 0: conditional, immediately after this line. Then change your conditional to be if not os.path.exists(patch_rejects) or os.path.getsize(patch_rejects) == 0. If the user specifies reject_file then I do not think this file will necessarily exist. The extra os.path.exists() check will ensure this doesn't result in OSError.

msciciel

comment created time in 23 days