This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.
On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that
You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228
This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders
sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log
SSH into proxmox node and become root user. Run the following commands to download extra software dependencies we'll need.
apt update
apt install -y libsasl2-modules mailutilsEnable 2FA for the gmail account that will be used by going to security settings
Hence, if you are interested in existing applications to "just work" without the need for adjustments, then you may be better off avoiding Wayland.
Wayland solves no issues I have but breaks almost everything I need. Even the most basic, most simple things (like xkill) - in this case with no obvious replacement. And usually it stays broken, because the Wayland folks mostly seem to care about Automotive, Gnome, maybe KDE - and alienating everyone else (e.g., people using just an X11 window manager or something like GNUstep) in the process.
The Wayland project seems to operate like they were starting a greenfield project, whereas at the same time they try to position Wayland as "the X11 successor", which would clearly require a lot of thought about not breaking, or at least providing a smooth upgrade path for, existing software.
In fact, it is merely an incompatible alternative, and not e
| set -l data_status (curl -s https://iceportal.de/api1/rs/status) | |
| set -l data_trip (curl -s https://iceportal.de/api1/rs/tripInfo/trip) | |
| # next stop | |
| echo (echo $data_trip | jq -r '([ .trip.stops[] | select(.info.passed==false) ] | |
| | first).station.name') | |
| # train number | |
| echo (echo $data_trip | jq -r '"\(.trip.trainType)-\(.trip.vzn)"') | |
| # speed | |
| echo speed (echo $data_status | jq -r '"\(.speed) km/h"') |
| Base64 Code | Mnemonic Aid | Decoded* | Description |
|---|---|---|---|
JAB |
🗣 Jabber | $. |
Variable declaration (UTF-16), e.g. JABlAG4AdgA for $env: |
TVq |
📺 Television | MZ |
MZ header |
SUVY |
🚙 SUV | IEX |
PowerShell Invoke Expression |
SQBFAF |
🐣 Squab favorite | I.E. |
PowerShell Invoke Expression (UTF-16) |
SQBuAH |
🐣 Squab uahhh | I.n. |
PowerShell Invoke string (UTF-16) e.g. Invoke-Mimikatz |
PAA |
💪 "Pah!" | <. |
Often used by Emotet (UTF-16) |
| # long running queries: | |
| SELECT | |
| pid, | |
| now() - pg_stat_activity.query_start AS duration, | |
| query, | |
| state | |
| FROM pg_stat_activity | |
| WHERE (now() - pg_stat_activity.query_start) > interval '5 minutes'; | |
| ## active queries and killing them: |
With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module: