Petr 7castle

## deploy_minikube.sh
#!/bin/sh
# install needed curl package
sudo apt install --no-install-recommends curl  -y
# install kubectl
# https://github.com/kubernetes/minikube/issues/3437#issuecomment-449408316, maybe use https://storage.googleapis.com/minikube/releases/v0.30.0/docker-machine-driver-kvm2
curl -Lo /tmp/kubectl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl && \
 chmod +x /tmp/kubectl && \
 sudo mv /tmp/kubectl /usr/local/bin/kubectl
# kubectl tab completion
sudo sh -c 'echo "source <(kubectl completion bash)" > /etc/bash_completion.d/kubectl'

## Dockerfile
FROM alpine

COPY configure-node.sh configure-node.sh

CMD ["/bin/sh", "configure-node.sh"]

## README.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                7castle
                / README.md
            
            
              Created
              May 17, 2018 01:12
                — forked from leonardofed/README.md
            
              
                A curated list of AWS resources to prepare for the AWS Certifications
              
          
A curated list of AWS resources to prepare for the AWS Certifications
A curated list of awesome AWS resources you need to prepare for the all 5 AWS Certifications. This gist will include: open source repos, blogs & blogposts, ebooks, PDF, whitepapers, video courses, free lecture, slides, sample test and many other resources.
OP: @leonardofed founder @ plainflow.


## install-ispconfig3-ubuntu.sh
#!/bin/bash
## Install ISPConfig3 on Ubuntu 16.04 64Bits
## Author: Nilton OS www.linuxpro.com.br
## https://www.howtoforge.com/tutorial/perfect-server-ubuntu-16.04-with-apache-php-myqsl-pureftpd-bind-postfix-doveot-and-ispconfig/
## Version 0.5


## Set lang en_US UTF8
## echo 'LC_ALL="en_US.utf8"' >>/etc/environment

## clients.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                7castle
                / clients.md
            
            
              Created
              March 14, 2017 20:07
                — forked from defunkt/clients.md
            
              
                A list of Gist clients.
              
          
    Gist Clients

Want to create a Gist from your editor, the command line, or the Services menu? Here's how.
Editor Support


TextMate
Emacs
Vim
Coda


## gist:3c658bef4c31069709f1e76dee138f88
server {
        listen 80;
        server_name cloud.sjchen.net;
        return 301 https://$server_name$request_uri;  # enforce https
}

server {
        server_name cloud.sjchen.net;
        root /srv/owncloud;

## metasploit-links.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                7castle
                / metasploit-links.md
            
            
              Last active
              September 12, 2019 01:53
                — forked from dergachev/metasploit-links.md
            
              
                Metasploit links
              
          
    Metasploit links


http://www.metasploit.com/ | Penetration Testing Software | Metasploit
http://www.darkoperator.com/installing-metasploit-in-ubunt/ | Security and Networking - Installing Metasploit in Ubuntu
https://help.ubuntu.com/community/RKhunter | RKhunter - Community Ubuntu Documentation
http://serverfault.com/questions/380587/how-to-check-if-my-root-server-was-compromised | debian squeeze - how to check if my root server was compromised - Server Fault
http://samiux.blogspot.ca/2013/05/howto-metasploit-on-ubuntu-desktop-1204.html | Samiux's Blog: HOWTO : Metasploit on Ubuntu Desktop 12.04 LTS
http://xathrya.web.id/blog/2013/07/04/easy-installing-metasploit-on-ubuntu/ | Easy Installing Metasploit on Ubuntu | Xathrya Sabertooth
http://samiux.blogspot.ca/2013/05/howto-metasploit-on-ubuntu-desktop-1204.html | Samiux's Blog: HOWTO : Metasploit on Ubuntu Desktop 12.04 LTS
http://www.offensive-security.com/metasploit-unleashed/Msfconsole | Msfconsole - Metasploit Unleashed


## setuid-root-backdoor.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                7castle
                / setuid-root-backdoor.md
            
            
              Created
              November 6, 2015 00:17
                — forked from dergachev/setuid-root-backdoor.md
            
              
                How to use setuid to install a root backdoor. 
              
          
    Why You Can't Un-Root a Compromised Machine

Let's say somebody temporarily got root access to your system, whether because you "temporarily" gave them sudo rights, they guessed your password, or any other way. Even if you can disable their original method of accessing root, there's an infinite number of dirty tricks they can use to easily get it back in the future.
While the obvious tricks are easy to spot, like adding an entry to /root/.ssh/authorized_keys, or creating a new user, potentially via running malware, or via a cron job. I recently came across a rather subtle one that doesn't require changing any code, but instead exploits a standard feature of Linux user permissions system called setuid  to subtly allow them to execute a root shell from any user account from the system (including www-data, which you might not even know if compromised).
If the "setuid bit" (or flag, or permission mode) is set for executable, the operating system will run not as the cur

  
## gist:720bcf0c3968459834de
#!/usr/bin/perl -w

use constant {
    TIMEZONE => 'Europe/Amsterdam'
};

use strict;
use PVE::API2Client;
use PVE::AccessControl;
use PVE::INotify;

## taskset.sh
#!/bin/bash

set -eo pipefail

VMID=200

cpu_tasks() {
	expect <<EOF | sed -n 's/^.* CPU .*thread_id=\(.*\)$/\1/p' | tr -d '\r' || true
spawn qm monitor $VMID
expect ">"
	#!/bin/sh
	# install needed curl package
	sudo apt install --no-install-recommends curl -y
	# install kubectl
	# https://github.com/kubernetes/minikube/issues/3437#issuecomment-449408316, maybe use https://storage.googleapis.com/minikube/releases/v0.30.0/docker-machine-driver-kvm2
	curl -Lo /tmp/kubectl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl && \
	chmod +x /tmp/kubectl && \
	sudo mv /tmp/kubectl /usr/local/bin/kubectl
	# kubectl tab completion
	sudo sh -c 'echo "source <(kubectl completion bash)" > /etc/bash_completion.d/kubectl'
	FROM alpine

	COPY configure-node.sh configure-node.sh

	CMD ["/bin/sh", "configure-node.sh"]
	#!/bin/bash
	## Install ISPConfig3 on Ubuntu 16.04 64Bits
	## Author: Nilton OS www.linuxpro.com.br
	## https://www.howtoforge.com/tutorial/perfect-server-ubuntu-16.04-with-apache-php-myqsl-pureftpd-bind-postfix-doveot-and-ispconfig/
	## Version 0.5


	## Set lang en_US UTF8
	## echo 'LC_ALL="en_US.utf8"' >>/etc/environment
	server {
	listen 80;
	server_name cloud.sjchen.net;
	return 301 https://$server_name$request_uri; # enforce https
	}

	server {
	server_name cloud.sjchen.net;
	root /srv/owncloud;
	#!/usr/bin/perl -w

	use constant {
	TIMEZONE => 'Europe/Amsterdam'
	};

	use strict;
	use PVE::API2Client;
	use PVE::AccessControl;
	use PVE::INotify;
	#!/bin/bash

	set -eo pipefail

	VMID=200

	cpu_tasks() {
	expect <<EOF \| sed -n 's/^.* CPU .thread_id=\(.\)$/\1/p' \| tr -d '\r' \|\| true
	spawn qm monitor $VMID
	expect ">"