Eddie Carswell AfroThundr3007730
🔧
AfroThundr3007730
/ centos_hardening.sh
Last active
October 29, 2018 14:50
Notes on hardening a CentOS box (assuming the STIG policy was selected during install)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # If you selected the STIG config during install, some of these will be configured already. | |
| # All of these are mentioned in the STIG, but some of them must be done manually. | |
| # FIPS all the things. | |
| yum install -y dracut-fips | |
| # Regenerate ramdisk (current kernel) | |
| dracut -f "/boot/initramfs-$(uname -r).img" "$(uname -r)" | |
| # Append 'fips=1' to GRUB_CMDLINE_LINUX | |
| grep 'fips=1' /proc/cmdline || |
AfroThundr3007730
/ -bootstrap-autoindex.conf
Last active
November 6, 2018 17:18
Modified from https://github.com/thinkawitch/apache-autoindex
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <Directory "/files/"> | |
| IndexOptions Charset=UTF-8 DescriptionWidth=* HTMLTable FancyIndexing FoldersFirst IconsAreLinks IconHeight=16 IconWidth=16 IgnoreCase NameWidth=* SuppressHTMLPreamble SuppressRules XHTML VersionSort | |
| IndexStyleSheet "/assets/css/bootstrap-4.1.3.min.css" | |
| IndexOrderDefault Ascending Name | |
| IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t | |
| HeaderName "/assets/html/HEADER.html" | |
| ReadmeName "/assets/html/README.html" | |
| Options Indexes SymlinksIfOwnerMatch | |
| AllowOverride None |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh -e | |
| cat << EOF | |
| if [ -f \${prefix}/user.cfg ]; then | |
| source \${prefix}/user.cfg | |
| if [ -n "\${GRUB2_PASSWORD}" ]; then | |
| set superusers="root" | |
| export superusers | |
| password_pbkdf2 root \${GRUB2_PASSWORD} | |
| fi | |
| fi |
AfroThundr3007730
/ hsts-prime
Created
April 21, 2019 23:29
Contents of .well-known web directory for dm4productions.com
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Dummy HSTS Priming Target | |
| See https://crbug.com/626180 |
AfroThundr3007730
/ certbot-ddns-hook.sh
Last active
May 9, 2019 04:51
Certbot hook to update a DDNS zone using nsupdate
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Pre- and post-hook for certbot dns-01 to use DDNS | |
| # Where we put our TSIG for dynamic udpates | |
| TSIG=/etc/letsencrypt/acme.key | |
| # We need the authoritative nameserver | |
| NS="dig +short $(host -v $CERTBOT_DOMAIN | awk '/SOA/ {print $5}' | head -1)" | |
| # The actual challenge record to use |
AfroThundr3007730
/ stylish_dump.py
Last active
June 5, 2019 16:30
Recover Stylish styles after webextension migration
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # Dumps pre-webextension Stylish styles to CSS files | |
| import os | |
| import json | |
| def dump_styles(): | |
| dump_dir = os.path.join(os.getcwd(), 'style_dump') | |
| style_file = os.path.join(os.getcwd(), 'stylish-storage.js') | |
| stylish = json.load(open(style_file, 'r')) |
AfroThundr3007730
/ no-wsj-paywall.user.js
Created
June 7, 2019 20:40
Attempts to show the non-paywalled version of Wall Street Journal articles
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // ==UserScript== | |
| // @name Remove WSJ Paywall | |
| // @namespace http://tampermonkey.net/ | |
| // @version 0.1 | |
| // @description Attempts to show the non-paywalled version of Wall Street Journal articles | |
| // @author AfroThundr | |
| // @include https://www.wsj.com/articles/* | |
| // @grant none | |
| // @run-at document-start | |
| // ==/UserScript== |
AfroThundr3007730
/ proc_parse.py
Created
June 23, 2019 21:16
Parses process statistics from /proc into JSON for a given PID
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| import os | |
| import sys | |
| import json | |
| def parse_proc(): | |
| values = {} |
AfroThundr3007730
/ cve-2010-4221.py
Last active
October 25, 2019 08:16
Modified version of CVE-2010-4221 python script found here: https://github.com/Muhammd/ProFTPD-1.3.3a/blob/master/ProFTPD_exploit.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # | |
| ################################################################################################### | |
| # # # | |
| # Vulnerability: ProFTPD IAC Remote Root Exploit # Telnet IAC Buffer Overflow (Linux) # | |
| # # ProFTPD 1.3.2rc3 # | |
| # Vulnerable Application: ProFTPD 1.3.3a # This is a part of the Metasploit Module, # | |
| # Tested on Linux 2.6.32-5-686 # exploit/linux/ftp/proftp_telnet_iac # | |
| # # # | |
| # Author: Muhammad Haidari # Spawns a reverse shell to 10.11.0.95:443 # |
AfroThundr3007730
/ logrotate-auditd.conf
Created
January 14, 2020 19:51
Config for audit.log rotation using logrotate
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /var/log/audit/audit.log { | |
| weekly | |
| missingok | |
| notifempty | |
| sharedscripts | |
| rotate 5 | |
| maxsize 50M | |
| compress | |
| copytruncate | |
| nodateext |