local copy remote file over hops with command scp
server A: 192.168.1.10 (hops over)
server B: 192.168.1.11 (remote file is here)
scp -oProxyJump=<user>@serverA <user>@<serverB>:<PATHtoFile> Downloads/
View scp over multiple hops.md
AysadKozanoglu
/ NGINX log4J JNDI protection.md
Last active Dec 17, 2021
NGINX log4J JNDI protection
View NGINX log4J JNDI protection.md
put in server section of your virtual Host configuration following regex
server {
if ($request_uri ~* "jndi:*|\$\{*") {
return 403;
}
AysadKozanoglu
/ roundcube spellcheck config pspell.md
Created Sep 15, 2021
roundcube spellcheck with php-pspell moudle and aspell-de aspell-en dictonary
View roundcube spellcheck config pspell.md
check your php extentions for spell extension existing
php -m | grep spell
info: you have to see pspell in the output, if not than install the php extension (see notice below)
config/config.inc.php
AysadKozanoglu
/ shell php SHA256 hash encryption.md
Last active Sep 14, 2021
shell php SHA256 hash encryption
View shell php SHA256 hash encryption.md
sha256enc.php
<?php
$keystr = $argv[1];
echo "\n\nplain String:\n$keystr \n\nsha256 hash:\n". hash('sha256', $keystr ) ."\n\n" ;
?>
AysadKozanoglu
/ AWS, digitalocean, scaleway all subnets blocking iptables.md
Last active Sep 3, 2021
AWS, digitalocean, scaleway all subnets blocking iptables
View AWS, digitalocean, scaleway all subnets blocking iptables.md
####SIBIT - systemintegration.berlin / Germany
get by known AWS ip the originAS for whole AWS network
whois 13.125.40.66 | grep "OriginAS"
you would get in the output originAS like
OriginAS: AS16509 #--> AWs ripe ORIGIN
AysadKozanoglu
/ AES256_file_encrypter.sh
Last active Nov 5, 2020
AES256 bit easy encrypt decrypt file handler script , encryption based on openssl
View AES256_file_encrypter.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ##################################################### | |
| # Author: Aysad Kozanoglu | |
| # | |
| # OS: Debian / Ubuntu / all derivates of Debian | |
| # | |
| # Usage: file_encrypter.sh enc|dec FILENAME (without Ending .plain or .enc) | |
| # example: ./file_encrypter.sh enc FILENAME | |
| # create first NEW_FILENAME.plain with plain content | |
| ##################################################### |
AysadKozanoglu
/ mailserver_openRelay_check_telnet.sh
Last active Oct 27, 2020
mailserver openrelay check manuelly over telnet
View mailserver_openRelay_check_telnet.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ``` | |
| telnet mail.MailserverDomain.com 25 | |
| #Trying 76.33.23.xxx... | |
| #Connected to mail.MailserverDomain.com. | |
| #Escape character is '^]'. | |
| #220 mail.MailserverDomain.com ESMTP Postfix | |
| helo GIVEANYEXISTINGDOMAIN.COM |
AysadKozanoglu
/ redis_server_sample.conf
Created Sep 19, 2020
sample redis server bind to localhost protected mode enabled
View redis_server_sample.conf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Redis configuration file example. | |
| # | |
| # Note that in order to read the configuration file, Redis must be | |
| # started with the file path as first argument: | |
| # | |
| # ./redis-server /path/to/redis.conf | |
| # Note on units: when memory size is needed, it is possible to specify | |
| # it in the usual form of 1k 5GB 4M and so forth: | |
| # |
AysadKozanoglu
/ nginx weak ciphers issue fix.conf
Created Aug 14, 2020
nginx weak ciphers issue fix
View nginx weak ciphers issue fix.conf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # compile nginx with openssl1.1.1 | |
| # params: --with-openssl=/source/openssl-1.1.1g --with-stream --with-threads --with-file-aio --with-http_stub_status_module --with-cc-opt='-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2' --with-ld-opt=-Wl,-z,relro --sbin-path=/usr/local/sbin --with-http_stub_status_module --with-http_ssl_module --user=www-data --group=www-data | |
| # generate diffie hellman | |
| openssl dhparam -out /etc/cert/dhparams.pem 4096 | |
| # add following params in vhost config | |
| ssl_protocols TLSv1.2; | |
| ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA HIGH !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS"; |
AysadKozanoglu
/ nginx_proxy_pass_to_HTTPS
Created Jul 2, 2020
View nginx_proxy_pass_to_HTTPS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| location / { | |
| proxy_pass https://example.de; | |
| proxy_http_version 1.1; | |
| proxy_set_header Accept-Encoding ""; | |
| proxy_set_header Cache-Control no-cache; | |
| proxy_set_header Upgrade $http_upgrade; | |
| proxy_set_header Connection 'upgrade'; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_ssl_server_name on; | |
| } |
NewerOlder