Skip to content

Instantly share code, notes, and snippets.

Avatar
💭
free 4 ever

Aysad Kozanoglu AysadKozanoglu

💭
free 4 ever
View GitHub Profile
@AysadKozanoglu
AysadKozanoglu / nginx_log4j_protection.conf
Created November 1, 2022 23:11
nginx lua scripting against log4j protection
View nginx_log4j_protection.conf
# LUA block to detect, block and log Log4Shell attacks (C) Infiniroot 2021 (@infiniroot)
# with lua fixes and other enhancements from Andreas Nanko (@andreasnanko)
rewrite_by_lua_block {
function decipher(v)
local s = tostring(v)
s=ngx.unescape_uri(s)
if string.find(s, "${base64:") then
t=(string.gsub(s, "${${base64:([%d%a%=]+)}}", "%1"))
s=string.gsub(s, "${base64:([%d%a%=]+)}", tostring(ngx.decode_base64(t)))
end
@AysadKozanoglu
AysadKozanoglu / preseed.cfg
Created October 26, 2022 20:55
debian preseed file for kvm automation
View preseed.cfg
# Author: Aysad Kozanoglu
# Version: 0.1
# changed: Wed 26 Oct 2022 08:56:15 PM CEST
# please note: while injecting this file, filename must be named exactly preseed.cfg (debian defaults)
# example -> /var/lib/config/buster/preseed.cfg
# -initrd-inject=/var/lib/libvirt/images/preseeds/buster/preseed.cfg
#
# full command example for virt-install
#### Contents of the preconfiguration file (for squeeze)
@AysadKozanoglu
AysadKozanoglu / molokai.vim
Created October 26, 2022 18:41
my vim configuration
View molokai.vim
" mkdir ~/.vim/config
" ~/.vim/config/molokai.vim
"
" Vim color file
"
" Author: Tomas Restrepo <tomas@winterdom.com>
" https://github.com/tomasr/molokai
"
" Note: Based on the Monokai theme for TextMate
" by Wimer Hazenberg and its darker variant
@AysadKozanoglu
AysadKozanoglu / achme.sh-standalone-script.sh
Created September 24, 2022 14:10
acme.sh script handling for standalone mode
View achme.sh-standalone-script.sh
in this script webserver is nginx, so pre handling is only for nginx but you can change it to your needs and webserver
```
ACMEDOMAIN=domainname.tld
/root/.acme.sh/acme.sh --standalone --issue -d www.${ACMEDOMAIN} -d ${ACMEDOMAIN} \
--cert-file /etc/ssl/${ACMEDOMAIN}-cert.pem \
--key-file /etc/ssl/${ACMEDOMAIN}-priv.pem \
--fullchain-file /etc/ssl/${ACMEDOMAIN}-fullchain.pem \
--pre-hook "nginx -s stop; killall nginx" \
--post-hook "nginx"
@AysadKozanoglu
AysadKozanoglu / telegram.desktop
Created September 9, 2022 21:14
telegram app desktop config shortcut for menu entry item
View telegram.desktop
### create desktop file
#### user specific shortcut ~/.local/share/applications/telegram.desktop
#### globaly for all users shortcut /usr/share/applications/telegram.desktop
```
[Desktop Entry]
Version=1.5
Name=Telegram Desktop
Comment=Official desktop version of Telegram messaging app
TryExec=/home/ghost/packages/Telegram/Telegram
@AysadKozanoglu
AysadKozanoglu / scp over multiple hops.md
Last active March 18, 2022 17:39
scp file over multiple hops
View scp over multiple hops.md

local copy remote file over hops with command scp

server A: 192.168.1.10 (hops over)
server B: 192.168.1.11 (remote file is here)

scp -oProxyJump=<user>@serverA <user>@<serverB>:<PATHtoFile> Downloads/

@AysadKozanoglu
AysadKozanoglu / NGINX log4J JNDI protection.md
Last active December 17, 2021 11:49
NGINX log4J JNDI protection
View NGINX log4J JNDI protection.md

put in server section of your virtual Host configuration following regex

server {


if ($request_uri ~* "jndi:*|\$\{*") {
              return 403;
}
@AysadKozanoglu
AysadKozanoglu / roundcube spellcheck config pspell.md
Created September 15, 2021 09:20
roundcube spellcheck with php-pspell moudle and aspell-de aspell-en dictonary
View roundcube spellcheck config pspell.md

check your php extentions for spell extension existing

php -m | grep spell

info: you have to see pspell in the output, if not than install the php extension (see notice below)

config/config.inc.php
@AysadKozanoglu
AysadKozanoglu / shell php SHA256 hash encryption.md
Last active September 14, 2021 13:14
shell php SHA256 hash encryption
View shell php SHA256 hash encryption.md

sha256enc.php

<?php 

$keystr = $argv[1];

echo "\n\nplain String:\n$keystr \n\nsha256 hash:\n". hash('sha256', $keystr ) ."\n\n" ;

?&gt;
@AysadKozanoglu
AysadKozanoglu / AWS, digitalocean, scaleway all subnets blocking iptables.md
Last active September 3, 2021 11:03
AWS, digitalocean, scaleway all subnets blocking iptables
View AWS, digitalocean, scaleway all subnets blocking iptables.md

####SIBIT - systemintegration.berlin / Germany

get by known AWS ip the originAS for whole AWS network

whois 13.125.40.66 | grep "OriginAS"

you would get in the output originAS like

OriginAS: AS16509 #--> AWs ripe ORIGIN