Skip to content

Instantly share code, notes, and snippets.

Avatar
💭
free 4 ever

Aysad Kozanoglu AysadKozanoglu

💭
free 4 ever
View GitHub Profile
@AysadKozanoglu
AysadKozanoglu / AES256_file_encrypter.sh
Last active Nov 5, 2020
AES256 bit easy encrypt decrypt file handler script , encryption based on openssl
View AES256_file_encrypter.sh
#!/bin/bash
#####################################################
# Author: Aysad Kozanoglu
#
# OS: Debian / Ubuntu / all derivates of Debian
#
# Usage: file_encrypter.sh enc|dec FILENAME (without Ending .plain or .enc)
# example: ./file_encrypter.sh enc FILENAME
# create first NEW_FILENAME.plain with plain content
#####################################################
View .bashrc_template.sh
# Shorten home dir, cygwin drives, paths that are too long
# (just bourne; no perl, sed, or bashisms!)
HOST='\033[02;36m\]\h'; HOST=' '$HOST
TIME='\033[01;31m\]\t \033[01;32m\]'
LOCATION=' \033[01;34m\]`pwd | sed "s#\(/[^/]\{1,\}/[^/]\{1,\}/[^/]\{1,\}/\).*\(/[^/]\{1,\}/[^/]\{1,\}\)/\{0,1\}#\1_\2#g"`'
BRANCH=' \033[00;33m\]$(git_branch)\[\033[00m\]\n\$ '
PS1=$TIME$USER$HOST$LOCATION$BRANCH
PS2='\[\033[01;36m\]>'
@AysadKozanoglu
AysadKozanoglu / mailserver_openRelay_check_telnet.sh
Last active Oct 27, 2020
mailserver openrelay check manuelly over telnet
View mailserver_openRelay_check_telnet.sh
```
telnet mail.MailserverDomain.com 25
#Trying 76.33.23.xxx...
#Connected to mail.MailserverDomain.com.
#Escape character is '^]'.
#220 mail.MailserverDomain.com ESMTP Postfix
helo GIVEANYEXISTINGDOMAIN.COM
@AysadKozanoglu
AysadKozanoglu / jail.conf
Last active Oct 24, 2020
fail2ban nginx 404 400 403 444 filter /etc/fail2ban/filter.d/nginx-4xx.conf enable
View jail.conf
# to enable this filter add to jail.conf following (/etc/fail2ban/jail.conf)
# Thanks to -> TheBarret
[nginx-4xx]
enabled = true
port = http,https
logpath = /var/log/nginx/access.log
maxretry = 3
@AysadKozanoglu
AysadKozanoglu / redis_server_sample.conf
Created Sep 19, 2020
sample redis server bind to localhost protected mode enabled
View redis_server_sample.conf
# Redis configuration file example.
#
# Note that in order to read the configuration file, Redis must be
# started with the file path as first argument:
#
# ./redis-server /path/to/redis.conf
# Note on units: when memory size is needed, it is possible to specify
# it in the usual form of 1k 5GB 4M and so forth:
#
@AysadKozanoglu
AysadKozanoglu / capture Passwords tcpdump.md
Created Feb 12, 2019
get plain passwords with tcpdump
View capture Passwords tcpdump.md

Capture SMTP Email

tcpdump -nn -l port 25 | grep -i 'MAIL FROM\|RCPT TO'

Extract HTTP Passwords in POST Requests

tcpdump -s 0 -A -n -l | egrep -i "POST /|pwd=|passwd=|password=|Host:"

Capture FTP Credentials and Commands

View nginx weak ciphers issue fix.conf
# compile nginx with openssl1.1.1
# params: --with-openssl=/source/openssl-1.1.1g --with-stream --with-threads --with-file-aio --with-http_stub_status_module --with-cc-opt='-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2' --with-ld-opt=-Wl,-z,relro --sbin-path=/usr/local/sbin --with-http_stub_status_module --with-http_ssl_module --user=www-data --group=www-data
# generate diffie hellman
openssl dhparam -out /etc/cert/dhparams.pem 4096
# add following params in vhost config
ssl_protocols TLSv1.2;
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA HIGH !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS";
@AysadKozanoglu
AysadKozanoglu / readyState_onLoad_example.html
Last active Jul 16, 2020
difference between onload, readyState, and DOMContentLoaded to see it look on javascript console log
View readyState_onLoad_example.html
<!DOCTYPE html>
<html>
<head>
<script>
// best way for me with experience
if ('addEventListener' in document) {
document.addEventListener('DOMContentLoaded', function() {
//your code here...
}, false);
}
View nginx_proxy_pass_to_HTTPS
location / {
proxy_pass https://example.de;
proxy_http_version 1.1;
proxy_set_header Accept-Encoding "";
proxy_set_header Cache-Control no-cache;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header X-Real-IP $remote_addr;
proxy_ssl_server_name on;
}
You can’t perform that action at this time.