Skip to content

Instantly share code, notes, and snippets.

View alsunseri's full-sized avatar

Al Sunseri alsunseri

5 followers · 13 following
  • NYC, NOLA
View GitHub Profile
@alsunseri
alsunseri / xmlstarlet-for-nmap-xml-results.txt
Created March 12, 2024 04:10
parse nmap xml files for ip and open ports using xmlstarlet
xmlstarlet sel -t -m "//host"\
-v "address/@addr" -o " "\
-m "ports/port[state/@state='open']"\
-v "@portid" -o "/" -v "state/@state"\
-n many-up-hosts-nmap-scan-results.xml
@alsunseri
alsunseri / recover-ELK-web-access.md
Created October 26, 2023 03:57
How to login to Kibana/elastic if you forget the passwords set via elasticsearch-setup-passwords

I ran elasticsearch-setup-passwords to add "security" to my little ELK stack. But 2 months later I could not log in, I did not write the passwords down -
and the username and password sets were not stored in the configs like i thought they were .

Instead of turning security off or starting over I found a better way to "recover" my kibana login credentials.

Once I did this I was able to log into "elastic"/Kibana and get back to searching through logs.

This is what I did as root:

@alsunseri
alsunseri / fix-apt-key-legacy-warning.txt
Created August 25, 2023 18:31
fix apt-key deprecation ( Key is stored in legacy trusted.gpg keyring warning/error )
Fix apt warnings about keys "stored in legacy trusted.gpg keyring"
Add a key to /etc/apt/trusted.gpg.d/
For instance with sysdig , the key is in ascii armored format and available at https://download.sysdig.com/
this simple command will immediately get apt to stop complaining:
wget -qO- https://download.sysdig.com/DRAIOS-GPG-KEY.public | sudo tee /etc/apt/trusted.gpg.d/sysdig.asc
If the file is in "GPG key public ring" binary OpenPGP format then use .gpg extension.
Also See note in apt-key(8) :
@alsunseri
alsunseri / install-brew-for-a-dev-on-Amazon-linux2.sh
Created July 30, 2023 22:33
quickly install homebrew on Amazon Linux 2
#!/usr/bin/bash
# on amazon linux II my developers can not run sudo and more importantly no user has a password.
# installing linuxbrew/homebrew is a pain unless you do this:
# as root ( or sudo from the admin user )
mkdir -p /home/linuxbrew/
chown $THE_DEV_USERNAME: /home/linuxbrew/
#### root/admin work is done !!!!
# then the developer themselves can run the rest:
#
# as THE_DEV_USERNAME person
@alsunseri
alsunseri / show-256-colors.sh
Created May 3, 2022 01:41
Bourne or bash terminal see/display text in all 256 colors
#!/bin/sh
# if your TERM is not set to *-256color or the like then run this:
# export TERM=xterm-256color
i=0
while [ $i -ne 255 ]
do
i=$(($i+1))
tput setaf $i && echo -n "setaf $i in color tags "
@alsunseri
alsunseri / .bashrc_ps1
Created May 2, 2022 18:12
colorful and informative PS1 bash prompt
# have the date and time in the prompt as well as username@host and current directory
# the time display is extremely useful - for instance when an ssh session dies , etc
# my values are for DARK backgrounds!!!
# to test the various color values on YOUR termial you can do something like
# i=0 ; while [ $i -ne 255 ]; do i=$(($i+1)); tput setaf $i && echo -n "setaf $i in ncurses "; tput setaf $i | xxd; done
# i.e. loop thru these 2 commands for 0-255
tput setaf $i && echo -n "setaf $i in ncurses "
tput setaf $i | xxd
################################################################################
@alsunseri
alsunseri / certbot-stop-renewing-one-certificate.txt
Last active March 3, 2022 23:43
certbot: remove one certificate from automatic renewals
The delete command will remove the cert from the server along with the assoicated letsencrypt files for that certificate.
# certbot delete --cert-name certtoremove.tld
OR
just run
# certbot delete
Running certbot delete with no options leads to a nice numbered list of all certificates .
Choose the certs to be removed by number ( comma or space separated ) but note - blank answer will remove all certs supposedly so be careful.
@alsunseri
alsunseri / grep-for-tabs.txt
Created December 4, 2021 06:36
grep for tabs
Several methods depending on the implementation of grep or whether the grep needs to be scripted etc.
1: If grep comes compiled with perl regex support use 'grep -P '
grep -P "\t" filelist
embedded in a pattern:
grep -P "^1.1G\t" /tmp/du-h-output.txt
2 this is neat - grep -G $'\t'
it works in larger patterns as well:
grep -G "^1.1G"$'\t' /tmp/du-h-output.txt
@alsunseri
alsunseri / add_disk-space_to_debian_guest-vm.txt
Created October 28, 2021 02:23
move swap partition before using growparts and resize2fs on vda1 for debian guest in KVM with qemu qcow2 drive
Debian desktop vms add swap partitions at the end of the virtual /dev/vda drive.
In order to take advantage of new space added via virsh one has to take the swap partition into account.
The new space will be added after the extended and swap partition so to speak.
So before growpart will work one has to move the swap partiion to the end of the disk.
Then vda1 can grow up to the start of the new extended or swap partition
@alsunseri
alsunseri / show_cert_serial.sh
Last active October 23, 2021 01:13
show SSL certificate file serial number via CLI
#!/usr/bin/env bash
# Display an error message if the command does not include a filename
# Exit the shell script with a status of 1 using exit 1 command.
[ $# -eq 0 ] && { echo "Usage: $0 certfilename"; exit 1; }
CERTFILE=$1
openssl x509 -noout -serial -in $CERTFILE
# for formatting the output in quad see