binkybear

#!/bin/bash
#
# Attack created by Mubix.  For more information see: 
# https://room362.com/post/2016/snagging-creds-from-locked-machines
# Modified for Nethunter by Binkybear
#

# ================== #
# Check for root
# ================== #

sivel

Better SSH Authorized Keys Management

A seemingly common problem that people encounter is how to handle all of your users authorized_keys file.

People struggle over management, ensuring that users only have specific keys in the authorized_keys file or even a method for expiring keys. A centralized key management system could help provide all of this functionality with a little scripting.

One piece of functionality overlooked in OpenSSH is the AuthorizedKeysCommand configuration keyword. This configuration allows you to specify a command that will run during login to retrieve a users public key file from a remote source and perform validation just as if the authorized_keys file was local.

Here is an example directory structure for a set of users with SSH public keys that can be shared out via a web server:

sudorandom

import SoftLayer
from pprint import pprint

client = SoftLayer.Client(username='USERNAME', api_key='API_KEY')
client['Hardware_Server'].setTags('these,are,new,tags', id=12345)
pprint(client['Hardware_Server'].getObject(id=12345, mask='id, hostname, tagReferences'))