Shiyayo cyhook

## Jenkinsfile.groovy
node {
    echo 'Results included as an inline comment exactly how they are returned as of Jenkins 2.121, with $BUILD_NUMBER = 1'
    echo 'No quotes, pipeline command in single quotes'
    sh 'echo $BUILD_NUMBER' // 1
    echo 'Double quotes are silently dropped'
    sh 'echo "$BUILD_NUMBER"' // 1
    echo 'Even escaped with a single backslash they are dropped'
    sh 'echo \"$BUILD_NUMBER\"' // 1
    echo 'Using two backslashes, the quotes are preserved'
    sh 'echo \\"$BUILD_NUMBER\\"' // "1"

## Security_Onion_MIME_Types.list
["application/x-dosexec"] = "exe",
["text/x-python"] = "py",
["application/x-tar"] = "tar",
["text/plain"] = "txt",
["application/zip"] = "zip",
["multipart/x-zip"] = "zip",
["multipart/x-gzip"] = "gzip",
["text/x-script.python"] = "py",
["application/x-bytecode.python"] = "pyc",
["audio/x-mpeg"] = "mp3",

## stunnel.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                cyhook
                / stunnel.md
            
            
              Last active
              February 20, 2020 12:46
            
          
    SETTING UP STUNNEL BETWEEN 3 SERVERS 

STEP 1: Install syslog-ng and stunnel on all servers A,B,C 

$ apt-get install syslog-ng stunnel -y


 OR on CENTOS 

$ yum install syslog-ng stunnel -y

STEP 2: Configure servers A to read log files and send to server B and forward to server C


## configure_bro_json-logs.sh
## Configure bro to write JSON logs
mkdir -p /opt/bro/share/bro/site/scripts
sudo tee /opt/bro/share/bro/site/scripts/json-logs.bro << EOF
@load tuning/json-logs

redef LogAscii::json_timestamps = JSON::TS_ISO8601;
redef LogAscii::use_json = T;
EOF

sudo tee -a /opt/bro/share/bro/site/local.bro << EOF

## w3af-installation
git clone --depth 1 https://github.com/andresriancho/w3af.git
cd w3af/
apt install graphviz
pip install pybloomfiltermmap==0.3.14
apt install libssl-dev
apt install libxml2 libxslt
apt install libxml2-dev libxslt
apt install libxml2-dev libxslt-dev
pip install pyopenssl
apt install zlib1g-dev

## nginx.conf
# to generate your dhparam.pem file, run in the terminal
openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048

## api_client.php
<?php

$data = [
    'jsonrpc' => '2.0',
    'method' => 'backup',
    'params' => [
        'authToken' => 'PUT_YOUR_TOKEN_HERE',
//        'id' => '11',
//        'userPass' => 'debian',
//        'text' => 'Keepass',

## create-mysql.bash
#!/bin/bash
PASS=`pwgen -s 40 1`

mysql -uroot <<MYSQL_SCRIPT
CREATE DATABASE $1;
CREATE USER '$1'@'localhost' IDENTIFIED BY '$PASS';
GRANT ALL PRIVILEGES ON $1.* TO '$1'@'localhost';
FLUSH PRIVILEGES;
MYSQL_SCRIPT

## grafana-backup.sh
cat /usr/share/grafana/grafana-backup.sh
#!/bin/bash

DB="/var/lib/grafana/grafana.db"
BACKUP="/data/backup/grafana/grafana.db-$(date +%Y%m%d).bck"
SQLITE=/usr/bin/sqlite3
ZIP=/bin/gzip

${SQLITE} ${DB} ".backup ${BACKUP}"
${ZIP} ${BACKUP}

## netcat to send syslog
echo ‘<14>sourcehost message text’ | nc -v -u -w 0 localhost 514
	node {
	echo 'Results included as an inline comment exactly how they are returned as of Jenkins 2.121, with $BUILD_NUMBER = 1'
	echo 'No quotes, pipeline command in single quotes'
	sh 'echo $BUILD_NUMBER' // 1
	echo 'Double quotes are silently dropped'
	sh 'echo "$BUILD_NUMBER"' // 1
	echo 'Even escaped with a single backslash they are dropped'
	sh 'echo \"$BUILD_NUMBER\"' // 1
	echo 'Using two backslashes, the quotes are preserved'
	sh 'echo \\"$BUILD_NUMBER\\"' // "1"
	["application/x-dosexec"] = "exe",
	["text/x-python"] = "py",
	["application/x-tar"] = "tar",
	["text/plain"] = "txt",
	["application/zip"] = "zip",
	["multipart/x-zip"] = "zip",
	["multipart/x-gzip"] = "gzip",
	["text/x-script.python"] = "py",
	["application/x-bytecode.python"] = "pyc",
	["audio/x-mpeg"] = "mp3",
	## Configure bro to write JSON logs
	mkdir -p /opt/bro/share/bro/site/scripts
	sudo tee /opt/bro/share/bro/site/scripts/json-logs.bro << EOF
	@load tuning/json-logs

	redef LogAscii::json_timestamps = JSON::TS_ISO8601;
	redef LogAscii::use_json = T;
	EOF

	sudo tee -a /opt/bro/share/bro/site/local.bro << EOF
	git clone --depth 1 https://github.com/andresriancho/w3af.git
	cd w3af/
	apt install graphviz
	pip install pybloomfiltermmap==0.3.14
	apt install libssl-dev
	apt install libxml2 libxslt
	apt install libxml2-dev libxslt
	apt install libxml2-dev libxslt-dev
	pip install pyopenssl
	apt install zlib1g-dev
	# to generate your dhparam.pem file, run in the terminal
	openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048
	<?php

	$data = [
	'jsonrpc' => '2.0',
	'method' => 'backup',
	'params' => [
	'authToken' => 'PUT_YOUR_TOKEN_HERE',
	// 'id' => '11',
	// 'userPass' => 'debian',
	// 'text' => 'Keepass',
	#!/bin/bash
	PASS=`pwgen -s 40 1`

	mysql -uroot <<MYSQL_SCRIPT
	CREATE DATABASE $1;
	CREATE USER '$1'@'localhost' IDENTIFIED BY '$PASS';
	GRANT ALL PRIVILEGES ON $1.* TO '$1'@'localhost';
	FLUSH PRIVILEGES;
	MYSQL_SCRIPT
	cat /usr/share/grafana/grafana-backup.sh
	#!/bin/bash

	DB="/var/lib/grafana/grafana.db"
	BACKUP="/data/backup/grafana/grafana.db-$(date +%Y%m%d).bck"
	SQLITE=/usr/bin/sqlite3
	ZIP=/bin/gzip

	${SQLITE} ${DB} ".backup ${BACKUP}"
	${ZIP} ${BACKUP}