I hereby claim:
- I am diyinfosec on github.
- I am ane2843 (https://keybase.io/ane2843) on keybase.
- I have a public key ASBVHEdc_Yub7TdQ7oulsyilO33pP4Y1T0iX2ukTTXKkcQo
To claim this, I am signing this object:
I hereby claim:
To claim this, I am signing this object:
#!/bin/bash | |
#- This script is just a collection of functions that I created for learning ext4. | |
#- Just run ". ./manage_ext4.sh" from the command prompt and it will load the functions into your current session. | |
#- To list the functions defined in your Bash shell use: "declare -F" | |
#- For our purposes you can ignore functions starting with _. So "declare -F | grep -v ' _'" gives you a shorter list. | |
#================================== | |
#- Comments about multipass | |
#================================== |
#!/bin/bash | |
#- Script to setup Docker, Minikube, Kubectl, Helm on Ubuntu. | |
#- On the K8s cluster install - Vault, Consul, Datadog agent. | |
#- Access to K8s dashboard is provided through nginx on port 5000. http://<host_ip>:5000 | |
#- Acess to Vault UI is provided through kubectl port-forward. http://<host_ip>:8200 | |
#- I use multipass for the VMs, so rebuild a VM the following steps are applicable. | |
#- For the first time, the first two commands can be ignored. | |
# multipass delete ktest |
apiVersion: audit.k8s.io/v1beta1 | |
kind: Policy | |
rules: | |
# non relevant rules | |
- level: None | |
nonResourceURLs: | |
- "/healthz*" | |
- "/logs" | |
- "/metrics" | |
- "/swagger*" |
#- Iterate over the maximum size of Attribute ID | |
for($i=1; $i -lt 65536; $i++) | |
{ | |
#- This file must already exist. Additional hardlinks will be created for this file. | |
$original_file_name="file.txt"; | |
#- Testing the upper limit for ADS creation, breaking off once there is an non-terminating error [Set-Content : Could not open the alternate data stream ‘<stream_name>’ of the file] | |
#- Non-terminating errors are not handled using try/catch. To force a non-terminating error to be caught we use "-ErrorAction Stop" | |
try | |
{ |
#- Author: Ramprasad R | |
#- Purpose: This is a simple script I wrote to test how many hardlinks I can create for a file. | |
#- Language: Powershell | |
<# | |
Question: | |
How many NTFS attributes can a file have? | |
Hypothesis: | |
In the MFT, the Attribute ID field is 2 bytes = 16 bits = 2^16 = 65536 | |
Technically I should be able to create a file with 65536 attributes |
import re | |
#- Name of the file/drive letter to scan | |
#input_file_name="C:\\memory.dmp" | |
input_file_name="memory.dmp" | |
key_len=32 | |
#- Open the input file | |
with open(input_file_name, "rb") as f: |
from timeit import default_timer as timer | |
from binascii import b2a_hex,hexlify | |
#- First half of the code covers AES schedule calculation. Memory dump processing, line 150 onwards. | |
#- AES key schedule calculation taken from: https://www.alexrhodes.io/blog/post/30/ | |
class AesKeySchedule: | |
#AES S-box | |
s_box = [ |
from timeit import default_timer as timer | |
from binascii import b2a_hex | |
#- Config variables | |
filename="memory.dmp" | |
aes_key_size=32 | |
min_distinct_bytes=10 | |
#- Variables related to file processing | |
file_offset=0; |
from timeit import default_timer as timer | |
from binascii import b2a_hex,hexlify | |
#- Goto "Memory dump processing" second section | |
#- AES key schedule calculation taken from: https://www.alexrhodes.io/blog/post/30/ | |
class AesKeySchedule: | |
#AES S-box | |
s_box = [ |