I hereby claim:
- I am droberson on github.
- I am droberson (https://keybase.io/droberson) on keybase.
- I have a public key whose fingerprint is 8124 9A31 8C19 7335 54E0 69E2 2D8B AC25 9AFA E810
To claim this, I am signing this object:
I hereby claim:
To claim this, I am signing this object:
#!/usr/bin/env python | |
import argparse | |
def main(): | |
description = "example: ./argparse.py [--foo arg] [arg1 arg2]" | |
parser = argparse.ArgumentParser(description=description) | |
parser.add_argument("arg1", nargs="?", help="Argument 1") | |
parser.add_argument("arg2", nargs="?", help="Argument 2") | |
parser.add_argument("-f", "--foo", required=False, help="foo argument") |
Many PBX distros include default Asterisk Manager credentials. Vicidial uses cron:1234. | |
This requires a valid, registered extension to work. This example pings you. Verify with | |
tcpdump or Wireshark. | |
USER="cron" | |
SECRET="1234" | |
PROTOCOL="IAX2" # Could be SIP or something else. | |
EXTENSION="4000" | |
COMMAND="ping -c 5 10.10.10.10" | |
(echo "ACTION: LOGIN\r\nUSERNAME: ${USER}\r\nSECRET: ${SECRET}\r\n\r\nAction: Originate\r\nChannel: ${PROTOCOL}/${EXTENSION}\r\nExten: ${EXTENSION}\r\nPriority: 1\r\nCallerID: lol\r\nApplication: System\r\nData: ${COMMAND}\r\n\r\n") | \ |
This will start logging and block hosts that connect to a host quicker than 10 times in 30 seconds. This severely slows down Nmap scans against you and provides a heads up that you're being scanned by a port scanner or something like dirbuster/sqlmap/hydra that make a lot of connections in rapid succession: | |
iptables -N LOGGING | |
iptables -A INPUT -j LOGGING | |
iptables -A FORWARD -j LOGGING | |
iptables -A LOGGING -p tcp -i eth0 -m state --state NEW -m recent --set | |
iptables -A LOGGING -p tcp -i eth0 -m state --state NEW -m recent --update --seconds 30 --hitcount 10 -j LOG --log-prefix "portscan: " --log-level 4 | |
iptables -A LOGGING -j DROP |
# Install OpenVAS + Greenbone Security Assistant on Ubuntu 16.04 (using openvas9 metapackage) | |
apt update && apt upgrade | |
apt install python-software-properties | |
apt install sqlite3 | |
apt install software-properties-common | |
apt install python-software-properties | |
add-apt-repository ppa:mrazavi/openvas | |
apt-get update | |
apt-get install openvas9 | |
apt install libopenvas9-dev ### if you want to develop |
1. git checkout -b squashed_branch | |
2. git rebase -i master | |
3. edit the file: | |
pick aaaaaaa commit message 1 | |
pick bbbbbbb commit message 2 | |
pick ccccccc commit message 3 | |
... | |
-> |
#!/usr/bin/env python3 | |
from tempfile import mkstemp | |
from os import remove, fdopen | |
import requests | |
ouilist = requests.get("http://standards-oui.ieee.org/oui.txt") | |
tmpfd, tmpfile = mkstemp() |
#!/bin/sh | |
LOGFILE="volatile.log" | |
exectee () { | |
echo "[+] $@" | tee -a $LOGFILE | |
$@ | tee -a $LOGFILE | |
echo | tee -a $LOGFILE | |
} |
#!/bin/sh | |
# install latest virtualbox and vagrant | |
wget -q https://www.virtualbox.org/download/oracle_vbox_2016.asc -O- | sudo apt-key add - | |
wget -q https://www.virtualbox.org/download/oracle_vbox.asc -O- | sudo apt-key add - | |
sudo add-apt-repository "deb [arch=amd64] http://download.virtualbox.org/virtualbox/debian $(lsb_release -cs) contrib" | |
sudo apt update | |
sudo apt install -y virtualbox-6.0 |