letsroot lsr00ter

## Ubuntu-24.04-fresh-install.md

      
              1 file
            
          
              3 forks
            
          
                0 comments
              
            
              12 stars
            
          
                Koratsuki
                / Ubuntu-24.04-fresh-install.md
            
            
              Last active
              July 9, 2025 17:35
            
              
                Ubuntu 24.04 fresh install
              
          
    Ubuntu 24.04 fresh install guide

First of all, I must say that I'am not a fan or user of Ubuntu. This is just a guide for newcomers, and colleagues that are struggling after the new release with the system changes.
Repositories configurations and system upgrade

Right after fresh install, you must do a system update. Don't delay it, but first, let's configure repositories. Delete the new config for repositories, this can cause problems or new users can get lost configuring it, have friends reporting me that:


## ubuntu_cleanup.sh
#!/usr/bin/env bash

# Security-Hardened Ubuntu Cleanup Script
# This script performs comprehensive system cleanup with enterprise-grade security
# EXCLUDES: hy3dgen folder from any deletion operations
#
# Security improvements:
# - Comprehensive error handling with trap handlers
# - Safe configuration loading without arbitrary code execution
# - APT and script-level locking mechanisms

## cs_rebound_infotech_config.txt
BeaconType                       - Hybrid HTTP DNS
Port                             - 1
SleepTime                        - 3787
MaxGetSize                       - 1864474
Jitter                           - 59
MaxDNS                           - 255
PublicKey_MD5                    - 832667e06ab05f34cef55ad209504a2b
C2Server                         - ns1.standwithukraine.space,/jp,dns.standwithukraine.space,/jp,ns1.costacancordia.com,/jp,dns.costacancordia.com,/jp
UserAgent                        - Not Found
HttpPostUri                      - Not Found

## 20211210-TLP-WHITE_LOG4J.md

      
              1 file
            
          
              94 forks
            
          
                907 comments
              
            
              1085 stars
            
          
                SwitHak
                / 20211210-TLP-WHITE_LOG4J.md
            
            
              Last active
              October 14, 2025 08:35
            
              
                BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC
              
          
    Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)
Errors, typos, something to say ?


If you want to add a link, comment or send it to me
Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources


Royce Williams list sorted by vendors responses Royce List
Very detailed list NCSC-NL
The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List


## PoC_CVE-2021-28482.py
import requests
import time
import sys
from base64 import b64encode
from requests_ntlm2 import HttpNtlmAuth
from urllib3.exceptions import InsecureRequestWarning
from urllib import quote_plus

requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)

## FUCK APPLE OCSP
127.0.0.1 ocsp-lb.apple.com.akadns.net
127.0.0.1 ocsp-cn-lb.apple.com.akadns.net
127.0.0.1 ocsp.apple.com.download.ks-cdn.com
127.0.0.1 k128-mzstatic.gslb.ksyuncdn.com
127.0.0.1 ocsp.apple.com.cdn20.com
127.0.0.1 ocsp.g.aaplimg.com
127.0.0.1 ocsp.apple.com
127.0.0.1 ocsp.digicert.com

## LiferayJsonEvalCC6.java
package ysoserial.payloads;

import com.mchange.lang.ByteUtils;
import org.apache.commons.collections.Transformer;
import org.apache.commons.collections.functors.ChainedTransformer;
import org.apache.commons.collections.functors.ConstantTransformer;
import org.apache.commons.collections.functors.InvokerTransformer;
import org.apache.commons.collections.keyvalue.TiedMapEntry;
import org.apache.commons.collections.map.LazyMap;
import ysoserial.payloads.annotation.Authors;

## merge_bilibili_video.sh
#!/bin/bash
# for: bulk merge bilibili UWP download file *.flv
# by: blog.502.li
# date: 2019-01-12
# 将该脚放到 UWP 客户端下载缓存主目录下执行，安装 ffmpeg、jq

set -xu
download_dir=$(pwd)
mp4_dir=${download_dir}/mp4
mkdir -p ${mp4_dir}

## Bootstrap_XSS.md

      
              1 file
            
          
              33 forks
            
          
                1 comment
              
            
              105 stars
            
          
                BlackFan
                / Bootstrap_XSS.md
            
            
              Last active
              October 21, 2025 08:24
            
              
                Bootstrap XSS Collection
              
          
    CVE-2019-8331

Bootstrap < 3.4.1 || < 4.3.1
✔️ CSP strict-dynamic bypass
➖ Requires user interaction
➖ Requires $('[data-toggle="tooltip"]').tooltip();

  
## iOSJailbreak.md

      
              1 file
            
          
              0 forks
            
          
                0 comments
              
            
              9 stars
            
          
                laprasdrum
                / iOSJailbreak.md
            
            
              Last active
              November 25, 2023 20:25
            
              
                iOS jailbreak -> layout check via cyrun
              
          
    JailBreak

unc0ver: ~13.5 https://unc0ver.dev/
checkra1n: ~13 (14 & A10+ experimental) https://checkra.in/
checkra1n


download checkra
connect your iPhone via USB
start JB on checkra
	#!/usr/bin/env bash

	# Security-Hardened Ubuntu Cleanup Script
	# This script performs comprehensive system cleanup with enterprise-grade security
	# EXCLUDES: hy3dgen folder from any deletion operations
	#
	# Security improvements:
	# - Comprehensive error handling with trap handlers
	# - Safe configuration loading without arbitrary code execution
	# - APT and script-level locking mechanisms
	BeaconType - Hybrid HTTP DNS
	Port - 1
	SleepTime - 3787
	MaxGetSize - 1864474
	Jitter - 59
	MaxDNS - 255
	PublicKey_MD5 - 832667e06ab05f34cef55ad209504a2b
	C2Server - ns1.standwithukraine.space,/jp,dns.standwithukraine.space,/jp,ns1.costacancordia.com,/jp,dns.costacancordia.com,/jp
	UserAgent - Not Found
	HttpPostUri - Not Found
	import requests
	import time
	import sys
	from base64 import b64encode
	from requests_ntlm2 import HttpNtlmAuth
	from urllib3.exceptions import InsecureRequestWarning
	from urllib import quote_plus

	requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)
	127.0.0.1 ocsp-lb.apple.com.akadns.net
	127.0.0.1 ocsp-cn-lb.apple.com.akadns.net
	127.0.0.1 ocsp.apple.com.download.ks-cdn.com
	127.0.0.1 k128-mzstatic.gslb.ksyuncdn.com
	127.0.0.1 ocsp.apple.com.cdn20.com
	127.0.0.1 ocsp.g.aaplimg.com
	127.0.0.1 ocsp.apple.com
	127.0.0.1 ocsp.digicert.com
	package ysoserial.payloads;

	import com.mchange.lang.ByteUtils;
	import org.apache.commons.collections.Transformer;
	import org.apache.commons.collections.functors.ChainedTransformer;
	import org.apache.commons.collections.functors.ConstantTransformer;
	import org.apache.commons.collections.functors.InvokerTransformer;
	import org.apache.commons.collections.keyvalue.TiedMapEntry;
	import org.apache.commons.collections.map.LazyMap;
	import ysoserial.payloads.annotation.Authors;
	#!/bin/bash
	# for: bulk merge bilibili UWP download file *.flv
	# by: blog.502.li
	# date: 2019-01-12
	# 将该脚放到 UWP 客户端下载缓存主目录下执行，安装 ffmpeg、jq

	set -xu
	download_dir=$(pwd)
	mp4_dir=${download_dir}/mp4
	mkdir -p ${mp4_dir}