letsroot lsr00ter

## python-nmap_example.py
# http://xael.org/norman/python/python-nmap

# lets check for common ports using nmap
import nmap
nmScan = nmap.PortScanner()
nmScan.scan('127.0.0.1', '0-1023')
for port in nmScan['127.0.0.1']['tcp']:
    thisDict = nmScan['127.0.0.1']['tcp'][port]
    print 'Port ' + str(port) + ': ' + thisDict['product'] + ', v' + thisDict['version']

## all.txt

.
..
........
@
*
*.*
*.*.*
ðŸŽ

## cloudflare_ddns.sh
!/bin/bash
# Cloudflare API Key
AuthKey=""
# Cloudflare 使用的邮箱
AuthMail=""
# 已经添加的用于 ddns 的完整域名（如：ddns.example.com）
DDnsName=""
# 绑定到 Cloudflare 的主域名（如 ddns.example.com 的主域名 example.com）
domain=""
# 获取当前 IP

## centos_setup.sh
#!/bin/bash

# Base box setup steps

# Do the steps below as root user
sudo su

# The steps below are based on a clean install on
# CentOS 7 (build 1608)
# http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud-1608.raw.tar.gz

## apk_params.txt
MD
TermUrl
a
adjust_campaign
alternatives
amount
app
app_id
appname
avoid

## gist:c406c3ba5bd252714c01b7c9c53caea5
From: http://redteams.net/bookshelf/
Techie

    Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp.
    Social Engineering: The Art of Human Hacking by Christopher Hadnagy
    Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam
    The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick
    Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others.
    Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor
    The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors

## 20211210-TLP-WHITE_LOG4J.md

      
              1 file
            
          
              0 forks
            
          
                0 comments
              
            
              0 stars
            
          
                lsr00ter
                / 20211210-TLP-WHITE_LOG4J.md
            
            
              Created
              December 12, 2021 07:14
                — forked from SwitHak/20211210-TLP-WHITE_LOG4J.md
            
              
                BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-12 0023 UTC
              
          
    Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228)
Errors, typos, something to say ?


If you want to add a link, comment or send it to me
Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

A

Akamai : https://www.akamai.com/blog/news/CVE-2021-44228-Zero-Day-Vulnerability

Apache Druid : apache/druid#12051

Apache Flink : https://flink.apache.org/2021/12/10/log4j-cve.html


## VMware_ESXi_offline_update_with_cli.sh
# 进入维护模式
esxcli system maintenanceMode set --enable true
# 列出离线包中的更新
esxcli software sources profile list -d /vmfs/volumes/250/VMware-ESXi-7.0U3-18644231-depot.zip
# 使用 dry-run 查看更新
esxcli software profile update -d “/vmfs/volumes/250/VMware-ESXi-7.0U3-18644231-depot.zip” -p ESXi-7.0U3-18644231-standard --dry-run
# 如果没有错误，执行更新
esxcli software profile update -d “/vmfs/volumes/250/VMware-ESXi-7.0U3-18644231-depot.zip” -p ESXi-7.0U3-18644231-standard

## VMware_ESXi_cli_update_reference.sh
#vim-cmd hostsvc/maintenance_mode_enter

Put the host in maintenance mode and take backup of the host configuration using:
#vim-cmd hostsvc/firmware/sync_config
#vim-cmd hostsvc/firmware/backup_config

hostname -i to get the IP address of the hostname
hostname -f to get the FQDN for the ESXi host

Note: The command should output a URL in which a web browser may be used to download the file.

## linux_add_user_to_ping_group
Create configuration file

`sudo vi /etc/sysctl.d/99-allow-ping.conf`
Add the following line and save the file

`net.ipv4.ping_group_range=10001 10001`
:tipping_hand_woman: If you want to enable it for the world you can set "0 4294967295".

You can load the settings from the file with `sudo sysctl -p /etc/sysctl.d/99-allow-ping.conf` or reboot the server. Verify if the kernel setting is set.
	# http://xael.org/norman/python/python-nmap

	# lets check for common ports using nmap
	import nmap
	nmScan = nmap.PortScanner()
	nmScan.scan('127.0.0.1', '0-1023')
	for port in nmScan['127.0.0.1']['tcp']:
	thisDict = nmScan['127.0.0.1']['tcp'][port]
	print 'Port ' + str(port) + ': ' + thisDict['product'] + ', v' + thisDict['version']
	!/bin/bash
	# Cloudflare API Key
	AuthKey=""
	# Cloudflare 使用的邮箱
	AuthMail=""
	# 已经添加的用于 ddns 的完整域名（如：ddns.example.com）
	DDnsName=""
	# 绑定到 Cloudflare 的主域名（如 ddns.example.com 的主域名 example.com）
	domain=""
	# 获取当前 IP
	#!/bin/bash

	# Base box setup steps

	# Do the steps below as root user
	sudo su

	# The steps below are based on a clean install on
	# CentOS 7 (build 1608)
	# http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud-1608.raw.tar.gz
	MD
	TermUrl
	a
	adjust_campaign
	alternatives
	amount
	app
	app_id
	appname
	avoid
	From: http://redteams.net/bookshelf/
	Techie

	Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp.
	Social Engineering: The Art of Human Hacking by Christopher Hadnagy
	Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam
	The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick
	Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others.
	Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor
	The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors
	# 进入维护模式
	esxcli system maintenanceMode set --enable true
	# 列出离线包中的更新
	esxcli software sources profile list -d /vmfs/volumes/250/VMware-ESXi-7.0U3-18644231-depot.zip
	# 使用 dry-run 查看更新
	esxcli software profile update -d “/vmfs/volumes/250/VMware-ESXi-7.0U3-18644231-depot.zip” -p ESXi-7.0U3-18644231-standard --dry-run
	# 如果没有错误，执行更新
	esxcli software profile update -d “/vmfs/volumes/250/VMware-ESXi-7.0U3-18644231-depot.zip” -p ESXi-7.0U3-18644231-standard
	#vim-cmd hostsvc/maintenance_mode_enter

	Put the host in maintenance mode and take backup of the host configuration using:
	#vim-cmd hostsvc/firmware/sync_config
	#vim-cmd hostsvc/firmware/backup_config

	hostname -i to get the IP address of the hostname
	hostname -f to get the FQDN for the ESXi host

	Note: The command should output a URL in which a web browser may be used to download the file.
	Create configuration file

	`sudo vi /etc/sysctl.d/99-allow-ping.conf`
	Add the following line and save the file

	`net.ipv4.ping_group_range=10001 10001`
	:tipping_hand_woman: If you want to enable it for the world you can set "0 4294967295".

	You can load the settings from the file with `sudo sysctl -p /etc/sysctl.d/99-allow-ping.conf` or reboot the server. Verify if the kernel setting is set.