Michele "O-Zone" michelep

## convert.sh
#!/bin/bash

# Set quality of JPEG files: value 0 (min) to 100 (max)
QUALITY=100

for file in *.heic; do
    if [ -f "$file" ]; then
	fname=$(basename "$file" .heic)
	heif-convert -q$QUALITY $file $fname.jpg
    fi

## rt4_passwd.sh
#!/bin/bash
echo "=========================="
echo "RT4 password change script"
echo "=========================="
read -p "Username: " username
if [ ${#username} -lt 2 ]; then
    echo "No valid username entered."
    exit
fi
read -p "New password for $username: " -s password

## rt-manteinance.sh
#!/bin/bash
# Make sure to be in the right directory (fit to your RT4 installation)
cd /opt/rt4

# Get the current year
current_year=$(date +'%Y')

# Subtract two years from the current year
two_years_before=$((current_year - 2))

## gist:baf8f99afc4aee00a179f9fd780dd862
https://www.dehashed.com/			View leaked credentials
https://www.exploit-db.com/			Archive of various exploits
https://pulsedive.com/			Search for threat intelligence
https://otx.alienvault.com/			Extensive threat intelligence feed
https://securitytrails.com/			Extensive DNS data
https://www.zoomeye.org/			Gather information about targets
https://buckets.grayhatwarfare.com/			Search public S3 buckets
https://grep.app/			Search across a half million git repos
https://crt.sh/			Search for certs that have been logged by CT
https://dorksearch.com/			Really fast Google dorking

## gist:b21f00107714be0a7befbaa2ba70c19a
-shrink root
$ sudo cryptsetup luksOpen /dev/sda1/ mint-vg
$ sudo lvs
$ sudo lvresize -L -1.2G --resizefs mint-vg/root

-expand swap
$ sudo lvresize -l +100%FREE /dev/mint-vg/swap_1
$ sudo mkswap /dev/mint-vg/swap_1
$ sudo lvs
$ reboot

## ransomware_dls.txt
Hunters International - https://hunters55rdxciehoqzwv7vgyv6nt37tbwax2reroyzxhou7my5ejyid.onion/
Play - http://k7kg3jqxang3wh7hnmaiokchk7qoebupfgoik6rha6mjpzwupwtj25yd.onion
Monti - http://mblogci3rudehaagbryjznltdp33ojwzkq6hn2pckvjq33rycmzczpid.onion/
BianLian - http://bianlianlbc5an4kgnay3opdemgcryg2kpfcbgczopmm3dnbz3uaunad.onion/
Rhysida - http://rhysidafohrhyy2aszi7bm32tnjat5xri65fopcxkdfxhi4tidsg7cad.onion/
LockBit 3.0 - http://lockbitapt6vx57t3eeqjofwgcglmutr3a35nygvokja5uuccip4ykyd.onion/
LockBit 3.0 2 - http://lockbit7z2jwcskxpbokpemdxmltipntwlkmidcll2qirbu7ykg46eyd.onion/
Alphv - http://alphvmmm27o3abo3r2mlmjrpdmzle3rykajqc5xsj7j7ejksbpsa36ad.onion/?page=1
Snatch - http://hl66646wtlp2naoqnhattngigjp5palgqmbwixepcjyq5i534acgqyad.onion/
Vice Society - http://vsociethok6sbprvevl4dlwbqrzyhxcxaqpvcqt5belwvsuxaxsutyad.onion/

## ip-block.sh
#!/bin/sh

LOCAL=`dirname $0`
ME=`basename "$0"`

read -r LINE

cd $LOCAL
cd ../
PWD=`pwd`

## gist:e57307846ed7b3eaad68d8d98fee7758
1) Creo utente per tcpdump

groupadd tcpdump
addgroup <username> tcpdump
chown root.tcpdump /usr/sbin/tcpdump
chmod 0750 /usr/sbin/tcpdump
setcap "CAP_NET_RAW+eip" /usr/sbin/tcpdump

2) Imposto l'accesso senza password (con chiave SSH)

## TOTP
sudo apt update && sudo apt install --assume-yes libpam-google-authenticator

sudo vi /etc/ssh/sshd_config:
ChallengeResponseAuthentication yes

sudo systemctl restart ssh

sudo vi /etc/pam.d/sshd:
auth    required      pam_unix.so     no_warn try_first_pass
auth    required      pam_google_authenticator.so

## openldap2hashcat.py
#!/usr/bin/env python3
# Convert OpenLDAP hashes to a format Hashcat can understand
import sys
import base64

with open(sys.argv[1], 'r') as f:
    lines = f.readlines()

for line in lines:
    line = line.rstrip("\n")
	#!/bin/bash

	# Set quality of JPEG files: value 0 (min) to 100 (max)
	QUALITY=100

	for file in *.heic; do
	if [ -f "$file" ]; then
	fname=$(basename "$file" .heic)
	heif-convert -q$QUALITY $file $fname.jpg
	fi
	#!/bin/bash
	echo "=========================="
	echo "RT4 password change script"
	echo "=========================="
	read -p "Username: " username
	if [ ${#username} -lt 2 ]; then
	echo "No valid username entered."
	exit
	fi
	read -p "New password for $username: " -s password
	#!/bin/bash
	# Make sure to be in the right directory (fit to your RT4 installation)
	cd /opt/rt4

	# Get the current year
	current_year=$(date +'%Y')

	# Subtract two years from the current year
	two_years_before=$((current_year - 2))
	https://www.dehashed.com/ View leaked credentials
	https://www.exploit-db.com/ Archive of various exploits
	https://pulsedive.com/ Search for threat intelligence
	https://otx.alienvault.com/ Extensive threat intelligence feed
	https://securitytrails.com/ Extensive DNS data
	https://www.zoomeye.org/ Gather information about targets
	https://buckets.grayhatwarfare.com/ Search public S3 buckets
	https://grep.app/ Search across a half million git repos
	https://crt.sh/ Search for certs that have been logged by CT
	https://dorksearch.com/ Really fast Google dorking
	-shrink root
	$ sudo cryptsetup luksOpen /dev/sda1/ mint-vg
	$ sudo lvs
	$ sudo lvresize -L -1.2G --resizefs mint-vg/root

	-expand swap
	$ sudo lvresize -l +100%FREE /dev/mint-vg/swap_1
	$ sudo mkswap /dev/mint-vg/swap_1
	$ sudo lvs
	$ reboot
	Hunters International - https://hunters55rdxciehoqzwv7vgyv6nt37tbwax2reroyzxhou7my5ejyid.onion/
	Play - http://k7kg3jqxang3wh7hnmaiokchk7qoebupfgoik6rha6mjpzwupwtj25yd.onion
	Monti - http://mblogci3rudehaagbryjznltdp33ojwzkq6hn2pckvjq33rycmzczpid.onion/
	BianLian - http://bianlianlbc5an4kgnay3opdemgcryg2kpfcbgczopmm3dnbz3uaunad.onion/
	Rhysida - http://rhysidafohrhyy2aszi7bm32tnjat5xri65fopcxkdfxhi4tidsg7cad.onion/
	LockBit 3.0 - http://lockbitapt6vx57t3eeqjofwgcglmutr3a35nygvokja5uuccip4ykyd.onion/
	LockBit 3.0 2 - http://lockbit7z2jwcskxpbokpemdxmltipntwlkmidcll2qirbu7ykg46eyd.onion/
	Alphv - http://alphvmmm27o3abo3r2mlmjrpdmzle3rykajqc5xsj7j7ejksbpsa36ad.onion/?page=1
	Snatch - http://hl66646wtlp2naoqnhattngigjp5palgqmbwixepcjyq5i534acgqyad.onion/
	Vice Society - http://vsociethok6sbprvevl4dlwbqrzyhxcxaqpvcqt5belwvsuxaxsutyad.onion/
	#!/bin/sh

	LOCAL=`dirname $0`
	ME=`basename "$0"`

	read -r LINE

	cd $LOCAL
	cd ../
	PWD=`pwd`
	1) Creo utente per tcpdump

	groupadd tcpdump
	addgroup <username> tcpdump
	chown root.tcpdump /usr/sbin/tcpdump
	chmod 0750 /usr/sbin/tcpdump
	setcap "CAP_NET_RAW+eip" /usr/sbin/tcpdump

	2) Imposto l'accesso senza password (con chiave SSH)
	sudo apt update && sudo apt install --assume-yes libpam-google-authenticator

	sudo vi /etc/ssh/sshd_config:
	ChallengeResponseAuthentication yes

	sudo systemctl restart ssh

	sudo vi /etc/pam.d/sshd:
	auth required pam_unix.so no_warn try_first_pass
	auth required pam_google_authenticator.so
	#!/usr/bin/env python3
	# Convert OpenLDAP hashes to a format Hashcat can understand
	import sys
	import base64

	with open(sys.argv[1], 'r') as f:
	lines = f.readlines()

	for line in lines:
	line = line.rstrip("\n")