Rafael Foster rafaelfoster

## webrevproxy-ssl.conf
# The first two lines are also important
# Some tests with *:443 never work for me. Needed to test more times
NameVirtualHost server.example.com:443
<VirtualHost server.example.com:443>
        ServerName server.example.com

        # SSL Params
        # Activate the client certificate
        SSLEngine On
        SSLCertificateFile /etc/httpd/cert/ca.crt

## phpAntiSQLInjection.php
<?php
/*
* Anti Injection
* Verifica e Trata as informações
* Autor: Danilo Iannone - danilowm@gmail.com
*/

function anti_injection( $obj ) {
   $obj = preg_replace("/(from|alter table|select|insert|delete|update|where|drop table|show tables|#|\*|--)/i", "",strtolower($obj));
   $obj = trim($obj);

## detect_session.vbs
Set WshShell = CreateObject("WScript.Shell")

strSessionName = wshShell.ExpandEnvironmentStrings( "%SESSIONNAME%" )

if ( inStr(LCase(strSessionName),"rdp") <> 0 ) Then
	' Do something
End If

## HandlingShortcuts.vbs
' Replace a Shortcut with regex search
On Error Resume Next
Set WshShell = CreateObject("WScript.Shell")
Set objRegEx = CreateObject("VBScript.RegExp")
Set objFSO = CreateObject("Scripting.FileSystemObject")

NumberFiles = 0
Const ForReading = 1
Const ForWriting = 2
Const ForAppend  = 8

## Apache_Certificate
# Command extracts public key to domain.cer.
openssl pkcs12 -in domain.pfx -clcerts -nokeys -out domain.cer

# Command extracts private key to domain.key.
openssl pkcs12 -in domain.pfx -nocerts -nodes  -out domain.key

<VirtualHost example.com:443>
   ...
   SSLEngine on
   SSLCertificateFile /path/to/domain.cer

## scan_scsi_disks.sh
# This command scan new hard disk drives on Linux Systems.
# this is useful when the host is on a Virtual Environment and you add new hard disks to it
ls /sys/class/scsi_host/ | while read host ; do echo "- - -" > /sys/class/scsi_host/$host/scan ; done

## Mysql_Change_TableEngine.sh
DATABASE="DATABASE"
USER="username"
PASSWD="password"
mysql -u $USER -p$PASSWD $DATABASE -e "show tables" |while read dbtable
do
  mysql $DATABASE -e "ALTER TABLE $DATABASE.$dbtable ENGINE=InnoDB"
  echo "Convertendo tabela: $dbtable"
done

## selinux_audit2allow.sh
# instalar pacotes para liberação de regras no SELinux
yum install policycoreutils-python

# Verificar se houve bloqueios no SELinux
aureport --avc

# Criar arquivos de regras
cat /var/log/audit/audit.log  |grep "filtro" |audit2allow -M "nome_do_modulo"

# Instalar modulo

## gitlab_api.sh
# Gitlab API reference: http://api.gitlab.org/

# To use Gitlab API you must specify the Private Token.
# You can get it on Profile -> Account -> Private Token.
# Some operations require that the Tokens belongs to an Admin

# Get a list of All projects
curl --header "PRIVATE-TOKEN: [private token]" "http[s]://[servername_or_ip]/api/v3/projects/$id"

# Simple mass deletion of Gitlab projects

## Exc2010_Powershell_HTTP500 Issue.ps1
import-module ServerManager
Remove-WindowsFeature WinRM-IIS-Ext
Add-WindowsFeature WinRM-IIS-Ext
	# The first two lines are also important
	# Some tests with *:443 never work for me. Needed to test more times
	NameVirtualHost server.example.com:443
	<VirtualHost server.example.com:443>
	ServerName server.example.com

	# SSL Params
	# Activate the client certificate
	SSLEngine On
	SSLCertificateFile /etc/httpd/cert/ca.crt
	<?php
	/*
	* Anti Injection
	* Verifica e Trata as informações
	* Autor: Danilo Iannone - danilowm@gmail.com
	*/

	function anti_injection( $obj ) {
	$obj = preg_replace("/(from\|alter table\|select\|insert\|delete\|update\|where\|drop table\|show tables\|#\|\*\|--)/i", "",strtolower($obj));
	$obj = trim($obj);
	Set WshShell = CreateObject("WScript.Shell")

	strSessionName = wshShell.ExpandEnvironmentStrings( "%SESSIONNAME%" )

	if ( inStr(LCase(strSessionName),"rdp") <> 0 ) Then
	' Do something
	End If
	' Replace a Shortcut with regex search
	On Error Resume Next
	Set WshShell = CreateObject("WScript.Shell")
	Set objRegEx = CreateObject("VBScript.RegExp")
	Set objFSO = CreateObject("Scripting.FileSystemObject")

	NumberFiles = 0
	Const ForReading = 1
	Const ForWriting = 2
	Const ForAppend = 8
	# Command extracts public key to domain.cer.
	openssl pkcs12 -in domain.pfx -clcerts -nokeys -out domain.cer

	# Command extracts private key to domain.key.
	openssl pkcs12 -in domain.pfx -nocerts -nodes -out domain.key

	<VirtualHost example.com:443>
	...
	SSLEngine on
	SSLCertificateFile /path/to/domain.cer
	# This command scan new hard disk drives on Linux Systems.
	# this is useful when the host is on a Virtual Environment and you add new hard disks to it
	ls /sys/class/scsi_host/ \| while read host ; do echo "- - -" > /sys/class/scsi_host/$host/scan ; done
	DATABASE="DATABASE"
	USER="username"
	PASSWD="password"
	mysql -u $USER -p$PASSWD $DATABASE -e "show tables" \|while read dbtable
	do
	mysql $DATABASE -e "ALTER TABLE $DATABASE.$dbtable ENGINE=InnoDB"
	echo "Convertendo tabela: $dbtable"
	done
	# instalar pacotes para liberação de regras no SELinux
	yum install policycoreutils-python

	# Verificar se houve bloqueios no SELinux
	aureport --avc

	# Criar arquivos de regras
	cat /var/log/audit/audit.log \|grep "filtro" \|audit2allow -M "nome_do_modulo"

	# Instalar modulo
	# Gitlab API reference: http://api.gitlab.org/

	# To use Gitlab API you must specify the Private Token.
	# You can get it on Profile -> Account -> Private Token.
	# Some operations require that the Tokens belongs to an Admin

	# Get a list of All projects
	curl --header "PRIVATE-TOKEN: [private token]" "http[s]://[servername_or_ip]/api/v3/projects/$id"

	# Simple mass deletion of Gitlab projects
	import-module ServerManager
	Remove-WindowsFeature WinRM-IIS-Ext
	Add-WindowsFeature WinRM-IIS-Ext