Skip to content

Instantly share code, notes, and snippets.

View rohan-molloy's full-sized avatar

Rohan rohan-molloy

View GitHub Profile
#!/bin/sh
# For debugging use iptables -v.
IPTABLES="/sbin/iptables"
IP6TABLES="/sbin/ip6tables"
MODPROBE="/sbin/modprobe"
RMMOD="/sbin/rmmod"
ARP="/usr/sbin/arp"

Principles of Adult Behavior

  1. Be patient. No matter what.
  2. Don’t badmouth: Assign responsibility, not blame. Say nothing of another you wouldn’t say to him.
  3. Never assume the motives of others are, to them, less noble than yours are to you.
  4. Expand your sense of the possible.
  5. Don’t trouble yourself with matters you truly cannot change.
  6. Expect no more of anyone than you can deliver yourself.
  7. Tolerate ambiguity.
  8. Laugh at yourself frequently.
@rohan-molloy
rohan-molloy / isp-bgp-prefix.md
Last active May 30, 2019 15:08
One Liner To Get ISP announced prefix

One Liner To Get ISP announced prefix info

dig +short `curl --silent ipecho.net/plain | awk -F. '{print $4"."$3"." $2"."$1}'`.origin.asn.cymru.com TXT

Example

rohan@vm01:~$ dig +short `curl --silent ipecho.net/plain | awk -F. '{print $4"."$3"." $2"."$1}'`.origin.asn.cymru.com TXT
"46652 | 67.205.128.0/20 | US | arin | 2016-04-12"
rohan@vm01:~$
@Plazmaz
Plazmaz / windir.sh
Last active June 15, 2019 01:34
This is a simple function for converting windows paths (C:\Users\Test\t.txt) to their WSL equivalent (/mnt/c/Users/Test/t.txt)
# !/bin/bash
function windir() {
echo "/mnt/$1" | sed -e 's/\\\\/\//g' -e 's/\b\(.\):/\L\1/g'
}
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_rfc1337 = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_ignore_bogus_error_responses = 1
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.accept_redirects=0
net.ipv4.conf.all.accept_redirects=0
net.ipv6.conf.default.accept_redirects=0
@rohan-molloy
rohan-molloy / dhcp-peek.md
Created February 10, 2018 08:27
take a peek at a DHCP enabled network, without actually having to apply any of the connection settings

Using Nmap to troubleshoot DHCP

There are so many times where it's useful to take a peek at a DHCP enabled network, without actually having to apply any of the connection settings offered. You don't need an active ip address for this to work as DHCP uses broadcasts.

  $ sudo nmap --script broadcast-dhcp-discover --spoof-mac -n -e eth1 

  Starting Nmap 6.47 ( http://nmap.org ) at 2018-02-10 08:17 UTC
 Spoofing MAC address 00:01:BA:48:7C:24 (IC-Net)
#! /bin/bash
primary="badnets"
ipset create $primary hash:net &>/dev/null
if [[ -z "$sets" ]]; then
sets=( firehol_level3 firehol_level2 firehol_level1 firehol_webclient );
fi
for s in "${sets[@]}"; do

Many-to-one Outbound Source NAT (IP Masquerade)

Allows a single globally routable address to be shared between multiple hosts on a network

This is one of the most frequently encountered type of NAT and is probably implemented on your home router.

When it sends out traffic, the router needs to change the source address from 192.168.1.x to whatever globally routable address is assigned on the "outside" interface. It needs to keep track of these egress translations so that it can direct the replies to the appropriate inside address.

1. Configure LAN interface

#
# Protocol options
#
Protocol 2
Port 22
AddressFamily inet
ListenAddress 0.0.0.0
#
# Host Keys
#