Saulius Krasuckas sskras

## pkgsrc-2f16fa8-zig-build-fails-in-libunwind.txt
# 1, clone Git repo:

$ git clone https://github.com/NetBSD/pkgsrc
$ cd pkgsrc

# 2, Bootstrap in unprivileged way:

$ bootstrap/bootstrap --unprivileged

# 3, Update PATH in the environment:

## cleanup-win10.ps1
##
## Windows 10 cleanup script.
## Remove dodgy tracking settings, unneeded services, all apps, and optional features that come with Windows 10. Make it more like Windows 7.
## NOTE: this was tested on Creators Update (1703) and Fall Creators Update (1709). Some of this may not work as expected on newer versions.
##
## Instructions
##  1. Run this script (under Powershell as Administrator):
##     powershell -ExectionPolicy Bypass .\cleanup-win10.ps1
##  2. Let it run through, you may see a few errors, this is normal
##  3. Reboot

## windows_hardening.cmd
:: Windows 10 Hardening Script
:: This is based mostly on my own personal research and testing. My objective is to secure/harden Windows 10 as much as possible while not impacting usability at all. (Think being able to run on this computer's of family members so secure them but not increase the chances of them having to call you to troubleshoot something related to it later on). References for virtually all settings can be found at the bottom. Just before the references section, you will always find several security settings commented out as they could lead to compatibility issues in common consumer setups but they're worth considering.
:: Obligatory 'views are my own'. :)
:: Thank you @jaredhaight for the Win Firewall config recommendations!
:: Thank you @ricardojba for the DLL Safe Order Search reg key!
:: Thank you @jessicaknotts for the help on testing Exploit Guard configs and checking privacy settings!
:: Best script I've found for Debloating Windows 10: https://github.com/Sycnex/Windows10Debloater
:

## Backdoor-Minimalist.sct
<?XML version="1.0"?>
<scriptlet>
<registration
    progid="PoC"
    classid="{F0001111-0000-0000-0000-0000FEEDACDC}" >
	<!-- Proof Of Concept - Casey Smith @subTee -->
	<!--  License: BSD3-Clause -->
	<script language="JScript">
		<![CDATA[


## stuns
# source : http://code.google.com/p/natvpn/source/browse/trunk/stun_server_list
# A list of available STUN server.

stun.l.google.com:19302
stun1.l.google.com:19302
stun2.l.google.com:19302
stun3.l.google.com:19302
stun4.l.google.com:19302
stun01.sipphone.com
stun.ekiga.net

## replace_synology_ssl_certs.sh
#!/bin/sh
#
# *** For DSM v7.x ***
#
# How to use this script:
#  1. Get your 3 PEM files ready to copy over from your local machine/update server (privkey.pem, fullchain.pem, cert.pem)
#     and put into a directory (this will be $CERT_DIRECTORY).
#  2. Ensure you have a user setup on synology that has ssh access (and ssh access is setup).
#     This user will need to be able to sudo as root (i.e. add this line to sudoers, <USER> is the user you create):
#       <USER> ALL=(ALL) NOPASSWD: /var/services/homes/<USER>/replace_certs.sh

## web-servers.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                sskras
                / web-servers.md
            
            
              Created
              November 13, 2022 18:50
                — forked from willurd/web-servers.md
            
              
                Big list of http static server one-liners
              
          
    Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.
Discussion on reddit.
Python 2.x

$ python -m SimpleHTTPServer 8000

  
## bash & nc chat
#!/bin/bash
# A little chat progream via ncat
# Author:wrfly Date:2015.7
# Usage:
# Server: ncat -e chat.sh -lk &
# Client: ncat server_ip

#config
db_users=user_lists
db_rooms=db_rooms

## nstxd-setup.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                sskras
                / nstxd-setup.md
            
            
              Created
              August 25, 2022 04:29
                — forked from avar/nstxd-setup.md
            
          
    I've been following this nstx
tutorial. I set up a server on tunnel.nix.is. It's set
up
to use the tun1 interface there. See also this tutorial for iodine.
Since the server is also a shadow DNS master for several domains I
compiled a custom nstxd that listens on port 5252/udf instead of
53/udp. So these are the listening processes:
$ sudo netstat -ldnp | grep :5[23]

  
## slack-invite-link-security-issue.txt
We are writing to let you know about a bug we recently discovered and fixed in Slack's Shared Invite Link functionality. This
feature allows you to create a link that will permit anyone to join your Slack workspace; it is an alternative to inviting
people one-by-one via email to become workspace members. You are receiving this email because you created and/or revoked one
of these links for your workspace between April 17, 2017 and July 17, 2022. We'll go into detail about this security issue below.

Important things first, though: We have no reason to believe that anyone was able to obtain your plaintext password because
of this vulnerability. However, for the sake of caution, we have reset your Slack password. You will need to set a new Slack
password before you can login again.

Now, for some technical details — feel free to skip the next two paragraphs if that doesn't interest you. When you're
	# 1, clone Git repo:

	$ git clone https://github.com/NetBSD/pkgsrc
	$ cd pkgsrc

	# 2, Bootstrap in unprivileged way:

	$ bootstrap/bootstrap --unprivileged

	# 3, Update PATH in the environment:
	##
	## Windows 10 cleanup script.
	## Remove dodgy tracking settings, unneeded services, all apps, and optional features that come with Windows 10. Make it more like Windows 7.
	## NOTE: this was tested on Creators Update (1703) and Fall Creators Update (1709). Some of this may not work as expected on newer versions.
	##
	## Instructions
	## 1. Run this script (under Powershell as Administrator):
	## powershell -ExectionPolicy Bypass .\cleanup-win10.ps1
	## 2. Let it run through, you may see a few errors, this is normal
	## 3. Reboot
	:: Windows 10 Hardening Script
	:: This is based mostly on my own personal research and testing. My objective is to secure/harden Windows 10 as much as possible while not impacting usability at all. (Think being able to run on this computer's of family members so secure them but not increase the chances of them having to call you to troubleshoot something related to it later on). References for virtually all settings can be found at the bottom. Just before the references section, you will always find several security settings commented out as they could lead to compatibility issues in common consumer setups but they're worth considering.
	:: Obligatory 'views are my own'. :)
	:: Thank you @jaredhaight for the Win Firewall config recommendations!
	:: Thank you @ricardojba for the DLL Safe Order Search reg key!
	:: Thank you @jessicaknotts for the help on testing Exploit Guard configs and checking privacy settings!
	:: Best script I've found for Debloating Windows 10: https://github.com/Sycnex/Windows10Debloater
	:
	<?XML version="1.0"?>
	<scriptlet>
	<registration
	progid="PoC"
	classid="{F0001111-0000-0000-0000-0000FEEDACDC}" >
	<!-- Proof Of Concept - Casey Smith @subTee -->
	<!-- License: BSD3-Clause -->
	<script language="JScript">
	<![CDATA[
	# source : http://code.google.com/p/natvpn/source/browse/trunk/stun_server_list
	# A list of available STUN server.

	stun.l.google.com:19302
	stun1.l.google.com:19302
	stun2.l.google.com:19302
	stun3.l.google.com:19302
	stun4.l.google.com:19302
	stun01.sipphone.com
	stun.ekiga.net
	#!/bin/sh
	#
	# * For DSM v7.x *
	#
	# How to use this script:
	# 1. Get your 3 PEM files ready to copy over from your local machine/update server (privkey.pem, fullchain.pem, cert.pem)
	# and put into a directory (this will be $CERT_DIRECTORY).
	# 2. Ensure you have a user setup on synology that has ssh access (and ssh access is setup).
	# This user will need to be able to sudo as root (i.e. add this line to sudoers, <USER> is the user you create):
	# <USER> ALL=(ALL) NOPASSWD: /var/services/homes/<USER>/replace_certs.sh
	#!/bin/bash
	# A little chat progream via ncat
	# Author:wrfly Date:2015.7
	# Usage:
	# Server: ncat -e chat.sh -lk &
	# Client: ncat server_ip

	#config
	db_users=user_lists
	db_rooms=db_rooms
	We are writing to let you know about a bug we recently discovered and fixed in Slack's Shared Invite Link functionality. This
	feature allows you to create a link that will permit anyone to join your Slack workspace; it is an alternative to inviting
	people one-by-one via email to become workspace members. You are receiving this email because you created and/or revoked one
	of these links for your workspace between April 17, 2017 and July 17, 2022. We'll go into detail about this security issue below.

	Important things first, though: We have no reason to believe that anyone was able to obtain your plaintext password because
	of this vulnerability. However, for the sake of caution, we have reset your Slack password. You will need to set a new Slack
	password before you can login again.

	Now, for some technical details — feel free to skip the next two paragraphs if that doesn't interest you. When you're