totoCZ

## setcap.sh
# ref.
# https://www.freebsd.org/cgi/man.cgi?query=mac_portacl&sektion=4
# https://www.freebsd.org/doc/handbook/mac-policies.html

# load the kernel module
kldload mac_portacl

# set the new security rules
sysctl security.mac.portacl.rules=uid:80:tcp:80,uid:80:tcp:443

## bump-soa.sh
#!/bin/bash

ts=$(date +%s)
FILES="/var/lib/coredns/zones/*"

for f in $FILES
do
  echo "Processing $f file..."
  gawk -i inplace '!/hostmaster.hetmer.net/' $f
  origin=$(awk 'NR==1{print $1}' $f)

## mega.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                totoCZ
                / mega.md
            
            
              Last active
              March 12, 2023 22:24
            
              
                open ports
              
          
    ss -tulpen | grep -vEe "\s+127[.]|::1|172\."

ansible all -m shell -a 'ss -tulpen | grep -vEe "\s+127[.]|::1|172\."'

needs to add 10.xx, fe80..

  
## caddy.sh
setcap cap_net_bind_service=+ep /usr/local/bin/caddy

nano /etc/systemd/system/caddy.service

semanage fcontext -a -t httpd_exec_t /usr/local/bin/caddy
restorecon /usr/local/bin/caddy

chown www-data:www-data /etc/ssl/caddy/
semanage fcontext -a -t httpd_sys_rw_content_t /etc/ssl/caddy
restorecon /etc/ssl/caddy

## gist:4430857313539b2585a5175ca3c1ed81
<?php
$timeout = 1;
$chunkSize = 4;
function callRPC($host, $targets, $timeout, $chunkSize) {
	$sockets = [];
	$errno = 0;
	$errstr = '';
	// Send.
	$s = stream_socket_client($host, $errno, $errstr, $timeout);
	if (!$s) {

## ping.php
<?php
// curl -v [ipaddress]/static.png -H "Host: test" -H "Range: bytes=0-18446744073709551615"

if (isset($_GET["host"]) && isset($_GET["url"])) {
	$h = htmlspecialchars($_GET["host"]);
	$ip = gethostbyname($h);
	$url = htmlspecialchars($_GET["url"]);

	$opts = array('http' =>
  		array(

## ftplicity
FROM wernight/duplicity
USER root
RUN apk add --update lftp
USER duplicity

## dnx8.rb
pt = [87, 1, 186, 160, 224, 132, 237, 176, 234, 208, 194, 17, 239, 2, 74, 244, 61, 200, 116, 91, 32, 145, 28, 243, 216, 185, 188, 136, 250, 183, 125, 229, 179, 235, 20, 194, 10, 61, 15]

ct = [31, 64, 234, 240, 185, 164, 172, 224, 184, 153, 142, 49, 169, 77, 5, 184, 110, 232, 70, 107, 17, 167, 60, 181, 138, 246, 241, 168, 170, 229, 52, 188, 252, 166, 58, 141, 88, 122, 46]

count = pt.count

for i in 0..count-1 do

        p = pt[i]
        c = ct[i]

## restore.ps1
Get-ChildItem | Get-ChildItem | Copy-Item -Destination ../new -Recurse -Container -Force

## 4xz.log
19:41:42 <@danix111> hmm 4XZ avoids the letter 'V' in its groups completely
19:41:46 <@danix111> zero occurrences
19:43:09 <@argonn> 'cause it is evil
19:43:17 <@argonn> aVil
19:43:20 <@argonn> eVil *
19:44:32 <@totoCZ> lol nice danix
19:44:45 <@totoCZ> so they use "V" to set up the auto decoder for VVV DE 4XZ :>
19:45:05 <@totoCZ> plausible theory IMO
19:45:32 <@totoCZ> dzen alphabet walrus analyst
19:45:50 <@Avare> need analyst for toto
	# ref.
	# https://www.freebsd.org/cgi/man.cgi?query=mac_portacl&sektion=4
	# https://www.freebsd.org/doc/handbook/mac-policies.html

	# load the kernel module
	kldload mac_portacl

	# set the new security rules
	sysctl security.mac.portacl.rules=uid:80:tcp:80,uid:80:tcp:443
	#!/bin/bash

	ts=$(date +%s)
	FILES="/var/lib/coredns/zones/*"

	for f in $FILES
	do
	echo "Processing $f file..."
	gawk -i inplace '!/hostmaster.hetmer.net/' $f
	origin=$(awk 'NR==1{print $1}' $f)
	setcap cap_net_bind_service=+ep /usr/local/bin/caddy

	nano /etc/systemd/system/caddy.service

	semanage fcontext -a -t httpd_exec_t /usr/local/bin/caddy
	restorecon /usr/local/bin/caddy

	chown www-data:www-data /etc/ssl/caddy/
	semanage fcontext -a -t httpd_sys_rw_content_t /etc/ssl/caddy
	restorecon /etc/ssl/caddy
	<?php
	$timeout = 1;
	$chunkSize = 4;
	function callRPC($host, $targets, $timeout, $chunkSize) {
	$sockets = [];
	$errno = 0;
	$errstr = '';
	// Send.
	$s = stream_socket_client($host, $errno, $errstr, $timeout);
	if (!$s) {
	<?php
	// curl -v [ipaddress]/static.png -H "Host: test" -H "Range: bytes=0-18446744073709551615"

	if (isset($_GET["host"]) && isset($_GET["url"])) {
	$h = htmlspecialchars($_GET["host"]);
	$ip = gethostbyname($h);
	$url = htmlspecialchars($_GET["url"]);

	$opts = array('http' =>
	array(
	FROM wernight/duplicity
	USER root
	RUN apk add --update lftp
	USER duplicity
	pt = [87, 1, 186, 160, 224, 132, 237, 176, 234, 208, 194, 17, 239, 2, 74, 244, 61, 200, 116, 91, 32, 145, 28, 243, 216, 185, 188, 136, 250, 183, 125, 229, 179, 235, 20, 194, 10, 61, 15]

	ct = [31, 64, 234, 240, 185, 164, 172, 224, 184, 153, 142, 49, 169, 77, 5, 184, 110, 232, 70, 107, 17, 167, 60, 181, 138, 246, 241, 168, 170, 229, 52, 188, 252, 166, 58, 141, 88, 122, 46]

	count = pt.count

	for i in 0..count-1 do

	p = pt[i]
	c = ct[i]
	19:41:42 <@danix111> hmm 4XZ avoids the letter 'V' in its groups completely
	19:41:46 <@danix111> zero occurrences
	19:43:09 <@argonn> 'cause it is evil
	19:43:17 <@argonn> aVil
	19:43:20 <@argonn> eVil *
	19:44:32 <@totoCZ> lol nice danix
	19:44:45 <@totoCZ> so they use "V" to set up the auto decoder for VVV DE 4XZ :>
	19:45:05 <@totoCZ> plausible theory IMO
	19:45:32 <@totoCZ> dzen alphabet walrus analyst
	19:45:50 <@Avare> need analyst for toto