tuxfight3r

### LDAP SEARCH ###

#search by user
ldapsearch -xv  -h ad1.domain.local -p 389 -b "dc=domain,dc=local" -D "user123@domain.local" \
-W "(&(objectClass=user)(sAMAccountName=user123))" 

#search by user but dont wrap the output
ldapsearch -x  -H ldap://ad1.domain.local -b "dc=domain,dc=local" -D "user123@domain.local" \
-W "(&(objectClass=user)(sAMAccountName=user123))" -o ldif-wrap=no 

tuxfight3r

#To Decrypt Jenkins Password from credentials.xml
#<username>jenkins</username>
#<passphrase>your-sercret-hash-S0SKVKUuFfUfrY3UhhUC3J</passphrase>


#go to the jenkins url 
http://jenkins-host/script

#In the console paste the script
hashed_pw='your-sercret-hash-S0SKVKUuFfUfrY3UhhUC3J'

tuxfight3r

openshift list all pods and thier specs (requests/limits)

oc get pod -o jsonpath='{range .items[*]}{"SPEC:  \n  LIMITS  : "}{.spec.containers[*].resources.limits}{"\n  REQUESTS: "}{.spec.containers[*].resources.requests}{"\n"}{end}'

openshift list all pods and thier specs with name (requests /limits)

oc get pod -o jsonpath='{range .items[*]}{"NAME:  "}{.metadata.name}{"\nSPEC:  \n  LIMITS  : "}{.spec.containers[*].resources.limits}{"\n  REQUESTS: "}{.spec.containers[*].resources.requests}{"\n\n"}{end}'

tuxfight3r

Bash

Moving

command	description
ctrl + a	Goto BEGINNING of command line
ctrl + e	Goto END of command line
ctrl + b	move back one character

tuxfight3r

#!/usr/bin/ruby

DATA.each_line do |line|
  puts line
end

__END__
Doom
Quake
Diablo

tuxfight3r

#Read multiple keys from an authorized_keys file and print the finger print

[root@server01 .ssh]# while read line; do ssh-keygen -l -f /dev/stdin <<< $line; done < authorized_keys 
2048 87:7a:4d:70:d2:10:a4:4b:b7:e1:2b:7c:77:92:25:04 /dev/stdin (RSA)
2048 7d:f0:89:94:00:09:bc:70:46:59:8d:9a:70:3b:ac:70 /dev/stdin (RSA)
2048 61:63:ee:0d:f6:d2:d8:d6:ae:37:0c:35:ae:da:51:6a /dev/stdin (RSA)

#read a key from authorized key file
[root@server01 .ssh]# ssh-keygen -l -f authorized_keys 
2048 87:7a:4d:70:d2:10:a4:4b:b7:e1:2b:7c:77:92:25:04 authorized_keys (RSA)

tuxfight3r

##TCP FLAGS##

Unskilled Attackers Pester Real Security Folks
==============================================
                     TCPDUMP FLAGS
Unskilled =  URG  =  (Not Displayed in Flag Field, Displayed elsewhere) 
Attackers =  ACK  =  (Not Displayed in Flag Field, Displayed elsewhere)
Pester    =  PSH  =  [P] (Push Data)
Real      =  RST  =  [R] (Reset Connection)
Security  =  SYN  =  [S] (Start Connection)

tuxfight3r

#!/usr/bin/python

import socket	#for sockets
import sys	#for exit

try:
	#create an AF_INET, STREAM socket (TCP)
	s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
except socket.error, msg:
	print 'Failed to create socket. Error code: ' + str(msg[0]) + ' , Error message : ' + msg[1]

tuxfight3r

VIM KEYBOARD SHORTCUTS

MOVEMENT

h        -   Move left
j        -   Move down
k        -   Move up
l        -   Move right
$        -   Move to end of line
0        -   Move to beginning of line (including whitespace)

tuxfight3r

letsencrypt cert tricks

# create free lets encrypt certs
certbot certonly --standalone --preferred-challenges http -d demo.cdn.cluster1.time.net

# Useful links:
https://certbot.eff.org/all-instructions