tuxfight3r

Bash Shortcuts

Moving

command	description
ctrl + a	Goto BEGINNING of command line

tuxfight3r

##TCP FLAGS##

Unskilled Attackers Pester Real Security Folks
==============================================
                     TCPDUMP FLAGS
Unskilled =  URG  =  (Not Displayed in Flag Field, Displayed elsewhere) 
Attackers =  ACK  =  (Not Displayed in Flag Field, Displayed elsewhere)
Pester    =  PSH  =  [P] (Push Data)
Real      =  RST  =  [R] (Reset Connection)
Security  =  SYN  =  [S] (Start Connection)

tuxfight3r

#!/bin/bash -x
#Date: 21/7/2017
#Author: Mohan
#Purpose: To upload files to AWS S3 via Curl
#Uploads file at the top level folder by default


#S3 parameters
S3KEY="XXXXXXXXXXX"
S3SECRET="XXXXXXXXXXXXXXXX"

tuxfight3r

#Read multiple keys from an authorized_keys file and print the finger print

[root@server01 .ssh]# while read line; do ssh-keygen -l -f /dev/stdin <<< $line; done < authorized_keys 
2048 87:7a:4d:70:d2:10:a4:4b:b7:e1:2b:7c:77:92:25:04 /dev/stdin (RSA)
2048 7d:f0:89:94:00:09:bc:70:46:59:8d:9a:70:3b:ac:70 /dev/stdin (RSA)
2048 61:63:ee:0d:f6:d2:d8:d6:ae:37:0c:35:ae:da:51:6a /dev/stdin (RSA)

#read a key from authorized key file
[root@server01 .ssh]# ssh-keygen -l -f authorized_keys 
2048 87:7a:4d:70:d2:10:a4:4b:b7:e1:2b:7c:77:92:25:04 authorized_keys (RSA)

tuxfight3r

VIM KEYBOARD SHORTCUTS

MOVEMENT

h        -   Move left
j        -   Move down
k        -   Move up
l        -   Move right
$        -   Move to end of line
0        -   Move to beginning of line (including whitespace)

tuxfight3r

#file /etc/sysconfig/slapd
# OpenLDAP server configuration
# see 'man slapd' for additional information

# Where the server will run (-h option)
# - ldapi:/// is required for on-the-fly configuration using client tools
#   (use SASL with EXTERNAL mechanism for authentication)
# - default: ldapi:/// ldap:///
# - example: ldapi:/// ldap://127.0.0.1/ ldap://10.0.0.1:1389/ ldaps:///
SLAPD_URLS="ldap:/// ldaps:///"

tuxfight3r

#!/bin/bash

PUBLIC_IP4_IFACE=eth2
LISTEN_IFACE=${PUBLIC_IP4_IFACE}

listen_address=$(ip -f inet addr show dev ${LISTEN_IFACE} | grep -Po 'inet \K[\d.]+')
listen_port=${1}
target_host=${2}
target_port=${3}

tuxfight3r

#To Decrypt Jenkins Password from credentials.xml
#<username>jenkins</username>
#<passphrase>your-sercret-hash-S0SKVKUuFfUfrY3UhhUC3J</passphrase>


#go to the jenkins url 
http://jenkins-host/script

#In the console paste the script
hashed_pw='your-sercret-hash-S0SKVKUuFfUfrY3UhhUC3J'

tuxfight3r

#log all your bash command to syslog
function log2syslog
{
   declare COMMAND
   COMMAND=$(fc -ln -0)
   logger -p local1.notice -t bash -i -- "${USER}:${COMMAND}"
}
trap log2syslog DEBUG

#moredetails can be found here

tuxfight3r

[root@testserver01 ~]# tcpdump -lenx -s 1500 port bootps or port bootpc | dhcpdump
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 1500 bytes
 
TCPdump 3.8.x output
  TIME: 15:54:23.478149
    IP: > (00:50:56:94:00:01) >  (Broadcast)
    OP: 1 (BOOTPREQUEST)
 HTYPE: 1 (Ethernet)
  HLEN: 6