Petr 7castle

A curated list of AWS resources to prepare for the AWS Certifications

A curated list of awesome AWS resources you need to prepare for the all 5 AWS Certifications. This gist will include: open source repos, blogs & blogposts, ebooks, PDF, whitepapers, video courses, free lecture, slides, sample test and many other resources.

OP: @leonardofed founder @ plainflow.

Gist Clients

Want to create a Gist from your editor, the command line, or the Services menu? Here's how.

Editor Support

Metasploit links

http://www.metasploit.com/ | Penetration Testing Software | Metasploit
http://www.darkoperator.com/installing-metasploit-in-ubunt/ | Security and Networking - Installing Metasploit in Ubuntu
https://help.ubuntu.com/community/RKhunter | RKhunter - Community Ubuntu Documentation
http://serverfault.com/questions/380587/how-to-check-if-my-root-server-was-compromised | debian squeeze - how to check if my root server was compromised - Server Fault
http://samiux.blogspot.ca/2013/05/howto-metasploit-on-ubuntu-desktop-1204.html | Samiux's Blog: HOWTO : Metasploit on Ubuntu Desktop 12.04 LTS
http://xathrya.web.id/blog/2013/07/04/easy-installing-metasploit-on-ubuntu/ | Easy Installing Metasploit on Ubuntu | Xathrya Sabertooth
http://samiux.blogspot.ca/2013/05/howto-metasploit-on-ubuntu-desktop-1204.html | Samiux's Blog: HOWTO : Metasploit on Ubuntu Desktop 12.04 LTS
http://www.offensive-security.com/metasploit-unleashed/Msfconsole | Msfconsole - Metasploit Unleashed

Why You Can't Un-Root a Compromised Machine

Let's say somebody temporarily got root access to your system, whether because you "temporarily" gave them sudo rights, they guessed your password, or any other way. Even if you can disable their original method of accessing root, there's an infinite number of dirty tricks they can use to easily get it back in the future.

While the obvious tricks are easy to spot, like adding an entry to /root/.ssh/authorized_keys, or creating a new user, potentially via running malware, or via a cron job. I recently came across a rather subtle one that doesn't require changing any code, but instead exploits a standard feature of Linux user permissions system called setuid to subtly allow them to execute a root shell from any user account from the system (including www-data, which you might not even know if compromised).

If the "setuid bit" (or flag, or permission mode) is set for executable, the operating system will run not as the cur

	#!/bin/sh
	# install needed curl package
	sudo apt install --no-install-recommends curl -y
	# install kubectl
	# https://github.com/kubernetes/minikube/issues/3437#issuecomment-449408316, maybe use https://storage.googleapis.com/minikube/releases/v0.30.0/docker-machine-driver-kvm2
	curl -Lo /tmp/kubectl https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl && \
	chmod +x /tmp/kubectl && \
	sudo mv /tmp/kubectl /usr/local/bin/kubectl
	# kubectl tab completion
	sudo sh -c 'echo "source <(kubectl completion bash)" > /etc/bash_completion.d/kubectl'

	#!/bin/bash
	## Install ISPConfig3 on Ubuntu 16.04 64Bits
	## Author: Nilton OS www.linuxpro.com.br
	## https://www.howtoforge.com/tutorial/perfect-server-ubuntu-16.04-with-apache-php-myqsl-pureftpd-bind-postfix-doveot-and-ispconfig/
	## Version 0.5


	## Set lang en_US UTF8
	## echo 'LC_ALL="en_US.utf8"' >>/etc/environment

	server {
	listen 80;
	server_name cloud.sjchen.net;
	return 301 https://$server_name$request_uri; # enforce https
	}

	server {
	server_name cloud.sjchen.net;
	root /srv/owncloud;

	#!/usr/bin/perl -w

	use constant {
	TIMEZONE => 'Europe/Amsterdam'
	};

	use strict;
	use PVE::API2Client;
	use PVE::AccessControl;
	use PVE::INotify;

	#!/bin/bash

	set -eo pipefail

	VMID=200

	cpu_tasks() {
	expect <<EOF \| sed -n 's/^.* CPU .thread_id=\(.\)$/\1/p' \| tr -d '\r' \|\| true
	spawn qm monitor $VMID
	expect ">"

	FROM alpine

	COPY configure-node.sh configure-node.sh

	CMD ["/bin/sh", "configure-node.sh"]