Cory Solovewicz corysolovewicz

Security Researcher | Penetration Tester | Software Engineer And Contributor to Open Source

corysolovewicz / InstalliPerfForESXiv67.txt

Created October 31, 2018 23:48

Install iPerf for ESXi v.6.7

	# download the iPerf Offline Bundle
	wget http://vibsdepot.v-front.de/depot/bundles/iperf-2.0.5-1-offline_bundle.zip

	# Copy the file up to your ESXi 6.7 server i.e. /vmfs/volumes/datastore1/ISOImages and install with the --no-sig-check option.
	esxcli software vib install -d /vmfs/volumes/datastore1/ISOImages/iperf-2.0.5-1-offline_bundle.zip --no-sig-check

	# It installs into /opt/iperf/bin
	/opt/iperf/bin/iperf

corysolovewicz / CreateBootableISOfromMacOSHighSierraInstaller.sh

Last active October 9, 2019 17:02

Create bootable ISO from macOS High Sierra Installer

	# Download macOS High Sierra Installer
	# https://itunes.apple.com/us/app/macos-high-sierra/id1246284741?ls=1&mt=12

	# create blank image and put in /tmp directory
	hdiutil create -o /tmp/HighSierra.cdr -size 5200m -layout SPUD -fs HFS+J

	# mount blank image at install_build
	hdiutil attach /tmp/HighSierra.cdr.dmg -noverify -mountpoint /Volumes/install_build

	# run the createinstallmedia on the target /Volumes/install_build

corysolovewicz / CreateBootableISOfromMacOSMojaveInstaller.sh

Last active October 9, 2019 16:58

Create bootable ISO from macOS Mojave Installer

	# https://support.apple.com/en-us/HT201372

	# download macOS Mojave
	# https://itunes.apple.com/us/app/macos-mojave/id1398502828?mt=12

	# create blank image and put in /tmp directory
	hdiutil create -o /tmp/Mojave.cdr -size 6100m -layout SPUD -fs HFS+J

	# mount blank image at install_build
	hdiutil attach /tmp/Mojave.cdr.dmg -noverify -mountpoint /Volumes/install_build

corysolovewicz / add_index_to_all_dirs.sh

Last active July 29, 2024 06:12

Recursively create an empty index.html file in all directories which currently do not have one.

	# run this command in the root web directory
	find . -type d -exec touch {}/index.html \;

corysolovewicz / aws_show_public_snapshot_images.sh

Created July 30, 2019 20:34

AWS console command to show all snapshot images which are public

ec2 describe-snapshots --no-paginate

corysolovewicz / .htaccess

Created July 31, 2019 05:27

Apache mod_rewrite to change URL mapping on the fly and protect downloadable files using access control

	RewriteEngine on
	RewriteRule ^/download/(.*)$ /download.asp?file=$1 [L]

corysolovewicz / httpd.conf

Created July 31, 2019 20:08

Denying access to C: drive with Apache Server

	# The httpd.conf is designed for user configurations.
	# You really should not edit the apache2.conf as it may be updated by future upgrades.
	# An additional option is to just put your custom configuration into /etc/apache2/conf.d,
	# all files in this directory are included as well.

	# This entry denies access to C: drive
	<Directory C:/>
	Order deny,allow
	Deny from all
	AllowOverride None

corysolovewicz / .htaccess

Created July 31, 2019 21:35

Conditional SSL using mod_rewrite in Apache

	# http://phpstarter.net/2008/07/several-htaccess-mod_rewrite-tricks-to-better-web-application/

	# any access to "secure" directory is redirected to HTTPS
	RewriteCond %{HTTPS} off
	RewriteRule ^secure/.*$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

corysolovewicz / tls_configuration_testing.sh

Created July 31, 2019 22:58

Testing for TLS Configuration Flaws - get ciphers

	# check using openssl s_client
	openssl s_client -connect <host>:443 -cipher HIGH

	# example
	openssl s_client -connect google.com:443 -cipher HIGH

	# check using nmap ssl-enum-ciphers
	nmap -sV --script ssl-enum-ciphers -p 443 <host>

	# example

corysolovewicz / sha1_hash.sh

Created August 1, 2019 00:32

Get SHA1 hash of text using openssl command


	# pipe text to openssl command
	echo -n "<text>" \| openssl sha1

	# example using the word 'password' as text
	echo -n "password" \| openssl sha1
	# (stdin)= 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8

	# check out https://hashes.org/hashlists.php