WRITING A SIMPLE ROOTKIT FOR LINUX | |
Author: Ormi <[email protected]> | |
Website: http://black-coders.net | |
In this article, I'll describe how to write a simple rootkit for linux. However, to understand this article, you must know how to write | |
linux kernel modules. If you don't know, you can read my article: http://black-coders.net/articles/linux/linux-kernel-modules.php | |
What is a rootkit? When you break into sb's system you will probably want to be able to "come back" there after some time. When you install | |
a rootkit in that system you will be able to get administrator privileges whenever you want. Good rootkits can hide in compromised system, |
rule MinerGate | |
{ | |
strings: | |
$a1 = "minergate.com" | |
condition: | |
$a1 | |
} | |
rule MoneroOrg | |
{ |
# ssh -R 80:localhost:3000 serveo.net | |
# localtunnel.me | |
# usage: "lt --p <port#>" | |
# >> tunnel: https://E4tmy4ss.localtunnel.me | |
# usage: "lt -s domane -p <port#>s" | |
# >> tunnel: https://domane.localtunnel.me |
#!/usr/bin/env bash | |
# https://developers.supportbee.com/blog/setting-up-cucumber-to-run-with-Chrome-on-Linux/ | |
# https://gist.github.com/curtismcmullan/7be1a8c1c841a9d8db2c | |
# http://stackoverflow.com/questions/10792403/how-do-i-get-chrome-working-with-selenium-using-php-webdriver | |
# http://stackoverflow.com/questions/26133486/how-to-specify-binary-path-for-remote-chromedriver-in-codeception | |
# http://stackoverflow.com/questions/40262682/how-to-run-selenium-3-x-with-chrome-driver-through-terminal | |
# http://askubuntu.com/questions/760085/how-do-you-install-google-chrome-on-ubuntu-16-04 | |
# Versions | |
CHROME_DRIVER_VERSION=`curl -sS chromedriver.storage.googleapis.com/LATEST_RELEASE` |
##Domain
We need some records on our domain (mydomain.com) DNS for connections. Add these records:
t1 IN NS t1ns.mydomain.com. ; note final the dot!
t1ns IN A OUR_SERVER_IP
##Server
GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.
You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.
$ python githubcloner.py --org organization -o /tmp/output
Format: <type>(<scope>): <subject> | |
<scope> is optional | |
Example | |
feat: add hat wobble | |
^--^ ^------------^ | |
| | | |
| +-> Summary in present tense. | |
| |
AWS Lambda Limits | |
AWS Lambda limits the amount of compute and storage resources that you can use to run and store functions. | |
The following limits apply per-region and can be increased. To request an increase, use the Support Center console. | |
Resource Default Limit | |
Concurrent executions: 1000 | |
Function and layer storage: 75 GB | |
For details on how Lambda scales your function concurrency in response to traffic, see Understanding Scaling Behavior. |
PGPASSWORD="" pg_dump --no-owner --no-privileges -h rds-01.us-east-1.rds.amazonaws.com -U root -d oldDB --schema public \ | |
| PGPASSWORD="" psql -x -q -U admin -h rds-01.cluster.us-east-1.rds.amazonaws.com newDB; |