Skip to content

Instantly share code, notes, and snippets.

@santaklouse

santaklouse/.bashrc

Created September 15, 2021 19:46
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save santaklouse/fc09c798e3f57eeedaa3e931e9013c4f to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save santaklouse/fc09c798e3f57eeedaa3e931e9013c4f to your computer and use it in GitHub Desktop.
Download ZIP
Useful scripts
Raw
.bashrc
#!/bin/bash
## REDACTED
alias docker_clean_images='docker rmi $(docker images -a --filter=dangling=true -q)'
alias docker_clean_ps='docker rm $(docker ps --filter=status=exited --filter=status=created -q)'
alias docker_clean_cache='docker system prune -a -f'
alias remote_mic='ssh redacted.tor "sox -G -t alsa plughw:1,0,0 -p" | sox - -G -tcoreaudio'
alias home_sound='ssh [email protected] -p 10022 "ffmpeg -f alsa -ac 1 -i hw:1 -f ogg -" | mplayer - -idle -demuxer ogg'
# MacOS analog
alias arp6='ip -6 neigh show'
alias metasploit='docker run --rm -it -p 4444:4444 -p 80:80 -p 8080:8080 -p 443:443 -p 445:445 -p 8081:8081 -v /tmp/msf:/tmp/data -v ~/tmp:/opt/tmp --entrypoint '\''/bin/bash'\'' strm/metasploit -c "$(curl -fsSL https://gist.github.com/santaklouse/8148598825f272c6eabf6f1cc30c770b/raw)"'
alias sniff_home_net_vpn='ssh [email protected] $(which tcpdump) -i br0 -U -s0 -w - "not port 22 and net not 10.8.50.0/24" | wireshark -k -i -'
alias htop+='glances'
alias htop+docker-web='docker run -d --restart="always" -p 61208-61209:61208-61209 -e GLANCES_OPT="-w" -v /var/run/docker.sock:/var/run/docker.sock:ro --pid host docker.io/nicolargo/glances'
alias htop+docker='docker run --rm -v /var/run/docker.sock:/var/run/docker.sock:ro --pid host --network host -it docker.io/nicolargo/glances'
# ps aux | save2link
# https://termbin.com/9fcg
# dev@devbook:~$ curl https://termbin.com/9fcg
alias tb="nc termbin.com 9999"
function save2link() {
if [[ -z "$1" ]]; then
tb
return 0
fi;
echo "${1}" | tb
}
function EPHEMERAL_PORT() {
LOW_BOUND=49152
RANGE=16384
while true; do
CANDIDATE=$[$LOW_BOUND + ($RANDOM % $RANGE)]
(echo "" >/dev/tcp/127.0.0.1/${CANDIDATE}) >/dev/null 2>&1
if [ $? -ne 0 ]; then
echo $CANDIDATE
break
fi
done
}
isIp() { [[ "$1" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; }
function rtfm {
curl "cheat.sh/$1 $2 $3"
}
function pgping() {
help_flags=(help -h --help)
if [[ ${help_flags[*]} =~ "$1" ]] || ([ -z "$1" ] || [ -z "$2" ]); then
echo "usage:"
echo
echo "pgping <server> <port> [<username>]"
return 0
fi
PROTOCOL_VERSION="\x00\x03\x00\x00"
COMMAND="user"
NC_TIMEOUT=3
POSTGRES_SERVER=$1
POSTGRES_PORT=$2
if [ ! -z "$3" ]; then
USERNAME=$3
else
USERNAME="username"
fi
PACKET_SIZE="\x00\x00\x00\x$(printf '%02x' $((
4 +
${#PROTOCOL_VERSION} / 4 +
${#COMMAND} +
1 +
${#USERNAME} +
2
)))"
test "$(
echo -ne "${PACKET_SIZE}${PROTOCOL_VERSION}${COMMAND}\x00${USERNAME}\x00\x00\n" |
nc -w $NC_TIMEOUT $POSTGRES_SERVER $POSTGRES_PORT 2>/dev/null | head -c1
)" == "R"
if [ $? -eq 0 ]; then
echo "health check passed"
return 0
else
echo "health check failed"
return 1
fi
}
## REDACTED
Raw
install-yubikey-pam-ubuntu.sh
#!/bin/bash
#
# This script will automate the process of installing the Yubikey PAM library
# and configure your server to use it for authentication.
#
# Rickard Andersson <[email protected]>
#
if [ ! `whoami` == "root" ]; then
echo "Please run this script as root, either log on as root or run 'sudo $0'"
exit 1
fi
LIBYUBIKEY="libyubikey-1.13"
YKPERS="ykpers-1.20.0"
YKCLIENT="ykclient-2.15"
PAM_YUBICO="pam_yubico-2.27"
clear
echo ""
echo "This script will do the following on your system: "
echo "1. Install some packages needed for the installation."
echo "2. Download libyubikey, ykpers, ykclient and pam_yubico from Google Code."
echo "3. Configure, compile and install the packages."
echo "4. Add Yubikey authentication configuration to PAM."
echo "5. Ask you if you want to enable Yubikey authentication."
echo "6. Prompt you for a Yubikey OTP and link the root account."
echo ""
echo "If you're not fine with this script performing these actions,"
echo "please press CTRL+C now to abort the installation. Otherwise press ENTER,"
echo "go find your Yubikey and we'll continue this installation together."
read continue
clear
echo "You'll have to get an API key to be able to use the Yubico authentication "
echo "service. Please visit https://upgrade.yubico.com/getapikey/ and use your "
echo "Yubikey to get a API key. You need to have one before installation can begin."
echo ""
echo -n "Please enter your Client ID obtained from the API key request site: "
read client_id
clear
echo "(1/26) ==> Installing missing ubuntu packages (if any) ... "
apt-get install -qq -y build-essential libusb-dev libcurl4-gnutls-dev libpam-dev curl > /dev/null
cd /usr/src
if [ ! -f $LIBYUBIKEY.tar.gz ]; then
echo "(2/26) ==> Downloading $LIBYUBIKEY from googlecode.com ..."
curl -s -o $LIBYUBIKEY.tar.gz https://developers.yubico.com/yubico-c/Releases/$LIBYUBIKEY.tar.gz
fi
if [ ! -d $LIBYUBIKEY ]; then
echo "(3/26) ==> Extracting archive ..."
tar zxf $LIBYUBIKEY.tar.gz
fi
cd $LIBYUBIKEY
echo "(4/26) ==> Configuring package ..."
./configure > /dev/null
echo "(5/26) ==> Compiling and installing ..."
make all install > /dev/null
cd ..
echo "(6/26) ==> Cleaning up ..."
rm -rf $LIBYUBIKEY $LIBYUBIKEY.tar.gz
if [ ! -f $YKPERS.tar.gz ]; then
echo "(7/26) ==> Downloading $YKPERS from googlecode.com ..."
curl -s -o $YKPERS.tar.gz https://developers.yubico.com/yubikey-personalization/Releases/$YKPERS.tar.gz
fi
if [ ! -d $YKPERS ]; then
echo "(8/26) ==> Extracting archive ..."
tar zxf $YKPERS.tar.gz
fi
cd $YKPERS
echo "(9/26) ==> Configuring package ..."
./configure > /dev/null
echo "(10/26) ==> Compiling and installing ..."
make all install > /dev/null
cd ..
echo "(11/26) ==> Cleaning up ..."
rm -rf $YKPERS $YKPERS.tar.gz
if [ ! -f $YKCLIENT.tar.gz ]; then
echo "(12/26) ==> Downloading $YKCLIENT from googlecode.com ..."
curl -s -o $YKCLIENT.tar.gz https://developers.yubico.com/yubico-c-client/Releases/$YKCLIENT.tar.gz
fi
if [ ! -d $YKCLIENT ]; then
echo "(13/26) ==> Extracing archive ..."
tar zxf $YKCLIENT.tar.gz
fi
cd $YKCLIENT
echo "(14/26) ==> Configuring package ..."
./configure > /dev/null
echo "(15/26) ==> Compiling and installing ..."
make all install > /dev/null
cd ..
echo "(16/26) ==> Cleaning up ..."
rm -rf $YKCLIENT $YKCLIENT.tar.gz
if [ ! -f $PAM_YUBICO.tar.gz ]; then
echo "(17/26) ==> Downloading $PAM_YUBICO from googlecode.com ..."
curl -s -o $PAM_YUBICO.tar.gz https://developers.yubico.com/yubico-pam/Releases/$PAM_YUBICO.tar.gz
fi
if [ ! -d $PAM_YUBICO ]; then
echo "(18/26) ==> Extracting archive ..."
tar zxf $PAM_YUBICO.tar.gz
fi
cd $PAM_YUBICO
echo "(19/26) ==> Configuring package ..."
./configure > /dev/null
echo "(20/26) ==> Compiling and installing ..."
make all install > /dev/null
cd ..
echo "(21/26) ==> Cleaning up ..."
rm -rf $PAM_YUBICO $PAM_YUBICO.tar.gz
echo "(22/26) ==> Linking pam modules ..."
ln -s /usr/local/lib/security/pam_yubico.la /lib/security/pam_yubico.la
ln -s /usr/local/lib/security/pam_yubico.so /lib/security/pam_yubico.so
echo "(23/26) ==> Generating config ..."
echo "Name: Yubikey authentication
Default: yes
Priority: 512
Auth-Type: Primary
Auth:
requisite pam_yubico.so id=$client_id authfile=/etc/yubikey" >> /usr/share/pam-configs/yubikey
echo "(24/26) ==> Running pam-auth-update ..."
pam-auth-update
echo -n "(25/26) ==> Please press your Yubikey to generate a OTP: "
read YUBICODE
echo "(26/26) ==> Configuring root account with your Yubikey ..."
echo "root:"`echo $YUBICODE | cut -c 1-12` > /etc/yubikey
echo ""
echo "Done!"
echo "If you choose to enable Yubikey authentication in pam-auth-update, you can"
echo "now try to sign in using your Yubikey by running the command 'login'."
echo "It's highly recommended that you try this out before you sign out, since "
echo "a misconfiguration can lead to you not being able to access your server."
echo ""
echo "If you want to sign in to your account with SSH you need to first enter "
echo "your regular password and then, without pressing enter, push the button "
echo "on your yubikey to generate an OTP. This will send your regular password "
echo "and the OTP as one password to SSH. But when signing in locally you'll "
echo "still be prompted for both the password and OTP separately."
echo ""
echo "Please note that the root account is the only account which has a Yubikey "
echo "enabled. To add more users just edit /etc/yubikey with more users and their"
echo "IDs. You really have to do this if your server doesn't permit remote logins"
echo "with the root account, so be sure to configure your regular account with"
echo "Yubkey as well, _before_ you close this session. If you run in to some kind"
echo "of trouble and want to disable authentication by yubikey, just run"
echo "'pam-auth-update' again and deselect yubikey authentication."
echo ""
echo "NOTE: The Yubikey ID is the first 12 characters of any OTP generated "
echo "by the Yubikey device."
Raw
pastebin.sh
#!/usr/bin/env bash
curl -s -F 'f:1=<-' ix.io -#
Raw
reinstall_cisco_anyconnect_vpn.sh
#!/bin/bash
echo 'Cisco AnyConnect reinstall script'
echo ''
USERID=`id -u`
# check user permissions
if [ "$USERID" -ne 0 ]
then echo "Please run as root!"
exit 1
fi
# kill vpn processes if it running
function killProc (){
echo -n "Killing $1: "
(kill -9 `pidof $1` > /dev/null 2>&1) && echo 'Done.' || echo "Process was not running."
# if pgrep "$1"; then
# (kill -9 `pidof $1` > /dev/null 2>&1) && echo "Done.";
# else
# echo "$1 not running.";
# fi
}
#(kill -9 `pidof myServer` > /dev/null 2>&1 ) || echo "Process was not running."
# kill vpn processes if it running
killProc vpnui
killProc vpnagentd
#kill -9 `pidof vpnui`
#kill -9 `pidof vpnagentd`
echo -n "Removing directories: "
rm -rf /opt/cisco/ /opt/.cisco ~/.anyconnect && echo "Done."
echo "Downloading Cisco AnyConnect install script from Google Drive: "
fileid="12gEVb4iU2kdqkFB_F4fNVndZGeESH5N4"
filename="anyconnect-linux64-4.8.03052-core-vpn-webdeploy-k9.sh"
curl -c ./cookie -s -L "https://drive.google.com/uc?export=download&id=${fileid}" > /dev/null 2>&1
curl -Lb ./cookie "https://drive.google.com/uc?export=download&confirm=`awk '/download/ {print $NF}' ./cookie`&id=${fileid}" -o ${filename}
FILE="./${filename}"
if test -f "$FILE"; then
echo "Done."
echo -n "File $FILE exists. Setting up... ";
else
echo "$FILE not exists. Exiting...";
exit 1;
fi
chmod +x ${filename}
(./${filename} > /dev/null 2>&1) && echo 'Done.'
echo -n 'Starting client: '
(/opt/cisco/anyconnect/bin/vpnui > /dev/null 2>&1 &) && echo 'Done.'
echo -n 'Cleaning up: '
rm -rf "./${filename}" && echo 'Done!'
echo 'Exiting...'
exit 0
Raw
rootkit_check.sh
#!/usr/bin/env bash
CHKR_PATH=/usr/sbin/chkrootkit
RKHUNTER_PATH=/usr/bin/rkhunter
TG_SAY_PATH=/usr/local/sbin/tg_say
TERMBIN=/usr/bin/termbin
echo "chkrootkit report: $($CHKR_PATH | $TERMBIN | $TG_SAY_PATH)"
echo "rkhunter report: $($RKHUNTER_PATH -x --sk -c | $TERMBIN | $TG_SAY_PATH)"
Raw
ssh-connection-tg-notifier.sh
#!/usr/bin/env bash
kill -9 `pidof tcpdump` > /dev/null 2>&1
function get_port() {
echo `echo $1|tr "." " "|awk '{print $5}'`;
};
TDMP_PATH=/usr/sbin/tcpdump
TGSAY_PATH=/usr/local/sbin/tg_say
$TDMP_PATH -i any -nlq 'tcp[13] == 2 and dst port 22' | while read x;
do
echo "${x}";
SRCPORT="$(get_port `echo $x|awk '{print \$3}'`)";
DSTPORT="$(get_port `echo $x|awk '{print \$5}'`)";
MSG="<b>SSH connection</b>: <i>${x}</i>"$'\n'$MSG;
PROCINFO=`netstat -a -e -W -v -n -p 2>&1 |grep -v 'support'|grep -e "$SRCPORT" -e "$DSTPORT"`;
if [ ! -z "$PROCINFO" ]; then
MSG=$MSG$'\nRelated processes:\n'$PROCINFO;
fi;
echo "$MSG"
$TGSAY_PATH "$MSG"
done
Raw
termbin.py
#!/usr/bin/python3
import sys
import os
import stat
import subprocess
content = ""
mode = os.fstat(0).st_mode
if stat.S_ISFIFO(mode):
content = sys.stdin.read()
elif stat.S_ISREG(mode):
content = sys.stdin.read()
else:
args = sys.argv[1:]
if len(args) == 1 and os.path.exists(args[0]):
with open(args[0], 'r') as infile:
content = infile.read()
else:
str_args = ' '.join(args)
content = str_args
if content != "":
if os.path.exists('/usr/bin/fpaste'):
p = subprocess.Popen(['/usr/bin/fpaste'], stdin=subprocess.PIPE)
p.communicate(content.encode("UTF-8"))
else:
p = subprocess.Popen(['nc', 'termbin.com', '9999'], stdin=subprocess.PIPE)
p.communicate(content.encode("UTF-8"))
Raw
tg_say.sh
#!/usr/bin/env bash
API_TOKEN='565769788:AAHJkFJReDaCtEdPoYCC4wo'
CHAT_ID='81706711'
if [[ -z "$CHAT_ID" ]]; then
echo 'Please, define CHAT_ID first! See "chat":{"id":xxxxxxx string below:'
wget -qO - https://api.telegram.org/bot$API_TOKEN/getUpdates
exit 1
fi
MSG="<b>$(hostname)</b>: $@";
function send_request() {
wget --progress=bar:force:noscroll -q "https://api.telegram.org/bot$API_TOKEN/sendMessage?chat_id=$CHAT_ID&parse_mode=html&text=$1" 2>&1;
if [[ ! $? -eq 0 ]]; then
echo 'Error while sending message!';
exit 1;
fi;
};
if [[ ! -z "$@" ]]; then
send_request "$MSG"
exit 0
fi;
MSG1=''
while read data; do
MSG1=$MSG1''$data
done;
send_request "$MSG $MSG1"
echo "$MSG1"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment