HASHTAGSECURITY

Enumeration Service Enumerator (by Maleus) – SSH,FTP,etc. (NOXP) SubBrute (by TheRook) – Subdomain bruteforcer (NOXP) Priviledge Escalation LinuxPrivChecker.py – NOXP Checklists http://pentestmonkey.net/tools/audit/unix-privesc-check https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/

Everyonce in a while I run into problems testing new setups just to find out that a certain port just isn’t reachable from within our company network. This simple tool should make it easier to find open ports for quick testing. Note it’s not the fastest tool for huge numbers of ports (e.g. 1-65535) but…

Sticky and suid bits are quite helpfull tools when it comes to keeping the correct permissions throughout a set of folders and files. But what if you want to do more then just a fixed group or an execute-as user option? Problem: get /var/www/ to be editable by a bunch of users (group:editors), without messing…

Ansible Back to Index A random collection of commands and playbook features for Ansible. Setting SSH options Problems with -o BatchMode Fetch configs and store them on Ansible Automatically commit fetched configs to git Setting SSH options In /etc/ansible/ansible.cfg, SSH settings can be defined. # ssh arguments to use ssh_args = -o BatchMode=yes -o ForwardAgent=yes…

A random collection of commands for the linux shell Bash (and other linux commands that don’t yet have their own cheatsheet). Backup Find out where GRUB is installed Run command in screen as one-liner Sed – replace with found string IRC GIT General Bash Stuff Linux Shell Back to Index Backups **dd** RSYNC LVM Find…

Recently I installed owncloud on one of my servers. The setup went fine and all seemed good, until I noticed that the redirection after the login page was behaving somewhat strangely. But no worries – BURP to the rescue! Before we delve into this whole thing let me just say that, while I really like…

Ok, I know this has nothing to do with security and I’m just writing about typical, everyday sysadmin stuff right now. But this problem has cost me way too much time to not be sharing the solution with the world. The problem I was trying to build the owncloud sync client mirall when I noticed…

I finally found time to take a closer look at HA-Proxy. It is a high-availability load balancer and (reverse-) proxy server and fully open source. Attention: This is me testing stuff – I have not taken care of settings like no-sslv3, etc. So if you use this in production, make sure to read up on…

This is just a quick note, as I struggled with installing not MySQL 5.6 but 5.5 on Debian Wheezy. First, I already had MySQL 5.6 installed but no data was stored there, so backup wasn’t necessary Normally, this should do the trick But in my case, mylsq-server-5.5 selected mysql-common (5.6) as dependency, so I had…

On 31 Jul 2014, the cloud based login manager “Mitro” was published under the GPL on github. In this blogpost, I’ll go through the steps of setting up the server and browser extensions. The login manager Mitro has been developed by a small team based in NYC, wich was recently aquired by Twitter. Part of…