recentpopularlog in

whip_lash : linux   312

« earlier  
Update PoC code to try /sbin/ip if /sbin/ifconfig is not available. Tested with Ubuntu 18.04, 4.8.0-34-generic #36~16.04.1-Ubuntu and Docker 18.09.3 · GitHub
// This exploit combines exploitation of two vulnerabilities:
// - CVE-2017-18344 (OOB read in proc timers)
// - CVE-2017-1000112 (OOB write due to UFO packet fragmentation management)
// Both original exploits were written by Andrey Konovalov.
linux  kernel  privesc  privilegeescalation  pentest 
7 days ago by whip_lash
GitHub - imthenachoman/How-To-Secure-A-Linux-Server: An evolving how-to guide for securing a Linux server.
An evolving how-to guide for securing a Linux server that, hopefully, also teaches you a little about security and why it matters.
linux  server  sysadmin  hardening  security 
4 weeks ago by whip_lash
syswall: a firewall for syscalls :: Programming blog :: www.polaris64.net
Currently syswall is able to intercept all syscalls on the Linux x86_64 platform. That means that any software on this platform can already be run via syswall and it will work correctly.

syswall currently only actively handles a few syscalls however: syscalls related to file I/O. That means syswall will announce every file that the target program tries to open, read, write and close, and will ask the user's permission for each.
syscall  strace  linux 
4 weeks ago by whip_lash
Every Linux networking tool I know
Do you ever feel like there are like 50 different linux networking tools that all do different things and it’s impossible to keep track? That’s because there are about 10 billion linux networking tools. This isn’t even including web/dns servers like apache / nginx / unbound, just regular command line tools! So I made this fun poster with a super short description of each one, in the hopes that it’ll help you keep track and maybe find some new tools to learn about.
linux  network  tools 
5 weeks ago by whip_lash
Privilege Escalation in Ubuntu Linux (dirty_sock exploit) | Shenanigans Labs
In January 2019, I discovered a privilege escalation vulnerability in default installations of Ubuntu Linux. This was due to a bug in the snapd API, a default service. Any local user could exploit this vulnerability to obtain immediate root access to the system.
kernel  linux  privesc  dirty_sock  ubuntu 
5 weeks ago by whip_lash
Dotfile madness
This particular problem has been noticed and solved a long time ago with the creation of XDG Base Directory Specification. The specification defines a set of environment variables pointing programs to a directory in which their data or configuration should be stored. It is up to the user to set those variables so if the variables are not available the programs are expected to default to a directory defined by the standard and not the user's home directory.
configuration  files  linux  dotfiles 
5 weeks ago by whip_lash
DNF system upgrade - Fedora Project Wiki
dnf-plugin-system-upgrade is a plugin for the dnf package manager which handles system upgrades. It is the recommended command line upgrade method for Fedora 21 and later (Except Atomic Host And Silverblue, which uses rpm-ostree; for that see Atomic_Host_upgrade).
fedora  linux 
6 weeks ago by whip_lash
Linux Privilege Escalation – Using apt-get/apt/dpkg to abuse sudo “NOPASSWD” misconfiguration – Logan S Diomedi – lsdsecurity
There are many well known and documented attack vectors for the sudo command that exist. Please see my Useful Resources page for the Windows & Linux Privilege Escalation piece that contains a ton of helpful knowledge in this category. Today, we’re going to be using a very poorly documented feature in apt-get when a normal user is allowed to execute apt-get as a root user. Let’s dive in!
linux  privesc  privilegeescalation  sudo  pentest  security 
9 weeks ago by whip_lash
How to write a rootkit without really trying | Trail of Bits Blog
Fault injection finds bugs in places that fuzzing and conventional unit testing often won’t:

NULL dereferences caused by assuming that particular functions never fail (are you sure you always check whether getcwd(2) succeeds?) Are you sure that you’re doing better than systemd?
Memory corruption caused by unexpectedly small buffers, or disclosure caused by unexpectedly large buffers
Integer over/underflow caused by invalid or unexpected values (are you sure you’re not making incorrect assumptions about stat(2)‘s atime/mtime/ctime fields?)
linux  security  kernel  syscall 
9 weeks ago by whip_lash
GitHub - webpro/awesome-dotfiles: A curated list of dotfiles resources.
A curated list of dotfiles resources. Inspired by the awesome list thing.
bash  linux  list  shell 
9 weeks ago by whip_lash
Learn New Cloud and Linux Skills for Free - Linux Academy Blog
A free Community Membership comes with access to The DevOps Pipeline Learning Activity, and a gem starter pack of 10 gems that will help you unlock the ability to take any Learning Activity you want! You can earn more gems by completing Learning Activities, completing your profile, and referring friends.
courses  linux 
10 weeks ago by whip_lash
Introduction to systemctl
systemctl is a controlling interface and inspection tool for the widely-adopted init system and service manager systemd. This guide will cover how to use systemctl to manage systemd services, work with systemd Targets and extract meaningful information about your system’s overall state.
linux  sysadmin  systemd  reference 
10 weeks ago by whip_lash
Play With Capture The Flag: [Note] Learning KVM - implement your own Linux kernel
This post introduces how to implement a KVM-based hypervisor and a simple Linux kernel, wish it can help you know about KVM and Linux more clearly.
c  kernel  linux 
11 weeks ago by whip_lash
GitHub - linux-noah/noah: Bash on Ubuntu on macOS
Noah is a Darwin subsystem for Linux, or "Bash on Ubuntu on Mac OS X". Noah is implemented as a hypervisor that traps linux system calls and translates them into Darwin's system calls. Noah also has an interpreter of ELF files so that binary executables of Linux run directly and flawlessly without any modifications.
mac  bash  linux  virtualization 
12 weeks ago by whip_lash
22 SSH Examples, Practical Tips & Tunnels | HackerTarget.com
Practical SSH examples to take your remote system admin game to the next level. Commands and tips to not only use SSH but master ways to move around the network.
ssh  networking  linux  network  sysadmin 
12 weeks ago by whip_lash
GitHub - trimstray/the-book-of-secret-knowledge: A collection of awesome lists, manuals, blogs, hacks, one-liners, cli/web tools and more. Especially for System and Network Administrators, DevOps, Pentesters or Security Researchers.
A collection of awesome lists, manuals, blogs, hacks, one-liners, cli/web tools and more. Especially for System and Network Administrators, DevOps, Pentesters or Security Researchers.
github  linux  security  software  tools 
december 2018 by whip_lash
GitHub - cantino/mcfly: Fly through your shell history. Great Scott!
McFly replaces your default ctrl-r Bash history search with an intelligent search engine that takes into account your working directory and the context of recently executed commands. McFly's suggestions are prioritized in real time with a small neural network.

TL;DR: an upgraded ctrl-r for Bash whose history results make sense for what you're working on right now.
linux  productivity  shell 
december 2018 by whip_lash
Terminalizer - A Tool To Record Your Terminal And Generate Animated Gif Images | 2daygeek.com
Terminalizer allow users to record their terminal activity and allow them to generate animated gif images. It’s highly customizable CLI tool that user can share a link for an online player, web player for a recording file.
terminal  linux  cli  video 
october 2018 by whip_lash
Wildpwn - Unix Wildcard Attack Tool - KitPloit - PenTest Tools for your Security Arsenal ☣
Wildpwn is a Python UNIX wildcard attack tool that helps you generate attacks, based on a paper by Leon Juranic. It’s considered a fairly old-skool attack vector, but it still works quite often.
unix  exploit  linux  pentest  tool 
september 2018 by whip_lash
Samy Kamkar - pwnat: NAT to NAT client-server communication
Simply put, this is a proxy server that works behind a NAT,
even when the client is behind a different NAT, without any
3rd party or network changes.

There is no middle man, no proxy, no 3rd party,
no UPnP/STUN/ICE required, no spoofing, and no DNS tricks.
linux  networking  tool  proxy 
september 2018 by whip_lash
The pitfalls of using ssh-agent, or how to use an agent safely
I probably sound like a broken record by now, but something like ssh-ident allows you to keep different keys in different agents, easily, while loading agents and keys on demand, keep your identities separated, and easily set a timeout while reloading all keys as necessary.
linux  security  ssh 
september 2018 by whip_lash
How setting the TZ environment variable avoids thousands of system calls - Packagecloud Blog
To avoid extra system calls on server processes where you won’t be updating the timezone (or can restart processes when you do) simply set the TZ environment variable to :/etc/localtime (or some other timezone file of your choice) for a process. This will cause glibc to avoid making extra (and unnecessary) system calls.
linux  performance  sysadmin 
september 2018 by whip_lash
GitHub - trimstray/test-your-sysadmin-skills: A collection of *nix Sysadmin Test Questions and Answers for Interview/Exam (2018 Edition).
Favorite tweet:

test-your-sysadmin-skills : A collection of *nix Sysadmin Test Questions and Answers for Interview/Exam (2018 Edition) : https://t.co/XUivFZkfoj cc @trimstray

— Binni Shah (@binitamshah) September 2, 2018
linux  sysadmin  interview 
september 2018 by whip_lash
byobu.co/index.html
Byobu is a GPLv3 open source text-based window manager and terminal multiplexer. It was originally designed to provide elegant enhancements to the otherwise functional, plain, practical GNU Screen, for the Ubuntu server distribution. Byobu now includes an enhanced profiles, convenient keybindings, configuration utilities, and toggle-able system status notifications for both the GNU Screen window manager and the more modern Tmux terminal multiplexer, and works on most Linux, BSD, and Mac distributions.
linux  screen  terminal  tmux 
august 2018 by whip_lash
Python Server for PoshC2 – Nettitude Labs
Over the past six months we have been working on a Python server for PoshC2, which allows it to be run on almost any Unix or Windows based system that is capable of running Python. We have thoroughly tested the server on Kali, and Debian based Linux distributions without any issues. The server-side repository has been named ‘PoshC2_Python’ so as not to confuse it with the Windows PowerShell server version, ‘PoshC2’
c2  powershell  linux 
july 2018 by whip_lash
GTFOBins
The project collects legitimate functions of Unix binaries that can be abused to get the f**k break out restricted shells, escalate or maintain elevated privileges, transfer files, spawn bind and reverse shells, and facilitate the other post-exploitation tasks. See the full list of functions.

This was inspired by the LOLBins project for Windows.
linux  pentesting  hacking  security  shell  privesc  privilegeescalation  gtfobins 
july 2018 by whip_lash
The 101 of ELF files on Linux: Understanding and Analysis - Linux Audit
Before diving into the more technical details, it might be good to explain why an understanding of the ELF format is useful. As a starter, it helps to learn the inner workings of our operating system. When something goes wrong, we might better understand what happened (or why). Then there is the value of being able to research ELF files, especially after a security breach or discover suspicious files.
binary  elf  linux  reverseengineering 
july 2018 by whip_lash
Why you should learn just a little Awk - An Awk tutorial by Example - Gregable
To this day, 90% of the programmers I talk to have never used awk. Knowing 10% of awk's already small syntax, which you can pick up in just a few minutes, will dramatically increase your ability to quickly manipulate data in text files. Below I'll teach you the most useful stuff - not the "fundamentals", but the 5 minutes worth of practical stuff that will get you most of what I think is interesting in this little language.
awk  cli  linux  programming  reference 
june 2018 by whip_lash
Tcpdump Examples - 22 Tactical Commands | HackerTarget.com
Practical tcpdump examples to lift your network troubleshooting and security testing game.
tcpdump  networking  linux 
june 2018 by whip_lash
Clark's Blog / Shell Magic: Set Operations with uniq
I don’t know of anyone else that does this, but it’s a neat little trick for doing finding differences between lists as if they were sets. This is extremely useful when, for example, you want to find a list of things that are in list A, but not in list B. I’ve seen people use diff(1), but it really is not the right tool for the job and leads to some manual effort. uniq(1) is really the answer.
bash  linux  shell  uniq 
june 2018 by whip_lash
f0rb1dd3n/Reptile: LKM Linux rootkit
Give root to unprivileged users
Hide files and directories
Hide files contents
Hide processes
Hide himself
Hidden boot persistence
ICMP/UDP/TCP port-knocking backdoor
Full TTY/PTY shell with file transfer
Client to handle Reptile Shell
kernel  linux  security 
may 2018 by whip_lash
There Will Be — » Latacora
WireGuard is a modern, streamlined VPN protocol that Jason Donenfeld developed based on Trevor Perrin’s Noise protocol framework. Imagine a VPN with the cryptographic sophistication of Signal Protocol and you’re not far off.
linux  vpn 
may 2018 by whip_lash
Defensive BASH programming - Say what?
Here is my Katas for creating BASH programs that work. Nothing is new here, but from my experience pepole like to abuse BASH, forget computer science and create a Big ball of mud from their programs.
bash  linux  programming 
may 2018 by whip_lash
Malicious Network Traffic From /bin/bash - SANS Internet Storm Center
exec 5<> /dev/tcp/blog.rootshell.be/80
printf "GET / HTTP/1.0\nHost: blog.rootshell.be\n" >&5
cat <&5
exec 5>&-
bash  c2  networking  hacking  pentest  security  linux  postexploitation 
april 2018 by whip_lash
Why I usually run 'w' first when troubleshooting unknown machines
I've found that grepping for "accepted cert" is a great way to look for prior ssh connections (possibly for interactive logins) while discarding a bunch of other stuff that's relatively uninteresting.

Obviously, I could also use 'last' to see who's been on the box recently, but this isn't the whole story. It's totally possible to "ssh root@box /path/to/command" and never start a login shell, which then leaves no trace in the lastlog, but then goes on to break something on the box. The syslog is how you'd find this.
linux  sysadmin 
march 2018 by whip_lash
rsc/tcat: Table cat
Tcat reads the named input files, splits each line into space-separate fields, and then reprints the input aligning columns of fields.
linux  text  tool 
february 2018 by whip_lash
FOSDEM 2018 - DTrace for Linux
I would like to show some real life examples how DTrace can be used to inspect running system or as source for external telemetric system.
dtrace  linux 
february 2018 by whip_lash
Linux'izing your Windows PC into a dev machine – Part 1 | cepa.io
Prerequisites
Installing Bash on Windows (WSL)
Getting a decent terminal
Running Linux desktop apps with X server on Windows
Docker with WSL
Vagrant with WSL
LAMP stack for PHP development
MEAN stack for Node.js development
DevOps tools for Amazon AWS
Networking tools
Cygwin vs WSL
Tips & Tricks
Issues
linux  windows  wsl 
february 2018 by whip_lash
Mark J. Wielaard » Blog Archive » dtrace for linux; Oracle does the right thing
At Fosdem we had a talk on dtrace for linux in the Debugging Tools devroom.

Not explicitly mentioned in that talk, but certainly the most exciting thing, is that Oracle is doing a proper linux kernel port:
linux  dtrace  tools 
february 2018 by whip_lash
Difference Between apt and apt-get Explained
Bottom line: apt=most common used command options from apt-get and apt-cache.
debian  linux  sysadmin  ubuntu 
february 2018 by whip_lash
thefLink/HEXER: Fuzzing Suite
File format fuzzer for Windows and Linux ( in combination with ASAN ).
fuzzing  linux  vulnerability  windows  github 
february 2018 by whip_lash
My Favourite Secret Weapon – strace – zwischenzugs
strace (or its Solaris equivalents, trussdtruss is a tool that tells you which operating system (OS) calls your program is making.
debugging  linux  tools  c 
february 2018 by whip_lash
10 Tools To Add Some Spice To Your UNIX/Linux Shell Scripts - nixCraft
Creating GUI application is not an expensive task but a task that takes time and patience. Luckily, both UNIX and Linux ships with plenty of tools to write beautiful GUI scripts. The following tools are tested on FreeBSD and Linux operating systems but should work under other UNIX like operating systems.
bash  Scripting  linux  gui 
january 2018 by whip_lash
Ten Things I Wish I’d Known About bash – zwischenzugs
Here I’ve focussed on the things that either confused me or increased my power and productivity in bash significantly, and tried to communicate them (as in my book) in a way that emphasises getting the understanding right.
bash  linux  cli 
january 2018 by whip_lash
My search for a MacBook Pro alternative – Broken Window – Medium
Based on more than 100 user reviews, I could create a shortlist of 8 laptops that seemed to be solid alternatives. Based on my four requirements (Linux compatibility was a decisive factor), this list got narrowed down even further. Only three laptops survived!

THINKPAD CARBON AND XPS. LOVE MY CARBON.
laptop  linux 
january 2018 by whip_lash
How to exclude file when using scp command recursively - nixCraft
rsync av -e ssh --exclude='*.out' /path/to/source/ user@hostB:/path/to/dest/
unix  linux  cli  ssh  scp  rsync  commandline 
december 2017 by whip_lash
SSH Security and You - /bin/false is *not* security :: semicomplete.com - Jordan Sissel
Whatever sysadmin was tasked with securing these machines forgot something very important about ssh2: channels. I use them often for doing agent, x11, or port forwarding. You probably use them too, right? So what happens if we try to port forward without requesting a shell (ssh -N)? You might not have guessed that it allows you to do the requested port forward and keeps the connection alive. SSH stays connected because it never executes the shell, so it never gets told to die. Whoops!
ssh  security  shell  linux  unix 
december 2017 by whip_lash
BASH - Fix The Display and Console Gibberish on a Linux / Unix / OS X / BSD Systems - nixCraft
To clear gibberish all over the screen use the following method. This article describes how to really clear the terminal screen or reset terminal in Linux or Unix-like system.
linux  unix  display 
december 2017 by whip_lash
Kernel debugging for newbies | Alex Lambert
The kernel was consistently rejecting my requests as invalid, but I couldn’t figure out why. I read the kernel source but couldn’t figure out which requirement I’d failed. I wanted to step through the kernel-side execution in a debugger. I thought this would be straightforward, but it was much harder than I’d anticipated: it took me two full days of stumbling through others’ blog posts to figure it out. I’m writing up this experience in the hope that it helps others avoid this pain.
debugging  kernel  linux  programming 
december 2017 by whip_lash
« earlier      
per page:    204080120160

Copy this bookmark:





to read