Various

ASCII Table

[ source : http://www.asciitable.com ]

alt text

US Keyboard

[ source :https://fr.wikipedia.org/wiki/QWERTY#/media/File:KB_USA-standard.svg ]

alt text

Fix captive portal issue

When the device not trigger the portal webpage correctly

http://neverssl.com/

TMUX

~/.tmux.conf

Replace prefix CTRL+B with CTRL+A

# remap prefix from 'C-b' to 'C-a'
# to go to the beginning of line CA CA
unbind C-b
set-option -g prefix C-a
bind-key C-a send-prefix

# split panes using | and -
bind v split-window -h
bind h split-window -v
unbind '"'
unbind %

# reload tmux configuration
bind r source-file ~/.tmux.conf \; display "Config Reloaded!"

# switch panes using Alt-arrow 
bind -n M-Left select-pane -L
bind -n M-Right select-pane -R
bind -n M-Up select-pane -U
bind -n M-Down select-pane -D

# enable mouse interaction
set -g mouse on

# don't rename windows automatically
# use "," to permanently rename title 
set-option -g allow-rename off

setw -g mode-keys vi
set -g history-limit 10000

run-shell /opt/tmux-logging

Installation of tmux-logging

git clone https://github.com/tmux-plugins/tmux-logging.git /opt/tmux-logging

shortcuts

  • Alt + . : history of paramaeters of commande

  • Zoom view : z

  • Split horizontaly / verticaly : h / v

  • VI mode

    • [ : enter in vi mode
    • in vi mode
    • space to select
    • enter to copy
    • ] to paste
  • Logging : ALT+SHIFT+P

Linux usefull commands

Show a 4-way scrollable process tree with full details

ps awwfux | less -S

Find files that have been modified in the past 60 minutes

find / -mmin 60 -type f 

Find all files larger than 20M

find / -type f -size +20M 

Find duplicate files (based on MD5 hash)

find -type f -exec md5sum '{}' ';' | sort | uniq --all-repeated=separate -w 33

Annotate tail -f with timestamps

tail -f file | while read ; do echo "$(date +%T.%N) $REPLY" ; done

Add substring in string at position

Before :

37            AAA                     ASCII adjust AL after addition
D5 0A         AAD                     ASCII adjust AX before division
D4 0A         AAM                     ASCII adjust AX after multiplication

After :

# sed -r -e 's/^.{5}/&|/' tab.txt
37   |         AAA                     ASCII adjust AL after addition
D5 0A|         AAD                     ASCII adjust AX before division
D4 0A|         AAM                     ASCII adjust AX after multiplication
3F   |         AAS                     ASCII adjust AL after subtraction

Add string at the begining of the line

Before :

37            AAA                     ASCII adjust AL after addition
D5 0A         AAD                     ASCII adjust AX before division
D4 0A         AAM                     ASCII adjust AX after multiplication

After :

# sed 's/^/| /' tab.txt
| 37            AAA                     ASCII adjust AL after addition
| D5 0A         AAD                     ASCII adjust AX before division
| D4 0A         AAM                     ASCII adjust AX after multiplication

Convert dos line ending file (/bin/sh^M : bad interpreter)

sed -i -e ‘s/\r$//’ script_name

RDP on Kali

apt-get install xrdp 
service xrdp start
service xrdp-sesman start
update-rc.d xrdp enable
apt-get remove gnome-core
apt-get install lxde-core lxde kali-defaults kali-root-login desktop-base
update-alternatives --config x-session-manager (select startlxde)

Using dynamic mount with autofs

sudo apt install autofs cifs-utils 

in /etc/auto.master add

/mount/nas   /etc/auto.nas --timeout 300 --ghost 
  • timeout 300 after 300 seconds the share is unmount
  • ghost the directory is prevent even though the mount is not up

or create a dedicated config file in /etc/auto.master.d

in /etc/auto.nas add

commun  -fstype=cifs,rw,uid=1000,gid=1000,credentials=/home/username/.autofs_creds ://x.x.x.x/commun
  • commun : name of the mount point so we have /mount/nas/commun
  • uid / gid : id of account use to mount the share

in /home/username/.autofs_creds add

username=nas-user
password=nas-password
domain=WORKGROUP

protect the configuration

chmod 600 /home/eric/.autofs_creds
sudo chmod 0644 /etc/auto.nas

Restart :

systemctl restart autofs

To debug :

sudo automount -f -v -d

Screenshot a region and save to a file

gnome-screenshot -a -f /tmp/$(date +%F_%H%M_%S).png 

Remote TCPDump

ssh user@x.x.x.x "/usr/bin/tcpdump -i lo -U -s0 -w - 'not port 22'" | wireshark -k -i -

Certs

PEM Format

Base64 format ("—– BEGIN XXX —– " & " —– END XXX —– “) Extensions : .crt, .cer, .pem, .key

DER Format

Binary format Mainly use for java applications.

Extensions : .cer .der & .key

P7B / PKCS7

Base 64 format Extensions : .p7b & .p7c

Only for public part of certificates and authorithies Mainly use for Microsoft & Java applications

P12 / PFX

Ciphered binary format AllInOne : store everything authorithies, certificates, private keys Extensions : .p12 & .pfx

Mainly use for Microsoft & Java applications

Java Key Store

Like P12 but without authorithies

Work with two files : -JKS (private key and certificate) -trustore with authorities

Extensions : .jks (use with keytool)

Generate RSA key

openssl genrsa -out www.exemple.com.key 2048

Generate certificate request (CSR) without providing private key

openssl req -sha256 -nodes -newkey rsa:2048 -keyout www.example.com.key -out www.example.com.csr

Generate certificate request (CSR) with private key provided

openssl req -new -sha256 -key www.example.com.key -out www.example.com.csr 

Generate certificate request (CSR) with existing certificate

openssl x509 -x509toreq -in www.example.com.crt -out www.example.com.csr -signkey www.example.com.key

Generate self signed certificate

openssl req -x509 -newkey rsa:2048 -nodes -keyout www.example.com.key -out www.example.com.crt -days 365```

Display CSR informations

openssl req -text -noout -verify -in CSR.csr

Display private key informations

openssl rsa -noout -text -check -in www.example.com.key

Display certificate informations

openssl x509 -in certificate.crt -text -noout

Display public key of a certificate :

penssl x509 -in example.crt -pubkey -noout

Display P12 informations

openssl pkcs12 -info -in KEYSTORE.p12

Display and check certificates on server

penssl s_client -connect www.example.com:443

Check CSR/clé/certificat with modulus hash

openssl x509 -noout -modulus www.example.com.crt | openssl sha256
openssl req -noout -modulus www.example.com.csr | openssl sha256
openssl rsa -noout -modulus www.example.com.key | openssl sha256

Convert PEM to P12

openssl pkcs12 –export –inkey privateKeyFile –in certificateFile –certfile certificateChainFile –out pfxFile.pfx

Key and PEM certificat in one file

cat cert.crt my_key.key > my_pem.pem

Export certificate from p12/pfx data

openssl pkcs12 -in myFile.pfx -out certificate.crt –nokeys
Extract key from PKCS8
openssl pkcs12 –in myFile.pfx -out key.key -nocerts –nodes

Convert private PKCS8 to PKCS1 (RSA)

openssl rsa -in key.key -out key2.key

Convert private DER key to PEM

openssl rsa -inform der -in mykey_der.der -out key_pem.key

Convert private key from PEM to DER

openssl rsa -inform PEM -outform der -in myKey.key -out myKey.der

Convert from certificat DER vers PEM

openssl x509 -inform der -in certder.cer -out certificateName.crt

Convert from certificat PEM to DER

openssl x509 -outform der -in certificatpem.crt -out certificatder.cer

Convert P7B to PEM

openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer

Convert P7B to PFX

openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer
openssl pkcs12 -export -in certificate.cer -inkey privateKey.key -out certificate.pfx -certfile CACert.cer  

JKS creation

keytool -importkeystore -destkeystore myJks.jks -srckeystore votrep12.p12 -srcstoretype pkcs12

Create & import certificate / private key in pem format (.crt/.key) in JKS

cat myCert.cert myKey.key > nom_du_pem.pem
keytool -import -trustcacerts -alias myAlias -file myPem.pem -keystore myJks.jks

Create / import CA in JKS truststore

keytool -import -alias myCertAlias -keystore myTrustStore.jks -file CA_ROOT.crt
keytool -import -alias myCertAlias -keystore myTrustStore.jks -file CA_INT.crt

Display public certificates of JKS truststore

keytool -list -rfc -keystore myTrustStore.jks -storepass jksPassword

ECC

ECC vs RSA

RSA (bits) ECC equivalent (bits) 1024 163 2048 224 3072 256 7680 384 15360+ 571

List available curves

openssl ecparam -list_curves

Generate private key

openssl ecparam -genkey -name prime256v1 -out net-sec.key

Display public key

openssl ec -in net-sec.key -pubout

generate CSR

openssl req -new -sha256 -key net-sec.key -nodes -out net-sec.csr

Generate from CSR

openssl req -x509 -sha256 -days 365 -key net-sec.key -in net-sec.csr -out net-sec.crt

Display public key of certificates

openssl x509 -in example.crt -pubkey -noout

Get powershell prompt

powershell-ntlm is built based on Microsoft’s official Centos-7 w/ Powershell image.

docker run -it quickbreach/powershell-ntlm
══════════════════════════════════════════

-------------8<-------------
PowerShell 6.1.1
Copyright (c) Microsoft Corporation. All rights reserved.

https://aka.ms/pscore6-docs
Type 'help' to get help.

PS /> 

Generate syslog entry

echo "<30>1 2019-10-11T22:11:45.013Z mysource.example.com su - ID17 - The syslog entry" | nc -u -v -w 0 syslog 514  

Windows

list of all products installed

>wmic product get name,version

Detailled list of all acocunt

>wmic useraccount list full

Bios information

>wmic bios get name,serialnumber,version