AV evasion fun with ChatGPT

by on Jun.28, 2023, under Code, Posts

I’ve used chatgpt for work on some SQL queries that I had troubles with and granted it worked.

I have 0 idea if this will compile or work.. I’m sharing the idea that I’m sure is not original:




#include <stdio.h> #include <stdlib.h> void execute_shellcode() { __asm__(“mov $0xff,%eax\n\t” “inc %eax\n\t” “xor %ebx,%ebx\n\t” “mov $0xff,%edx\n\t” “inc %edx\n\t” “xor %ecx,%ecx\n\t” “int $0x80”); } int main() { void (*function_ptr)() = &execute_shellcode; function_ptr(); return 0; }

Leave a Comment :, , , more...

Portable virtual lab that fits in your pocket

by on Sep.19, 2020, under Code, Posts

USB 3.1 Flash Drive BAR Plus 256GB Titan Gray Memory & Storage - MUF-256BE4/AM | Samsung US

Storage continues to get cheaper and cheaper. Above is a picture of a SAMSUNG BAR Plus flash drive. I was able to find one used on eBay for about $30 which has 256GB storage capacity.

My goal was to have a portable Linux distro that’s persistent on a larger capacity flash drive which I can use to run virtual machines on and containers. While I’m not opposed to *BSD derivatives and even took some time to test out NomadBSD, I wanted to have an operating system that is more flexible and has more hardware support. I decided to go with Linux Mint XFCE. This means the flash drive can work in legacy bios systems and UEFI systems (provided secure boot is disabled).  To make the persistent Linux USB drive, I used this guide: .

A majority of computers for the past 20 years support virtualization. Granted, there are some rare systems that don’t support virtualization. (You can still install VirtualBox and have 32bit based guest operating systems.) My love and interest of type 1 hypervisors has lead me to experiment with hypervisors from different vendors. Linux KVM which has been around for 13 years, has become reliable and stable enough for production environments. To get Linux KVM up and running on my flash drive under Linux Mint, I simply used this tutorial: Then to get have a nice web based gui to work with Linux KVM, I installed cockpit ( ) .

The next evolution of virtualization in my humble opinion, is virtual container based systems such as Docker. While dockers and container based systems may not always be ideal or meet true isolation security requirements, docker adoption and usage has skyrocketed. One of the most useful uses that I have for docker, is when I need a quick isolated environment for testing software that isn’t permanent. Need to brush up on MariaDB programming? Awesome, spin up a docker. Have a package you need to use that installs libraries that breaks other things or even your package manager? Docker to the rescue. There are some CUI/GUI based tools that help you with docker as well if you’re not a big fan of typing commands. (Check out dockly and . Cockpit can be used for managing dockers as well.)

To install docker on my persistent flash drive, was no problem (see this guide: However, to get it up and running was a bit more of a pain on a persistent Linux Mint flash drive.  You can’t use the default storage driver, overlay2, you have to use the VFS storage driver (see ). Once you have done this, you can test docker by simply doing: docker run hello-world.

I also wanted to have secure remote access to the system running my persistent flash drive. I stumbled upon Tailscale and fell in love. Once you have tailscale up and running, you’ll have a tailscale0 interface. You can now ssh into your persistent flash drive from other places on the internet as long as you have tailscale configured on the client system. Tailscale can traverse NAT!

This persistent flash drive that I have is not without its issues. I have not been able to upgrade the kernel or upgrade to a new version of Linux Mint. Additionally, the mint user password does not persist after reboot (though the root password persists). To access ssh on my flash drive I had to enable root login for ssh, which I know is not ideal or very secure. Caveats aside, this has been a fun learning experience that I would recommend to any other computer enthusiast.


Leave a Comment :, , , , , , , , , , , , , , , , more... script

by on Apr.30, 2020, under Code, Posts

I’m a big fan of and decided to write a simple script that can be used from the command line:


cnf whois 

results: results:

All systems

apt-get install whois

apt-get install whois

[alpine.png] Alpine
apk add whois

Arch Linux
pacman -S whois

image/svg+xml Kali Linux
apt-get install whois

yum install whois

dnf install whois

brew install whois

apt-get install whois

docker run whois powered by [8]Commando

The script is available here:

It’s a quick and dirty script but it gets the job done.

Leave a Comment :, , , , , , more...

On-premise Exchange 2010 headaches

by on Sep.01, 2019, under Code, Posts

If you’ve worked in IT and have inherited other systems and networks to manage, you can definitely relate to having to work with situations that are less than ideal. Best practices can’t always be followed due to various reasons. (One main reason seems to be money related.) I am currently working with a client that has on-premise servers that are all bare metal and under-specced. We are in the process gathering information on their current setup and plan to decommission and consolidate their on-premise servers, and push them to use Office 365 instead.

I hope this post helps someone because I was having next to no luck being able to access the Exchange Management Shell. Oddly, the GUI tool worked fine, but I wanted to run powershell scripts to generate reports on the current configuration of the said Exchange server. Clicking on the powershell management shell for Exchange icon would result in:

I troubleshooted all the suggested steps suggested in the error output and everything appeared to check out fine. I then just tried using a standard powershell prompt to try to authenticate to the local exchange powershell, and started getting errors like:

[ExchServer] Connecting to remote server failed with the following error message : The WinRM client received an HTTP status code of 403 from the remote WS-Management service. For more information, see the about_Remote_Troubleshooting Help topic. + CategoryInfo : OpenError: (System.Manageme….RemoteRunspace:RemoteRunspace) [], PSRemotingTransportExc eption + FullyQualifiedErrorId : PSSessionOpenFailed

I found it curious that I was starting to get different error messages and felt like I was starting to get closer to being able to authenticate. What ended up working for me was to issue this command:

$session = new-pssession -configurationName Microsoft.Exchange -connectionuri -Authentication Kerberos -credential $credential 

You are then prompted with a gui logon prompt. Make sure to use Domain\UserName in the username field then use the proper password. Lo and behold, no errors were given and it looks like I was authenticated! To import the exchange powershell modules, issue this command:

Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010;

Again, I really hope this helps save someone a headache and time. As for the root of what’s causing the powershell management shell for Exchange icon shortcut to fail, I’m not clear. So at this point this is just a workaround.

Leave a Comment :, , , , , , , , , , , , , , , , , , more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!