Knowledge Base

This is a dump of things I learn as I go. This will mostly contain notes of commands that I want to be easy for me to access, and possibly not much explanation on some of them will be given. Feel free to explore though. :)


    Apache


    Configure a proxy

    Enable the http_proxy module

    # a2enmod proxy_http
    

    Create a VirtualHost, that looks somewhat like this:

    <VirtualHost *:80>
        ServerAdmin admin@gilgalab.com
        ServerName subdomain.domain.com.br
        ServerAlias subdomain.domain.com
    
        ProxyPass "/" "http://localhost/"
        ProxyPassReverse "/" "http://localhost/"
    
        <Proxy *>
            Authtype Basic
            Authname "Authentication? What's that?"
            AuthUserFile /etc/apache2/.htpasswd
            Require valid-user
        </Proxy>
    
        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel debug
    
        ErrorLog ${APACHE_LOG_DIR}/error_somedomain.log
        CustomLog ${APACHE_LOG_DIR}/access_somedomain.log combined
    </VirtualHost>
    

    Add authentication to proxied website

    Edit the website VirtualHost and add this:

    <Proxy *>
    		Authtype Basic
    		Authname "Some message here"
    		AuthUserFile /etc/apache2/.htpasswd
    		Require valid-user
    </Proxy>
    

    Then create the .htpasswd file

    # htpasswd -c /etc/apache2/.htpasswd username
    

    Restart apache

    # service apache2 restart
    

    Bash


    Movements

    ctrl-a - move the cursor to the beginning of the current line

    ctrl-e - move the cursor to the end of the current line

    alt-b - move the cursor backwards one word

    alt-f - move the cursor forward one word

    ctrl-k - delete from cursor to the end of the line

    ctrl-u - delete from cursor to the beginning of the line

    alt-d - delete the word in front of the cursor

    ctrl-w - delete the word behind of the cursor


    Docker


    These are my notes as I learn about Docker.

    In order to use the CLI, the current user needs either be root or be part of the docker group.

    Build an image

    Create a docker file, then run:

    $ docker build -t <imagename> .
    

    List images

    $ docker images
    

    Start container

    List the images and see which one you want to instantiate (means, create a container of)

    Then run:

    $ docker run -d -p 4000:80 imagename
    

    The above command creates a container from imagename. Supposing that the imagename container exposes port 80, that port will be mapped to the host’s port 4000. The -d option tells that we want to start this container in the background.

    Start remote container

    $ docker login
    $ docker run -p 4000:80 <username>/<repository>:<tag>
    

    In my case, I created the friendlyhello repository with the v1 tag in my docker cloud, so I can run:

    $ docker run -p 4000:80 typoon/friendlyhello:v1
    

    List running containers

    $ docker ps
    $ docker container ls
    

    Stop a container

    $ docker stop <id>
    

    Where <id> is taken from the list of running containers

    Upload image to Registry

    First you need an account with Docker Cloud (or you need to setup your own registry). Go to https://cloud.docker.com and create an account.

    The run:

    $ docker login
    $ docker tag <imagename> <user>/<imagename>:<tag>
    $ docker push <user>/<imagename>:<tag>
    

    For example, I have created the friendlyhello image and want to give it a tag called v1, so I use:

    $ docker tag friendlyhello typoon/friendlyhello:v1
    $ docker push typoon/friendlyhello:v1
    

    If I check the docker cloud website now, my image will be there.

    Cheat Sheet

    Create image using this directory’s Dockerfile
    $ docker build -t friendlyname .  
    
    Run “friendlyname” mapping port 4000 to 80
    $ docker run -p 4000:80 friendlyname  
    
    Same thing, but in detached mode
    $ docker run -d -p 4000:80 friendlyname         
    
    See a list of all running containers
    $ docker ps                                 
    
    Gracefully stop the specified container
    $ docker stop <hash>                     
    
    See a list of all containers, even the ones not running
    $ docker ps -a           
    
    Force shutdown of the specified container
    $ docker kill <hash>                   
    
    Remove the specified container from this machine
    $ docker rm <hash>              
    
    Remove all containers from this machine
    $$ docker rm $(docker ps -a -q)           
    
    Show all images on this machine
    $ docker images -a                               
    
    Remove the specified image from this machine
    $ docker rmi <imagename>            
    
    Remove all images from this machine
    $$ docker rmi $(docker images -q)             
    
    Log in this CLI session using your Docker credentials
    $ docker login             
    
    Tag <image> for upload to registry
    $ docker tag <image> username/repository:tag  
    
    Upload tagged image to registry
    $ docker push username/repository:tag            
    
    Run image from a registry
    $ docker run username/repository:tag                   
    

    ElasticSearch


    List indices

    GET /_cat/indices?v
    

    Search with highlights

    In order for the highlight field to return all the data in the target field, set the number_of_fragments option to 0. For example:

    GET /pastes_new/_search
    {
      "size": 1, 
      "_source": ["contents", "from_url", "date_scrapped","date_post"], 
      "query": {
        "regexp": {
          "contents": ".*whatever.*"
        }
      },
      "highlight": {
        "fields": {
          "contents": {"number_of_fragments" : 0}
        } 
      },
      "sort": [
        {
          "date_post": {
            "order": "desc"
          }
        }
      ]
    }
    

    Hacking

    Getting interactive reverse shell


    Getting interactive reverse shell

    Using python:

    python -c 'import pty; pty.spawn("/bin/bash")'
    

    Linux


    Create a RAMDISK

    mkdir /mnt/ramdisk
    mount -t ramfs -o size=512M ramfs /mnt/ramdisk
    

    Search suid files

    $ find / -perm -4000
    

    Search world-writable files

    $ find / -type f -perm -o+w
    

    Search and exec command for each file

    $ find / -iname *.c -exec grep password '{}' \;
    

    Control sound with pulseaudio

    $ pavucontrol
    

    Mount VMWare share

    $ vmhgfs-fuse .host:ShareName dest_folder/
    

    Powershell


    Download File

    powershell.exe -nologo -noprofile -command "(new-object System.Net.WebClient).Downloadfile(\"http://10.11.0.46/PSTools.zip\", \"c:\temp\PSTools.zip\")"
    

    Unzip File

    powershell.exe -nologo -noprofile -command "& { Add-Type -A 'System.IO.Compression.FileSystem'; [IO.Compression.ZipFile]::ExtractToDirectory('PSTools.zip', '.'); }"
    

    Run program as other user

    runas
    

    Download PSTools from sysinternals and use:

    psexec \\machine_name -u user -p password program.exe programargs
    

    Python


    Start webserver

    With Python 3:

    $ python3 -m http.server 8000 --bind 127.0.0.1
    

    With Python 2:

    $ python2 -m SimpleHTTPServer
    $ python2 -c 'import BaseHTTPServer as bhs, SimpleHTTPServer as shs; bhs.HTTPServer(("127.0.0.1", 8888), shs.SimpleHTTPRequestHandler).serve_forever()'
    

    Start HTTPS webserver

    # taken from http://www.piware.de/2011/01/creating-an-https-server-in-python/
    # generate server.xml with the following command:
    #    openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes
    # run as follows:
    #    python simple-https-server.py
    # then in your browser, visit:
    #    https://localhost:4443
    
    import BaseHTTPServer, SimpleHTTPServer
    import ssl
    
    httpd = BaseHTTPServer.HTTPServer(('localhost', 4443),
    SimpleHTTPServer.SimpleHTTPRequestHandler)
    httpd.socket = ssl.wrap_socket (httpd.socket, certfile='./server.pem',
    server_side=True)
    httpd.serve_forever()
    

    Start FTP server

    $ sudo apt-get install python-pyftpdlib
    $ python -m pyftpdlib -p 21
    

    Prettify JSON

    $ cat file.json | python -m json.tool
    

    Vim


    Arduino plugin

    Arduino plugin works only on .ino files

    Compile and upload

    <leader>au
    

    Select board

    <leader>ab