From 2203043549a278cd4e4ac04a0a4ba0218474a7e3 Mon Sep 17 00:00:00 2001 From: 51x Date: Mon, 23 Jan 2017 21:39:03 +0100 Subject: [PATCH] Notes and small fixes, improvements in n function. --- .../.ptz/v3das/communication_xmpp_mcabber.txt | 42 ++++++++++++ .../.ptz/v3das/linux_chroot_grub_install.txt | 12 ++++ .../linux_iptables_workstation_example.txt | 21 ++++++ .../.ptz/v3das/linux_luks_pendrive.txt | 23 +++++++ .../.ptz/v3das/linux_zfs_debian7.txt | 64 +++++++++++++++++++ profile_files/.zsh/pentest_functions.zsh | 5 +- 6 files changed, 165 insertions(+), 2 deletions(-) create mode 100644 profile_files/.ptz/v3das/communication_xmpp_mcabber.txt create mode 100644 profile_files/.ptz/v3das/linux_chroot_grub_install.txt create mode 100644 profile_files/.ptz/v3das/linux_iptables_workstation_example.txt create mode 100644 profile_files/.ptz/v3das/linux_luks_pendrive.txt create mode 100644 profile_files/.ptz/v3das/linux_zfs_debian7.txt diff --git a/profile_files/.ptz/v3das/communication_xmpp_mcabber.txt b/profile_files/.ptz/v3das/communication_xmpp_mcabber.txt new file mode 100644 index 0000000..8bb9aa9 --- /dev/null +++ b/profile_files/.ptz/v3das/communication_xmpp_mcabber.txt @@ -0,0 +1,42 @@ +# mcabber is a great command line client to use for chat (XMPP) with authentication and encrytpion (OTR). + +# The following comments and commands will help you to install and use it. + +# Register your account +# Go to jit.si for example + +# Create directory for mcabber config and OTR +mkdir -p .mcabber/otr + +# Copy the sample configuration files +cp /usr/share/doc/mcabber/examples/mcabberrc.example.gz ~/. + +# If the files does not exist, the path may be different. +# Like "/usr/share/doc/mcabber/mcabberrc.example" + +# Unzip the configuration file and rename it +gunzip mcabberrc.example.gz +mv mcabberrc.example.gz .mcabberrc + +# Correct the priviliges if needed +chmod 700 .mcabber/ -R +chmod 700 .mcabberrc + +# Edit your configuration with the following settings: +vim .mcabberrc + set jid = testuser@jit.si + set otr = 1 + +# Start mcabber and login with the account you have registered +mcabber + +# Basic commands +/add user@jit.si # Request someone for chat +/event 1 accept # To accept a request + +# Using OTR +# It's recommended to add OTR by default policy to your config files +/otr key # Show your fingerprint +/otr fingerprint . "AAAA AAAA AAAA ...." # Trust someon's fingerprint +/otr fingerprint # Show fingerprints you have +/otr start # Start a conversation with OTR diff --git a/profile_files/.ptz/v3das/linux_chroot_grub_install.txt b/profile_files/.ptz/v3das/linux_chroot_grub_install.txt new file mode 100644 index 0000000..5763bbf --- /dev/null +++ b/profile_files/.ptz/v3das/linux_chroot_grub_install.txt @@ -0,0 +1,12 @@ + +# Start a live image, then reinstall grub. + +fdisk -l +mount /dev/sda2 /mnt/ +mount -t proc none /mnt/proc +mount -o bind /dev /mnt/dev +mount -t sysfs sys /mnt/sys +chroot /mnt/ /bin/bash +update-grub +/usr/sbin/grub-install --recheck --no-floppy /dev/sda +sync & reboot diff --git a/profile_files/.ptz/v3das/linux_iptables_workstation_example.txt b/profile_files/.ptz/v3das/linux_iptables_workstation_example.txt new file mode 100644 index 0000000..738e9b0 --- /dev/null +++ b/profile_files/.ptz/v3das/linux_iptables_workstation_example.txt @@ -0,0 +1,21 @@ +#!/bin/bash +# Example iptables for workstation + +IPT=/sbin/iptables +$IPT -F + +#Policies +$IPT -P OUTPUT ACCEPT +$IPT -P INPUT DROP +$IPT -P FORWARD DROP + +#Allow IN for services +$IPT -A INPUT --in-interface lo -j ACCEPT + +#Allow response +$IPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT + +# Block ipv6, sorry lazy to set path, its a note :) +ip6tables -P INPUT DROP 2>/dev/null +ip6tables -P FORWARD DROP 2>/dev/null +ip6tables -P OUTPUT DROP 2>/dev/null diff --git a/profile_files/.ptz/v3das/linux_luks_pendrive.txt b/profile_files/.ptz/v3das/linux_luks_pendrive.txt new file mode 100644 index 0000000..f610c9e --- /dev/null +++ b/profile_files/.ptz/v3das/linux_luks_pendrive.txt @@ -0,0 +1,23 @@ +# CryptSetup for pendrive example + +# Creation, make sure no CBC is used anymore! +cryptsetup -c aes -s 256 luksFormat /dev/sdb2 +cryptsetup luksDump /dev/sdb2 # To check it! + +cryptsetup luksOpen /dev/sde usb1 +mkfs.vfat /dev/mapper/usb1 -n "usb1" + +# Troubleshoot if needed +dmsetup ls +dmsetup ls + +# Change Passphrse +cryptsetup -y luksAddKey ENCRYPTED_PARTITION +cryptsetup luksRemoveKey ENCRYPTED_PARTITION + +# Mount and unmount +cryptsetup luksOpen /dev/sdb2 usb1 +mount /dev/mapper/usb1 /mnt +umount /mnt/point + + diff --git a/profile_files/.ptz/v3das/linux_zfs_debian7.txt b/profile_files/.ptz/v3das/linux_zfs_debian7.txt new file mode 100644 index 0000000..226dad6 --- /dev/null +++ b/profile_files/.ptz/v3das/linux_zfs_debian7.txt @@ -0,0 +1,64 @@ +# How to create ZFS mirroring on Debian 7 / Old notes! + +# Information were gathered from the following sites: +# http://zfsonlinux.org/debian.html +# http://www.zfsbuild.com/2010/06/03/howto-create-mirrored-vdev-zpool/ +# http://allgood38.io/setting-up-a-basic-linux-zfs-instance.html +# https://help.ubuntu.com/community/encryptedZfs +# http://linux.arantius.com/installing-gentoo-into-a-luks-encrypted-zfs-root +# +# CheatSheet: http://lildude.co.uk/zfs-cheatsheet + +# Get ZFS On Linux debian package, install it and add their GPG key to APT +su +wget http://archive.zfsonlinux.org/debian/pool/main/z/zfsonlinux/zfsonlinux_8_all.deb +dpkg -i zfsonlinux_8_all.deb +wget http://zfsonlinux.org/4D5843EA.asc -O - | apt-key add - + +# Install ZFS using APT +apt-get update +apt-get install debian-zfs + +# Create LUKS encrypted volumes +cryptsetup luksFormat /dev/sdc +cryptsetup luksFormat /dev/sdd + +# Open luks encrypted devices - those will be mirrored +cryptsetup luksOpen /dev/sdc luk1 +cryptsetup luksOpen /dev/sdd luk2 + +# Create the mirror pool using the opened luks devices +# WARNING +# THIS DESTROYES YOUR EXISTING POOL IF YOU ALREADY HAVE ONE! +zpool create -m none -O compression=lz4 m_pool mirror luk1 luk2 +# -m mountpoint -O +# END OF CREATION +# Done! + +# The following part is required for mounting/opening our ZFS mirror. + +# Import the pool if it's not already +zpool import m_pool + +# Mount it manually +zfs set mountpoint=/mpool m_pool + +# Checks +zpool list +zpool iostat +zpool status + + +-------- + +# Finally change privileges if needed +chown -R storager:storager /mpool + +# Create ZFS filesystem +zfs create tank/testfs + + +-------- + +# Destory +zpool destroy m_pool diff --git a/profile_files/.zsh/pentest_functions.zsh b/profile_files/.zsh/pentest_functions.zsh index a06e528..41f6174 100644 --- a/profile_files/.zsh/pentest_functions.zsh +++ b/profile_files/.zsh/pentest_functions.zsh @@ -15,10 +15,11 @@ compinit zstyle ':completion:*' menu select=2 function nls { - echo "You can get help from the following topics:" + echo "\nYou can get help from the following topics:\n" for f in ~/.ptz/v3das/* ; do - echo $f | rev | cut -d'/' -f1 | rev |cut -d'.' -f1 + echo $f | rev | cut -d'/' -f1 | rev | cut -d'.' -f1 | egrep -v "^_n" done + echo "" }