• chevron_right

      How to bypass the OpenSSL security level

      pubsub.slavino.sk / sleeplessbestie · Friday, 11 November, 2022 - 12:00 edit

    How to bypass the OpenSSL security level using curl or openssl utility to access legacy services. Inspect default OpenSSL security level. $ openssl version -f compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -Wa,--noexecstack -g -O2 -fdebug-prefix-map=/build/openssl-51ig8V/openssl-1.1.1f=. -fstack-protector-strong -Wformat -Werror=format-security -DOPENSSL_TLS_SECURITY_LEVEL=2 -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM […]

    Značky: #OpenSSL, #SecOps, #Ubuntu, #Linux

    • chevron_right

      How to execute non-executable binary

      pubsub.slavino.sk / sleeplessbestie · Wednesday, 19 October, 2022 - 11:00 edit

    Execute non-executable binary. Inspect Python version. $ python3 --version Python 3.10.6 Inspect mounted filesystem that does not permit direct execution of any binaries. $ mount /dev/sdb1 on /opt/files type ext4 (rw,nosuid,nodev,noexec,relatime,errors=remount-ro) Try to execute binary file. $ /opt/files/bin/ls bash: /opt/files/ls: Permission denied Create a simple Python script that uses os.memfd_create function which is available since […]

    Značky: #SecOps, #Ubuntu, #Linux

    • chevron_right

      How to block IP address using Dynamic Firewall Manager

      pubsub.slavino.sk / sleeplessbestie · Friday, 16 September, 2022 - 11:00 edit

    Block IP address using Dynamic Firewall Manager. Use drop zone to block a network subnet. $ sudo firewall-cmd --zone=drop --add-source=192.168.0.0/16 success Use drop zone to block multiple IP addresses. $ sudo firewall-cmd --zone=drop --add-source=172.16.0.2 --add-source=172.16.0.3 success Display dropped IP addresses. $ sudo firewall-cmd --list-sources --zone drop 192.168.0.0/16 172.16.0.2 172.16.0.3 $ sudo firewall-cmd --get-active-zones drop sources: […]

    Značky: #SecOps, #Linux, #firewalld

    • chevron_right

      How to protect Samba DNS server against DNS zone transfer

      pubsub.slavino.sk / sleeplessbestie · Thursday, 7 October, 2021 - 11:00 edit

    Debian Bullseye currently provides Samba 4.13.5. Using BIND as Samba Active Directory DNS backend opens it to the DNS zone transfer. This issue is fixed in Samba 4.15.0 and can be configured using Samba configuration option dns zone transfer clients allow, which default behavior is to deny such requests, but it is not packaged at […]

    Značky: #Bullseye, #Debian, #Linux, #SecOps, #Samba

    • chevron_right

      How to inspect mitigations for CPU vulnerabilities

      pubsub.slavino.sk / sleeplessbestie · Thursday, 23 September, 2021 - 11:00 edit

    Inspect mitigations for CPU vulnerabilities. Clone Spectre & Meltdown Checker repository to get “a shell script to assess your system’s resilience against the several transient execution CVEs that were published since early 2018, and give you guidance as to how to mitigate them”. $ git clone https://github.com/speed47/spectre-meltdown-checker.git Cloning into 'spectre-meltdown-checker'... remote: Enumerating objects: 1479, done. […]

    Značky: #SecOps, #Linux

    • chevron_right

      How to export 1Password data

      pubsub.slavino.sk / sleeplessbestie · Monday, 19 July, 2021 - 07:00 edit

    Export 1Password passwords using a command-line utility on Linux. Create and change the working directory to a location on an encrypted filesystem. Import a code signing public key for 1Password. $ gpg --keyserver keyserver.ubuntu.com --recv-keys 3FEF9748469ADBE15DA7CA80AC2D62742012EA22 gpg: key AC2D62742012EA22: public key "Code signing for 1Password " imported gpg: Total number processed: 1 gpg: imported: 1 […]

    Značky: #SecOps, #Linux