Bookmarks for 22 Apr 2016 through 23 Apr 2016

These are my links for 22 Apr 2016 through 23 Apr 2016:

  • How to use Powershell in an exploit · rapid7/metasploit-framework Wiki
    PowerShell is a scripting language developed by Microsoft. It provides API access to almost everything in a Windows platform, less detectable by countermeasures, easy to learn, therefore it is incredibly powerful for penetration testing during post exploitation, or exploit development for payload execution. Take Metasploit’s windows/smb/psexec_psh.rb module for example: it mimics the psexec utility from SysInternals, the payload is compressed and executed from the command line, which allows it to be somewhat stealthy against antivirus. There’s only less than 30 lines of code in psexec_psh.rb (excluding the metadata that describes what the module is about), because most of the work is done by the Powershell mixin, nothing is easier than that. The command line will automatically attempt to detect the architecture (x86 or x86_64) that it is being run in, as well as the payload architecture that it contains. If there is a mismatch it will spawn the correct PowerShell architecture to inject the payload into, so there is no need to worry about the architecture of the target system.
  • HOWTO use geoiplookup – Fail2ban
    You may be interested in a quick summary of the countries where the attacks come from. This document explains how to find these information.
  • IP Address Details – ipinfo.io – Simple, reliable, and affordable IP geolocation data.
  • Cryptocat – Chat with your friends, privately.Cryptocat is free software with a simple mission: everyone should be able to chat with their friends in privacy.Open source. All Cryptocat software is published transparently.
    Encrypted by default. Every message is encrypted, always.
    Forward secure. Chats can’t be decrypted even if your keys are stolen.
    Multiple devices. All devices linked to your account will receive forward secure messages, even when offline.
    File sharing. Securely share files with friends.
    Group chat. Chat with multiple buddies at once (coming soon).

A free ebook to build a NetApp ONTAP 9 Lab for free

 

I’ve received an email from Neil Anderson that point my attention to his free ebook on how to build a free NetApp.

If you’re interesting in a job in enterprise environment, NetAPP is something that you may encounter and it’s worth learning about it anyway.

NetApp Simulator Lab Guide

NetApp Simulator 9 Free eBook – How to Build Your Own NetApp Lab running ONTAP 9 Download your NetApp simulator complete lab build Free eBook here: I’ve produced a ‘How to Build a NetApp ONTAP Lab… For Free’ eBook which I’d like to share with you. In it I provide complete step-by-step instructions, with screenshots, about how to build … Continue reading

Change Password and Unlock a bunch of users in AD

As Paul Venezia has outlined in is “Nine traits of the veteran Unix admin“:

Veteran Unix admin trait No. 8: We know more about Windows than we’ll ever let on

Though we may not run Windows on our personal machines or appear to care a whit about Windows servers, we’re generally quite capable at diagnosing and fixing Windows problems. This is because we’ve had to deal with these problems when they bleed over into our territory.

so when there is to reset the (same) silly password for tens test users on Active Directory and then unlockt them, who you gonna call©?

Someone that can’t despise more powershell to write something like this:

for($i=1; $i -le 70; $i++) { 
 $silly="sillyuser$i"
 Write-Output $silly
 Set-ADAccountPassword -Identity "$silly" -Reset -NewPassword (ConvertTo-SecureString -AsPlainText 'VerySecurePassword' -Force)
 Unlock-ADAccount -identity "$silly"
}

I’m keeping track here for the next time…

Bookmarks for 26 Mar 2016 through 29 Mar 2016

These are my links for 26 Mar 2016 through 29 Mar 2016:

  • Painless Immutable Infrastructure with Ansible and AWS | Radify Blog – […] In our blog posts Reducing Infrustration and Immutable Demo Nodes, we talk about our approach to immutable infrastructure and the benefits we have seen from employing this approach. In this article, we explore a practical project example so you can get up and running with immutable infrastructure in less than an hour! […]
  • pearofducks/ansible-vim: A vim plugin for syntax highlighting Ansible’s common filetypes – A vim plugin for syntax highlighting Ansible’s common filetypes
  • Provisioning EC2 Hosts with Ansible | Allan Denot – Looking to build EC2 hosts with more consistency? Using Ansible you can easily provision EC2 hosts and put some logic on it to adjust EC2 parameters based on the type of host you are building.
    The easiest way to start is to create a playbook calling the ec2 module with the parameters you want to pass to AWS to create your host. In this post I will show a little more scalable way to do this, where the parameters are variables and you can easily have multiple types of hosts sharing the same playbook and role.