This Week’s Recap

This week was fairly light compared to last week (I really wanted to finish Spoofing Youtube For Fun And Profit: An Examination Of Punycode For Phishing). The most important thing I did this week was probably begin my masters program! Other than I’m planning on getting some of the backlog of blogs I’ve half written out the door at some point soon so be on the lookout for those.

1/31/2022

2/1/2022

  • Completed new student orientation for my masters SANS.
    • The new student orientation was much more informative than any college class I’ve ever taken. It answered all of my questions I had going into the program.
  • Its looking like the first class I’ll be taking is the GAIC Certified incident handler (GCIH)
    • Very excited to start this, will probably do a separate roundup at the end of each “block” to give my thoughts on the program.

2/2/2022

  • Heard back from Google that they did indeed want the domain used in Spoofing Youtube For Fun And Profit: An Examination Of Punycode For Phishing.
  • Went through the process to start transferring the the domain.
    • This is not something I’ve done before but it is fairly easy. Essentially you login to your registrar (route53), disable privacy guard, allow the domain to be transferred and wait a week

2/3/2022

  • Switched up my I3 workflow to include stacking mode
    • I3 Is a tiling window manager for Linux that allows you to do all window management via the keyboard. This is extremely efficient.
  • Stacking mode allows you to stack windows vertically and access them by pressing alt + j or alt + d. This way you can have multiple full screen applications without having to switch workspaces.
  • I might do a blog on I3 and detail my workflow after using it for about two years.

2/4/2022

  • Set up a remote VM for opening documents I don’t fully trust.
    • Ended up installing XFCE on a small EC2 instance that I can easily deploy whenever someone wants me to review their resume or has some other file they want me to open. Paranoid? Probably.
  • Started listening to Cult of the Dead Cow again. Started this last year but never finished it for some reason
  • Started creating my own enumeration scripts. Not nearly as useful as something such as linpeas, but satisfying to create your own.
    • I’ll post the full scripts on github when I’m done, but here is a quick sample
#! /bin/bash

# Frontmatter 
black='\033[0;30m'        # Black
red='\033[0;31m'          # Red
green='\033[0;32m'        # Green
yellow='\033[0;33m'       # Yellow
blue='\033[0;34m'         # Blue
purple='\033[0;35m'       # Purple
cyan='\033[0;36m'         # Cyan
white='\033[0;37m'        # White
nocolor='\033[0m'         # Text Reset
blink='\E[5m'             # Blink
halfline="${green}------------------${nocolor}"
newline="${green}------------------------------------${nocolor}"

# Get Arguments
while getopts ":a:" opt; do
    case $opt in
        a)
            echo -e ${red}${blink}"All Scripts are going to be run when enumeration is finished...${nocolor}"
            sleep 5 
            all=1
            ;;
        \?)
            echo "Invalid options: -$OPTARG" >&2
            exit 1
            ;;
        :)
            echo "Option -$OPTARG requires an argument." >&2
            exit 1
            ;;
        esac
done



clear
# Grab basic system info
echo -e $halfline${purple} Grabbing basic system info $halfline
echo -e "${green}> whoami${nocolor}"
whoami

echo -e "${green}> Who is logged in?${nocolor}"
w

echo -e "${green}> Last 10 logins${nocolor}"
last -n 10 | sed '/^wtmp/d' | sed '/^[[:space:]]*$/d'

echo -e "${green}> System information${nocolor}"
lsb_release -a 2>/dev/null

echo -e "${green}> IP Information${nocolor}"
ip a | egrep -A3 "^[0-9]" | awk {'print $2'}

# Check history
echo -e "${green}> Last 10 zsh commands${nocolor}"
cat ~/.zsh_history| tail -n 10 | cut -d\; -f2

        echo -e "${green}> Last 10 bash commands${nocolor}"
        cat ~/.bash_history | tail -n 10 

        echo -e "${green}> Checking for SSH commands in bash and ZSH history${nocolor}"
        cat ~/.zsh_history | egrep "^ssh" | cut -d\; -f3
        cat ~/.bash_history| egrep "^ssh" 

        echo -e "${green}> Got anything to hide?${nocolor}"
        cat ~/.bash_history | tail -n 100| egrep "rm "
        cat ~/.zsh_history | tail -n 100 | egrep "rm " | cut -d\; -f3

# Check users
#echo -e "${green}> Users in system${nocolor}"
#cat /etc/passwd | cut -d: -f1,7

# Enumerate folders
echo -e $halfline${purple} Getting home folders $halfline
echo -ne ${yellow} ; ls /home/ ; echo -ne ${nocolor}

echo -e "$halfline${purple} Last edited files in current user's home directory $halfline"
ls $HOME -ch -lt -r | tail -n 10

echo -e "$halfline${purple} Looking for backup files $halfline"
find / -type f -name "*.bak" 2>/dev/null

# check listening ports
echo -e $halfline${purple} "Getting ports listening (non root)" $halfline
lsof -nP -iTCP -sTCP:LISTEN

echo -e $halfline${purple} "Checking /etc/hosts" $halfline
cat /etc/hosts

# Run aggressive scripts from -a
if [[ $all -eq 1 ]]
then
            echo -e $halfline${purple}"Running ${red}ALL${purple} scripts"$halfline

fi

2/5/2022

  • Redeployed linkding after borking my previous configuration.
  • Set up a 3TB fileshare onto my homelab that I can dump stuff onto as well as share files between my Linux/Windows OSs.
  • Helped a friend with their resume and set up linkedin. Might dedicate a short blog to this because its kind of confusing to newcomers.

2/6/2022

  • Published this blog :)
  • Installed a new NIC and CPU cooler so I can actually put the side onto my server case…
  • Giving away some PPA courses for free later tonight.

Have any questions

Do you have any questions? Feel free to reach out to me on twitter. See you next Sunday. :)