This Week’s Recap

This week was fairly light compared to last week (I really wanted to finish Spoofing Youtube For Fun And Profit: An Examination Of Punycode For Phishing). The most important thing I did this week was probably begin my masters program! Other than I’m planning on getting some of the backlog of blogs I’ve half written out the door at some point soon so be on the lookout for those.

1/31/2022

2/1/2022

2/2/2022

2/3/2022

2/4/2022

#! /bin/bash

# Frontmatter 
black='\033[0;30m'        # Black
red='\033[0;31m'          # Red
green='\033[0;32m'        # Green
yellow='\033[0;33m'       # Yellow
blue='\033[0;34m'         # Blue
purple='\033[0;35m'       # Purple
cyan='\033[0;36m'         # Cyan
white='\033[0;37m'        # White
nocolor='\033[0m'         # Text Reset
blink='\E[5m'             # Blink
halfline="${green}------------------${nocolor}"
newline="${green}------------------------------------${nocolor}"

# Get Arguments
while getopts "🅰️" opt; do
    case $opt in
        a)
            echo -e ${red}${blink}"All Scripts are going to be run when enumeration is finished...${nocolor}"
            sleep 5 
            all=1
            ;;
        \?)
            echo "Invalid options: -$OPTARG" >&2
            exit 1
            ;;
        :)
            echo "Option -$OPTARG requires an argument." >&2
            exit 1
            ;;
        esac
done



clear
# Grab basic system info
echo -e $halfline${purple} Grabbing basic system info $halfline
echo -e "${green}> whoami${nocolor}"
whoami

echo -e "${green}> Who is logged in?${nocolor}"
w

echo -e "${green}> Last 10 logins${nocolor}"
last -n 10 | sed '/^wtmp/d' | sed '/^[[:space:]]*$/d'

echo -e "${green}> System information${nocolor}"
lsb_release -a 2>/dev/null

echo -e "${green}> IP Information${nocolor}"
ip a | egrep -A3 "^[0-9]" | awk {'print $2'}

# Check history
echo -e "${green}> Last 10 zsh commands${nocolor}"
cat ~/.zsh_history| tail -n 10 | cut -d\; -f2

        echo -e "${green}> Last 10 bash commands${nocolor}"
        cat ~/.bash_history | tail -n 10 

        echo -e "${green}> Checking for SSH commands in bash and ZSH history${nocolor}"
        cat ~/.zsh_history | egrep "^ssh" | cut -d\; -f3
        cat ~/.bash_history| egrep "^ssh" 

        echo -e "${green}> Got anything to hide?${nocolor}"
        cat ~/.bash_history | tail -n 100| egrep "rm "
        cat ~/.zsh_history | tail -n 100 | egrep "rm " | cut -d\; -f3

# Check users
#echo -e "${green}> Users in system${nocolor}"
#cat /etc/passwd | cut -d: -f1,7

# Enumerate folders
echo -e $halfline${purple} Getting home folders $halfline
echo -ne ${yellow} ; ls /home/ ; echo -ne ${nocolor}

echo -e "$halfline${purple} Last edited files in current user's home directory $halfline"
ls $HOME -ch -lt -r | tail -n 10

echo -e "$halfline${purple} Looking for backup files $halfline"
find / -type f -name "*.bak" 2>/dev/null

# check listening ports
echo -e $halfline${purple} "Getting ports listening (non root)" $halfline
lsof -nP -iTCP -sTCP:LISTEN

echo -e $halfline${purple} "Checking /etc/hosts" $halfline
cat /etc/hosts

# Run aggressive scripts from -a
if [[ $all -eq 1 ]]
then
            echo -e $halfline${purple}"Running ${red}ALL${purple} scripts"$halfline

fi

2/5/2022

2/6/2022

Have any questions

Do you have any questions? Feel free to reach out to me on twitter. See you next Sunday. :)