β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π΅οΈββοΈ How to display banner / message before OpenSSH authentication :
Want to display a message or banner before OpenSSH authentication (SSHD server)?
1) Try this simple trick to show an ASCII banner or logo on your Linux or Unix system.
3) OpenSSH has a built-in configuration option called Banner.
4) The contents of the specified file are sent to the remote user before authentication is allowed.
5) If the "banner" parameter is set to "no", then no banner is displayed when using the ssh command or client.
6) By default, no banner is displayed and this setting is disabled.
π¦You can also post a legal notice if required by local law.
see also:
1) How to set your banner in Metasploit
How to display banner / message before OpenSSH authentication
Log into the remote Linux and Unix server.
Edit the file / etc / ssh / sshd_config.
Add / change configuration parameter. For example: Banner / etc / ssh / my_banner
Save and close the file.
2) Make sure you create a new file called / etc / ssh / my_banner file.
Restart the sshd service. For instance:
# Linux #
sudo systemctl reload ssh.service
# FreeBSD #
sudo /etc/rc.d/sshd restart
# OpenBSD #
doas /etc/rc.d/sshd restart
3) Example banner / message file for sshd
Here is my file:
$ cat /etc/ssh/my_banner
Output:
. _____
| | / | _ ______ ____ _____ / ____ \ ___________
| \ \ / ___ // \ _ / ___ \ \ / _ \ _ \ | \
| || | \ ___ \\ ___ / \ \ ___ | | (<_>) | \ / | /
| || | / ____> \ ___> \ ___> | \ ____ / | __ | | ____ /
\ / \ / \ /
Testing
Let's test our SSH client.
4) It is a program for logging into a remote computer and for executing commands on that system.
As you know, ssh server and client provide secure encrypted communication between two untrusted hosts on an insecure network like LAN or Internet.
5) Use your favorite search engine and enter:
ASCII art
6) Another option is to use the figlet command to display large characters composed of normal screen characters.
7)We also have a toilet command that prints out text using large characters composed of smaller characters.
It is similar to a FIGlet with additional features such as Unicode handling, color fonts, filters, and various export formats.
π¦For instance:
$ figlet nixCraft
$ toilet -f mono12 -F metal itsecforu
# figlet itsecforu > /etc/ssh/my_banner
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π΅οΈββοΈ How to display banner / message before OpenSSH authentication :
Want to display a message or banner before OpenSSH authentication (SSHD server)?
1) Try this simple trick to show an ASCII banner or logo on your Linux or Unix system.
3) OpenSSH has a built-in configuration option called Banner.
4) The contents of the specified file are sent to the remote user before authentication is allowed.
5) If the "banner" parameter is set to "no", then no banner is displayed when using the ssh command or client.
6) By default, no banner is displayed and this setting is disabled.
π¦You can also post a legal notice if required by local law.
see also:
1) How to set your banner in Metasploit
How to display banner / message before OpenSSH authentication
Log into the remote Linux and Unix server.
Edit the file / etc / ssh / sshd_config.
Add / change configuration parameter. For example: Banner / etc / ssh / my_banner
Save and close the file.
2) Make sure you create a new file called / etc / ssh / my_banner file.
Restart the sshd service. For instance:
# Linux #
sudo systemctl reload ssh.service
# FreeBSD #
sudo /etc/rc.d/sshd restart
# OpenBSD #
doas /etc/rc.d/sshd restart
3) Example banner / message file for sshd
Here is my file:
$ cat /etc/ssh/my_banner
Output:
. _____
| | / | _ ______ ____ _____ / ____ \ ___________
| \ \ / ___ // \ _ / ___ \ \ / _ \ _ \ | \
| || | \ ___ \\ ___ / \ \ ___ | | (<_>) | \ / | /
| || | / ____> \ ___> \ ___> | \ ____ / | __ | | ____ /
\ / \ / \ /
Testing
Let's test our SSH client.
4) It is a program for logging into a remote computer and for executing commands on that system.
As you know, ssh server and client provide secure encrypted communication between two untrusted hosts on an insecure network like LAN or Internet.
5) Use your favorite search engine and enter:
ASCII art
6) Another option is to use the figlet command to display large characters composed of normal screen characters.
7)We also have a toilet command that prints out text using large characters composed of smaller characters.
It is similar to a FIGlet with additional features such as Unicode handling, color fonts, filters, and various export formats.
π¦For instance:
$ figlet nixCraft
$ toilet -f mono12 -F metal itsecforu
# figlet itsecforu > /etc/ssh/my_banner
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§ Parsing the / etc / shadow file :L
The / etc / shadow file stores the actual password in an encrypted format (more like a password hash) for the user account with additional properties related to the user's password.
Basically, it stores secure user account information.
All fields are separated by colons (:).
It contains one entry per line for each user specified in the / etc / passwd file.
π»π΄π 'π π π π°π π :
1) Username: This is your login name.
2) Password: This is your encrypted password. The password must be at least 8-12 characters long, including special characters, numbers, lowercase letters, etc.
Usually the password format is $ id $ salt $ hashed. $ Id is an algorithm used in GNU / Linux as follows:
$1$ this is MD5
$2a$ this is Blowfish
$2y$ this is Blowfish
$5$ it's SHA-256
$6$ this is SHA-512
3) Last change of password (last change): days since January 1, 1970, when the password was last changed.
4) Minimum: The minimum number of days required to change the password, that is, the number of days remaining before the user is allowed to change their password.
5) Maximum: The maximum number of days the password is valid (after this user is forced to change his password)
6)) Warning: The number of days before the password expires that the user is warned to change the password.
7) Inactivity: the number of days after the password expires that the account has been disabled.
8) Expiration Date: Days from January 1, 1970, when this account is disabled, that is, an absolute date indicating when the login can no longer be used.
π¦How do I change my password?
Use the following syntax to change your own password:
$ passwd
See the passwd command man page for more information.
How can I change the password for another user?
You must be root to change the password for other users:
# passwd userNameHere
or
$ sudo passwd userNameHere
How do I change or set password expiration information?
Use the chage command on Linux to change the password expiration information for a user.
The syntax is as follows (again, you must be root to set the password again):
chage username
chage [options] username
chage itsecforu
chage -l tom
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§ Parsing the / etc / shadow file :L
The / etc / shadow file stores the actual password in an encrypted format (more like a password hash) for the user account with additional properties related to the user's password.
Basically, it stores secure user account information.
All fields are separated by colons (:).
It contains one entry per line for each user specified in the / etc / passwd file.
π»π΄π 'π π π π°π π :
1) Username: This is your login name.
2) Password: This is your encrypted password. The password must be at least 8-12 characters long, including special characters, numbers, lowercase letters, etc.
Usually the password format is $ id $ salt $ hashed. $ Id is an algorithm used in GNU / Linux as follows:
$1$ this is MD5
$2a$ this is Blowfish
$2y$ this is Blowfish
$5$ it's SHA-256
$6$ this is SHA-512
3) Last change of password (last change): days since January 1, 1970, when the password was last changed.
4) Minimum: The minimum number of days required to change the password, that is, the number of days remaining before the user is allowed to change their password.
5) Maximum: The maximum number of days the password is valid (after this user is forced to change his password)
6)) Warning: The number of days before the password expires that the user is warned to change the password.
7) Inactivity: the number of days after the password expires that the account has been disabled.
8) Expiration Date: Days from January 1, 1970, when this account is disabled, that is, an absolute date indicating when the login can no longer be used.
π¦How do I change my password?
Use the following syntax to change your own password:
$ passwd
See the passwd command man page for more information.
How can I change the password for another user?
You must be root to change the password for other users:
# passwd userNameHere
or
$ sudo passwd userNameHere
How do I change or set password expiration information?
Use the chage command on Linux to change the password expiration information for a user.
The syntax is as follows (again, you must be root to set the password again):
chage username
chage [options] username
chage itsecforu
chage -l tom
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦List apps work with iOS 14 home screen widgets :
Acorns: Invest Spare Change
Apollo for Reddit
Aviary (RUB 379)
Balance: Meditation & Sleep
Bazaart Photo Editor & Design
Birch - Organized Photo Notes
Bolt - Workout Tracker Gym Log
Book Track - Library Manager ($ 4.99)
Brief: just the news you need
Calendar 5 by Readdle
Calendars: Planner & Reminders
Calory
CardPointers for Credit Cards
CARROT Weather ($ 4.99)
Cheep: Flight Deals Tracker
ChibiStudio - Avatar Maker
Coinbase - Buy & sell Bitcoin
Copilot: The Smart Money App
Countdown - Countdown to Dates
Curio: hear great journalism
Dark Noise (459 rub.)
DataMan - track data usage (75 rub.)
Date Today (149 rub.)
Day one journal
Debit & Credit
Dice by PCalc (149 rub.)
Documents by Readdle
Drafts
DuckDuckGo Privacy Browser
Flow by Moleskine Studio
FoodNoms - Food Tracker
Friendship Circles
GasBuddy: Find & Pay for Gas
GameTrack
GoodTask - To Do List Manager
Google
HabitMinder
Hard Disk - Monitor Disk Usage (TestFlight beta)
HealthView
Health Auto Export to CSV (149 rubles)
IMDb: Movies & TV Shows
Kahoot! Play & Create Quizzes
LookUp: English dictionary (459 rub.)
Menstrual Period Tracker
Menstrual Period Tracker Pro ($ 5.99)
MFC Deck (TestFlight beta)
Microsoft OneDrive
MusicHarbor - Track New Music
MusicView (75 rub.)
Next: Magic DJs & Playlists (379 rub.)
Nikola for Tesla
Nighthawk for Twitter ($ 3.99)
Night sky
Nudget: Budgeting Made Simple (229 Rub.)
Parcel - Delivery Tracking
PDF Expert: PDF Reader, Editor
Pedometer ++
Pennant
Personal Best Workouts
Photo Widget: Simple
Pillow Automatic Sleep Tracker
Pocketdex for PokΓ©mon GO
Robinhood: Invest. Save. Earn.
Scanner Pro: PDF Scanner App ($ 3.99)
Schooly (TestFlight beta)
Scriptable
Slopes: Ski & Snowboard
SmartGym: Gym & Home Workouts
Soor Player ($ 4.99)
Spark Mail - Email by Readdle
Spendy - Spendings reimagined (229 rub.)
Spend Stack: Budget Tracker (229 rub.)
Streaks (379 rub.)
Sunrise - Day Greeter (149 rubles)
Tangerine: Self-care & Goals
Things 3
Timepage by Moleskin Studio
Todoist: To-Do List & Tasks
TrΓ€ning - Workout Goals
TripIt: Travel Planner
TuneTrack
Twilight Dice | TTRPG Roller
Unwind - Mindful Breathing
Watch chess
WaterMinder (379 rub.)
Weather - The Weather Channel
Weather line
WidgetPack (TestFlight beta)
Widgetsmith
Widget Wizard (149 rub.)
Wikipedia
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦List apps work with iOS 14 home screen widgets :
Acorns: Invest Spare Change
Apollo for Reddit
Aviary (RUB 379)
Balance: Meditation & Sleep
Bazaart Photo Editor & Design
Birch - Organized Photo Notes
Bolt - Workout Tracker Gym Log
Book Track - Library Manager ($ 4.99)
Brief: just the news you need
Calendar 5 by Readdle
Calendars: Planner & Reminders
Calory
CardPointers for Credit Cards
CARROT Weather ($ 4.99)
Cheep: Flight Deals Tracker
ChibiStudio - Avatar Maker
Coinbase - Buy & sell Bitcoin
Copilot: The Smart Money App
Countdown - Countdown to Dates
Curio: hear great journalism
Dark Noise (459 rub.)
DataMan - track data usage (75 rub.)
Date Today (149 rub.)
Day one journal
Debit & Credit
Dice by PCalc (149 rub.)
Documents by Readdle
Drafts
DuckDuckGo Privacy Browser
Flow by Moleskine Studio
FoodNoms - Food Tracker
Friendship Circles
GasBuddy: Find & Pay for Gas
GameTrack
GoodTask - To Do List Manager
HabitMinder
Hard Disk - Monitor Disk Usage (TestFlight beta)
HealthView
Health Auto Export to CSV (149 rubles)
IMDb: Movies & TV Shows
Kahoot! Play & Create Quizzes
LookUp: English dictionary (459 rub.)
Menstrual Period Tracker
Menstrual Period Tracker Pro ($ 5.99)
MFC Deck (TestFlight beta)
Microsoft OneDrive
MusicHarbor - Track New Music
MusicView (75 rub.)
Next: Magic DJs & Playlists (379 rub.)
Nikola for Tesla
Nighthawk for Twitter ($ 3.99)
Night sky
Nudget: Budgeting Made Simple (229 Rub.)
Parcel - Delivery Tracking
PDF Expert: PDF Reader, Editor
Pedometer ++
Pennant
Personal Best Workouts
Photo Widget: Simple
Pillow Automatic Sleep Tracker
Pocketdex for PokΓ©mon GO
Robinhood: Invest. Save. Earn.
Scanner Pro: PDF Scanner App ($ 3.99)
Schooly (TestFlight beta)
Scriptable
Slopes: Ski & Snowboard
SmartGym: Gym & Home Workouts
Soor Player ($ 4.99)
Spark Mail - Email by Readdle
Spendy - Spendings reimagined (229 rub.)
Spend Stack: Budget Tracker (229 rub.)
Streaks (379 rub.)
Sunrise - Day Greeter (149 rubles)
Tangerine: Self-care & Goals
Things 3
Timepage by Moleskin Studio
Todoist: To-Do List & Tasks
TrΓ€ning - Workout Goals
TripIt: Travel Planner
TuneTrack
Twilight Dice | TTRPG Roller
Unwind - Mindful Breathing
Watch chess
WaterMinder (379 rub.)
Weather - The Weather Channel
Weather line
WidgetPack (TestFlight beta)
Widgetsmith
Widget Wizard (149 rub.)
Wikipedia
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦2020 Cloud City IoT Hack, an event that provides developers with a hands-on introduction to some of the very best features Microsoft Azure has to offer, including IoT Hubs, Event Hubs, Azure Functions, Stream Analytics, and Cognitive Services. Four hands-on labs are located in folders named HOL 1, HOL 2, HOL 3, and HOL 4. Here's a synopsis of those labs:
P A R T S :
1) HOL 1 - Attendees create an Azure IoT Hub and program an MXCHIP to send accelerometer data to it.
> https://github.com/Azure/CloudIoTHack/blob/master/HOL%201/HOL%201%20-%20MXChip.md
2) HOL 2 - Attendees create an Azure Event Hub and deploy an Azure Function that transforms accelerometer data input to the IoT Hub into "flight data" denoting the disposition on an airplane and transmits it to the Event Hub. Then they connect a UWP client app to the Event Hub and use their MXChip to fly a simulated airplane.
> https://github.com/Azure/CloudIoTHack/blob/master/HOL%202/HOL%202%20-%20Functions%20and%20Event%20Hubs.md
3) HOL 3 - The instructor creates a pair of Event Hubs and deploys a Stream Analytics job that analyzes all the air traffic in the room for aircraft that are within two miles of each another. He or she also deploys a UWP app that shows all the air traffic. THIS HOL IS INSTRUCTOR-LED.
> https://github.com/Azure/CloudIoTHack/blob/master/HOL%203/HOL%203%20-%20Stream%20Analytics.md
4) HOL 4 - Attendees modify the Azure Function they deployed in HOL 2 to transmit flight data to the input hub used by Stream Analytics. They also connect the client app to the Stream Analytics output and modify the app to transmit warning messages back to the MXChip when their aircraft are within two miles of another.
> https://github.com/Azure/CloudIoTHack/blob/master/HOL%204/HOL%204%20-%20Putting%20It%20All%20Together.md
β GIT 2020
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β'
π¦2020 Cloud City IoT Hack, an event that provides developers with a hands-on introduction to some of the very best features Microsoft Azure has to offer, including IoT Hubs, Event Hubs, Azure Functions, Stream Analytics, and Cognitive Services. Four hands-on labs are located in folders named HOL 1, HOL 2, HOL 3, and HOL 4. Here's a synopsis of those labs:
P A R T S :
1) HOL 1 - Attendees create an Azure IoT Hub and program an MXCHIP to send accelerometer data to it.
> https://github.com/Azure/CloudIoTHack/blob/master/HOL%201/HOL%201%20-%20MXChip.md
2) HOL 2 - Attendees create an Azure Event Hub and deploy an Azure Function that transforms accelerometer data input to the IoT Hub into "flight data" denoting the disposition on an airplane and transmits it to the Event Hub. Then they connect a UWP client app to the Event Hub and use their MXChip to fly a simulated airplane.
> https://github.com/Azure/CloudIoTHack/blob/master/HOL%202/HOL%202%20-%20Functions%20and%20Event%20Hubs.md
3) HOL 3 - The instructor creates a pair of Event Hubs and deploys a Stream Analytics job that analyzes all the air traffic in the room for aircraft that are within two miles of each another. He or she also deploys a UWP app that shows all the air traffic. THIS HOL IS INSTRUCTOR-LED.
> https://github.com/Azure/CloudIoTHack/blob/master/HOL%203/HOL%203%20-%20Stream%20Analytics.md
4) HOL 4 - Attendees modify the Azure Function they deployed in HOL 2 to transmit flight data to the input hub used by Stream Analytics. They also connect the client app to the Stream Analytics output and modify the app to transmit warning messages back to the MXChip when their aircraft are within two miles of another.
> https://github.com/Azure/CloudIoTHack/blob/master/HOL%204/HOL%204%20-%20Putting%20It%20All%20Together.md
β GIT 2020
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β'
GitHub
Azure/CloudIoTHack
An end-to-end IoT Solution Workshop. Contribute to Azure/CloudIoTHack development by creating an account on GitHub.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π¦ Detecting deprecated shared libraries in memory with UChecker:
A) What is UChecker
1) UChecker, short for Userspace Checker, is a free open source scanner that detects which of your processes are still using outdated libraries and need to be restarted.
2) The tool was created by KernelCare during live patching development for shared libraries.
3) With Uchecker, you can identify vulnerable FOSS libraries and fix them.
4) You will have to reload the affected processes (unless you are using the library update services without rebooting), but by scanning for vulnerabilities, you can determine which processes need attention and which do not.
5) As a result, you avoid unnecessary server reboots, which lead to degraded service and / or crashes, as well as creating access vulnerabilities, since libraries are left unpatched until a reboot is scheduled.
6) In fact, you may not even know which services are using which libraries, so it is tempting to just reboot the server to update everything, or restart the core services.
π¦This example can be just as devastating as rebooting:
1) How UChecker works
Uchecker works with all modern Linux distributions starting from version 6.
2) It is free JSON software that is open for distribution and / or modification under the terms of the GNU General Public License.
3) Uchecker detects processes that are using old (i.e. unpatched) shared libraries.
4) It detects and reports obsolete libraries that are being used by running processes.
5) Its detection capabilities are based on BuildID comparisons.
6 )As a result, the tool knows about deleted or replaced files.
7) The Uchecker tool can determine the process ID and name, as well as the names of the shared libraries that are not patched, as well as their build IDs.
8) Uchecker gets the latest BuildIDs from KC resources.
9) It then starts the process by iterating over / proc / and gets the associated shared library from / proc / <pid> / maps.
10) At this point, Uchecker asks if the shared library has been replaced or removed.
11) Depending on the answer, the program will either parse ELF from the file system or parse ELF from mapped memory.
Uchecker then collects the BuildID from the .note.gnu.build-id.
12) Detecting obsolete in-memory libraries with UChecker
No installation required!
Just run the Uchecker script to find the unpatched libraries on your Linux server:
# curl -s -L https://kernelcare.com/checker | python
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π¦ Detecting deprecated shared libraries in memory with UChecker:
A) What is UChecker
1) UChecker, short for Userspace Checker, is a free open source scanner that detects which of your processes are still using outdated libraries and need to be restarted.
2) The tool was created by KernelCare during live patching development for shared libraries.
3) With Uchecker, you can identify vulnerable FOSS libraries and fix them.
4) You will have to reload the affected processes (unless you are using the library update services without rebooting), but by scanning for vulnerabilities, you can determine which processes need attention and which do not.
5) As a result, you avoid unnecessary server reboots, which lead to degraded service and / or crashes, as well as creating access vulnerabilities, since libraries are left unpatched until a reboot is scheduled.
6) In fact, you may not even know which services are using which libraries, so it is tempting to just reboot the server to update everything, or restart the core services.
π¦This example can be just as devastating as rebooting:
1) How UChecker works
Uchecker works with all modern Linux distributions starting from version 6.
2) It is free JSON software that is open for distribution and / or modification under the terms of the GNU General Public License.
3) Uchecker detects processes that are using old (i.e. unpatched) shared libraries.
4) It detects and reports obsolete libraries that are being used by running processes.
5) Its detection capabilities are based on BuildID comparisons.
6 )As a result, the tool knows about deleted or replaced files.
7) The Uchecker tool can determine the process ID and name, as well as the names of the shared libraries that are not patched, as well as their build IDs.
8) Uchecker gets the latest BuildIDs from KC resources.
9) It then starts the process by iterating over / proc / and gets the associated shared library from / proc / <pid> / maps.
10) At this point, Uchecker asks if the shared library has been replaced or removed.
11) Depending on the answer, the program will either parse ELF from the file system or parse ELF from mapped memory.
Uchecker then collects the BuildID from the .note.gnu.build-id.
12) Detecting obsolete in-memory libraries with UChecker
No installation required!
Just run the Uchecker script to find the unpatched libraries on your Linux server:
# curl -s -L https://kernelcare.com/checker | python
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β