With my new x260 thinkpad, I came to install kubuntu. The main reason it’s not the usual debian testing with xfce4 was that debian, even the firmware image, didn’t had the wifi firmware for the x260. I tried PopOS randomly, which didnt include the drivers too. Next choice was kubuntu then, since I was a … Read moreFalling in love with KDE
I bought a refurbished thinkpad x260 and the bios locked with the seller can not supply the password. Since I need at least a seperated kali for pentesting and used virtual box until today, I would need virtualization enabled. Which wasn’t unfortunately. So I am exploring ways to use kali as a lxc container. A … Read moreUsing kali in lxc container the easy way
To have the signal desktop client running on testing, one needs to install 2 packages from the buster release. I will update how that works out. https://packages.debian.org/buster/amd64/libindicator7/downloadhttps://packages.debian.org/buster/libappindicator1/download Update: Seems to work good 🙂
With flock you can implement basic job control in bash. That’s very handy when you have a script that is running in multiple instances and doing file operations. I was writing a script to return some data from a switch stack to zabbix and as zabbix does run the script for every item it gets … Read morehandling multiple script instances in BASH
Reminder to not use \d, \w and such regex tokens when using regex with the linux streamline editor sed. Use [0-9] and [a-z] instead. Made me ask my first question on stackoverflow and getting downvoted for it 😛 https://regex101.com btw… when dealing with regular expressions, a handy tool. would be nice to have a sed … Read moresed dislikes \d \w regex syntax
I really start to love bash. And dislike python. I’m not good at both, but i like to automate boring, repeative tasks. Being a pentester and network admin using linux (of course) i’m working a lot in the shell, editing connfig files, checking network devices and such things. I encounter a lot of problems which … Read moreAutomate the boring stuff with bash
Writeup for the Phoenix VM from http://exploit.education/phoenix/. stack-onepython -c ‘print 64*”A”‘ stack-twoexport ExploitEducation=$”cccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc\n\t\n\r” learned about endianess here. really missing some of the basic computer science stuff, but well coming to it… stack-threeuser@phoenix-amd64:/opt/phoenix/amd64$ objdump stack-three -x | grep level user@phoenix-amd64:/opt/phoenix/amd64$ python -c ‘print “c”*64+”\x9d\x06@”‘ | ./stack-three Welcome to phoenix/stack-three, brought to you by https://exploit.education calling function … Read moreWriteUp: Phoenix Exploit.Education
strace -f -p PID returns syscalls of the process PID -eopen filters for open files -econnect filters for open sockets sendto(32, “@\4\0\0\20\0\1\0\0\0\0\0\0\0\0\0\5\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0″…, 1088, MSG_NOSIGNAL, NULL, 0 a sendto() syscall, the 32 ist a file descriptor, see /proc/PID/fd/ tbc.
“CVEs mean nothing, for the kernel. Very few CVEs ever get assigned for the kernel. I’m fixing 20 patches a day, I could create a CVE to each one of them, I was told not to because it would burn the world down,” he said. https://www.theregister.co.uk/2019/10/29/intel_disable_hyper_threading_linux_kernel_maintainer/ lol?