sha256: 2b87a252a3d912530dd8c20df6bee7f6cbc4ede0074fdf217e318aab39d9736c
RC3 Video, ordered by ViewCount
Elektrogruselkabinet Indien-Edition
36C3 - Boeing 737MAX: Automated Crashes
36C3 - BahnMining - Pünktlichkeit ist eine Zier
35C3 - Du kannst alles hacken – du darfst dich nur nicht erwischen lassen
35C3 - Hackerethik - eine Einführung
sha256: ec267b020ffdde11711eff23057df1a9b74a0fed1c262c0ab9dd28b5c08d512e
checkmk 2.0 (beta)
install debian 10.6
upgrade to 10.7
apt-get install dpkg-sig
scp check-mk-raw-2.0.0b1_0.buster_amd64.deb ip-of-host:/tmp/
wget https://checkmk.com/support/Check_MK-pubkey.gpg
gpg --keyserver keys.gnupg.net --recv-keys 434DAC48C4503261
gpg --armor --export 434DAC48C4503261 > Check_MK-pubkey.gpg
gpg --import Check_MK-pubkey.gpg
dpkg-sig --verify check-mk-raw-2.0.0b1_0.buster_amd64.deb
apt-get install gdebi-core
gdebi check-mk-raw-2.0.0b1_0.buster_amd64.deb
omd version
OMD - Open Monitoring Distribution Version 2.0.0b1.cre
omd create mysite
omd start mysite
http://ip-of-host/mysite/
cmkadmin
The admin user for the web applications is cmkadmin with password: xXxXxXx
For command line administration of the site, log in with 'omd su mysite'.
After logging in, you can change the password for cmkadmin with 'htpasswd etc/htpasswd cmkadmin'.
sha256: 62f460939ccba74886d5b4c89ca6b9ab4afbd9e44c634b961c7b4d8dd572840b
some basics about JQ
cat history.shelly.0.SHEM-3#40F52000B661#1.Total.Current.json | jq '.[0:3]'
[
{
"val": 2.64,
"ack": 1,
"ts": 1607900404883,
"q": 0,
"user": "system.user.admin"
},
{
"val": 2.61,
"ack": 1,
"ts": 1607900410483,
"q": 0,
"user": "system.user.admin"
},
{
"val": 2.58,
"ack": 1,
"ts": 1607900416083,
"q": 0,
"user": "system.user.admin"
}
]
cat history.shelly.0.SHEM-3#40F52000B661#1.Total.Current.json | jq '.[0]'
{
"val": 2.64,
"ack": 1,
"ts": 1607900404883,
"q": 0,
"user": "system.user.admin"
}
cat history.shelly.0.SHEM-3#40F52000B661#1.Total.Current.json | jq '.[0] |.ts,.val'
1607900404883
2.64
cat history.shelly.0.SHEM-3#40F52000B661#1.Total.Current.json | jq '.[0] | (.ts |tostring) + ";" + (.val |tostring)'
"1607900404883;2.64"
cat history.shelly.0.SHEM-3#40F52000B661#1.Total.Current.json | jq '.[] | (.ts |tostring) + ";" + (.val |tostring)' |head -10
"1607900404883;2.64"
"1607900410483;2.61"
"1607900416083;2.58"
"1607900421739;2.62"
"1607900427335;2.62"
"1607900433003;2.57"
"1607900438543;2.72"
"1607900444131;2.67"
"1607900449791;2.6"
"1607900455383;2.55"
cat history.shelly.0.SHEM-3#40F52000B661#1.Total.Current.json | jq '.[] |.ts,.val' |paste - - |head -10
1607900404883 2.64
1607900410483 2.61
1607900416083 2.58
1607900421739 2.62
1607900427335 2.62
1607900433003 2.57
1607900438543 2.72
1607900444131 2.67
1607900449791 2.6
1607900455383 2.55
cat history.shelly.0.SHEM-3#40F52000B661#1.Total.Current.json | jq -c '.[] | select (.val >= '50')'
{"val":52.55,"ack":1,"ts":1607907152399,"q":0,"user":"system.user.admin"}
{"val":52.54,"ack":1,"ts":1607907157975,"q":0,"user":"system.user.admin"}
{"val":52.53,"ack":1,"ts":1607907163639,"q":0,"user":"system.user.admin"}
{"val":52.5,"ack":1,"ts":1607907169220,"q":0,"user":"system.user.admin"}
{"val":52.49,"ack":1,"ts":1607907174863,"q":0,"user":"system.user.admin"}
{"val":52.53,"ack":1,"ts":1607907180639,"q":0,"user":"system.user.admin"}
...
dump networks from AS 3303
How to Setup an WG Tunnel between OpenBSD and OPNSense ? That’s quite simple …
pkg_add wireguard-tools--
wg genkey | tee privatekey | wg pubkey > publickey
r=$(openssl rand -base64 32)
remote_ip="1.2.3.4"
remote_net="192.168.0.0/24"
cat << 'EOF' > /etc/hostname.wg0
# WG Tunnel to OPNsense
wgkey ${r}
wgport 51820
wgpeer xxxxx - PUBLIC-KEY-OF-REMOTE-HOST - xxxxx= wgendpoint ${remote_ip} 51820 wgaip ${remote_net}
inet 10.0.0.1/24
!route add ${remote_net} 10.0.0.2
up
EOF
sh /etc/netstart wg0
ifconfig wg0
# skip on wg Interface
set skip on { lo0 wg0 }
# Wireguard
pass in log quick inet proto udp from ${remote_ip}/32 to (self) port 51820
Menu System -> Firmware -> Plugins -> Install Wireguard
Need a small and smart utility to manage you ssh keys under linux ? got some scripts and cronjobs which requires an local ssh key ? have a look at keychain !
depending on your OS …
macos$ brew install keychain
debian$ sudo apt-get install keychain
openbsd$ pkg_add keychain
freebsd$ pkg install keychain
$HOME/.bashrc $HOME/.bash_profile /etc/profile $HOME/.profile
cat << 'EOF' >> $HOME/.bashrc
# Keychain Startup
eval `keychain --eval id_ed25519`
EOF
$ keychain
$ ssh-add -L
cat << 'EOF' >> .profile
# Keychain Loaded ? Load and show Key ...
eval $(keychain --eval id_ed25519)
echo -e "loaded keys: `ssh-add -L |cut -c 1-12,77-`\n"
EOF
keychain --list
$ keychain --list-fp
Timeout for SSH Agent
Wanna run Kubernetes / Minikube on your Mac ?
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install.sh)"
brew install hyperkit
brew install minikube
minikube start --vm-driver=hyperkit
minikube stop
sha256: 0caafebc7050ffed2e1239439e4c562d361635df5f40db6f25a54920978bbef7
OpenBSD has two new releases every year. historically, on 1. Mai and 1. November. With a few small execptions in the past Check Wikipedia
so, then latest OS appeared today: OpenBSD 6.8
sysupgrade -r
doas su -
mkdir /root/bin
ftp -o /root/bin/upgrade_to_68.sh https://blog.stoege.net/scripts/upgrade_to_68.sh
chmod 740 /root/bin/upgrade_to_68.sh
# /root/bin/upgrade_to_68.sh
# *** reboot ***
# /root/bin/upgrade_to_68.sh
# rm /root/bin/upgrade_to_68.sh
doas su -
mkdir /root/bin
cat << 'EOF' > /root/bin/upgrade_to_68.sh
#!/bin/sh
prepare () {
echo "let's upgrade to 6.8 ..."
rm -f /usr/lib/libperl.a
rm /usr/X11R6/lib/libxkbui.*
rm /usr/X11R6/lib/pkgconfig/xkbui.pc
rm /usr/X11R6/include/X11/extensions/XKBui.h
}
download() {
local _response=$(sysupgrade -n)
if [[ $_response == *reboot ]]; then
echo "\nInstalled! Let's reboot ...\n"
rm /home/_sysupgrade/{comp,xf,xs}*
else
echo "Nothing todo ..."
fi
}
install() {
reboot
}
postwork() {
echo "let's do some postwork after upgrade to 6.8 ..."
cd /dev
./MAKEDEV all
_boot=$(mount |awk -F'[/ ]' '/ on \/ / {print $3}')
installboot ${_boot%?}
sysmerge
fw_update
syspatch
pkg_add -Vu
pkg_delete -a
/usr/libexec/locate.updatedb &
}
# Main
local _ver=$(uname -r)
if [ "$_ver" == "6.7" ]; then
prepare
download
install
elif [ "$_ver" == "6.8" ]; then
postwork
fi
exit 0
EOF
chmod 740 /root/bin/upgrade_to_68.sh
# /root/bin/upgrade_to_68.sh
# *** reboot ***
# /root/bin/upgrade_to_68.sh
# rm /root/bin/upgrade_to_68.sh
you should do a few checks afterwards:
Some Notes Based on this Video: https://www.youtube.com/watch?v=bhBSlnQcq2k
https://docs.docker.com/get-docker/
https://hub.docker.com/_/nginx
docker pull nginx
docker run nginx
docker run nginx:latest
docker run -d nginx:latest
docker run -d -p 80 nginx:latest
docker run -d -p 8080:80 nginx:latest
docker run -d -p 3000:80 -p 8080:80 nginx:latest
mbp:~ stoege$ docker run -d -p 8080:80 nginx:latest
5c7a945caa59f14e35932f3d4470c9b9afc0307dac34e01947d41adbcdfda091
mbp:~ stoege$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5c7a945caa59 nginx:latest "/docker-entrypoint.…" About a minute ago Up About a minute 0.0.0.0:8080->80/tcp laughing_cartwright
open Brower http://localhost:8080 -> Welcome Page
how to operate nginx as reverse proxy and loadbalancer
sha256: 23ec4f8fb8b94de4b26d5184ae41bc3f36bf41dcda2695db9af14ac7eeb52ed1
got a Server behing NAT / Firewall ? Need Shell access to … ?
user@server$ ssh -R 1234:localhost:22 my.public.jumpbox
ssh my.public.jumpbox
user@jumpbox$ ssh -p 1234 localhost
user@server$
and you’re in :)
sha256: 81b4dc1d84f9f8bcbf5060f382853759fffa1e5824e2ae98ad5508a082db5dfd