Table of Contents
MySQL Backup/Restore
BACKUP
mysqldump -u <username> -p <password> databasename > /somewhere/dbname.sql
Do not leave space between -p and the password.
RESTORE
mysql -u <username> -p <password> databasename < /somewhere/dbname.sql
CREATE USER/DATABASE and GRANT RIGHTS
mysql -u adminusername -p CREATE USER 'custom'@'localhost' IDENTIFIED BY 'obscure'; CREATE DATABASE databasename; GRANT ALL PRIVILEGES ON databasename.* TO "custom"@"localhost" IDENTIFIED BY "obscure"; FLUSH PRIVILEGES;
FreeBSD update OS and ports
To update the OS (not upgrade):
freebsd-update fetch freebsd-update install
To update the ports tree:
portsnap fetch portsnap update
Update the actual ports:
portmaster -a
tail under Windows
Get-Content -Path "<drive>:\Folder\FileName.extension" -Wait
tcpdump to monitor HTTP traffic
1. To monitor HTTP traffic including request and response headers and message body:
tcpdump -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'
2. To monitor HTTP traffic including request and response headers and message body from a particular source:
tcpdump -A -s 0 'src example.com and tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'
3. To monitor HTTP traffic including request and response headers and message body from local host to local host:
tcpdump -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' -i lo
4. To only include HTTP requests, modify “tcp port 80” to “tcp dst port 80” in above commands
Get the OU for a user or a computer in PowerShell.
$comp=Get-ADComputer -identity <computer_name> -properties CanonicalName
$user=Get-ADUser -identity <user_name> -properties CanonicalName
Send e-mail using Python and AWS SES
Create an index.html file in the same directory where this script will reside called index.html. That will be the body of your e-mail.
In my case index.html looks like this.
<h1>Hello!</h1>
You can comment line #24 below if you don’t want to see the debug output. I suggest you leave it as is.
import smtplib from email.mime.multipart import MIMEMultipart from email.mime.text import MIMEText fromaddr = "[email protected]" toaddr = "[email protected]" EMAIL_HOST = 'email-smtp.us-east-1.amazonaws.com' EMAIL_HOST_USER = 'AKIAJUEQQ7DIHJUCKAVA' EMAIL_HOST_PASSWORD = 'AlRPmyef-qAkajSzCtn43YY447rFlJ8GXCBMWyaNide' EMAIL_PORT = 587 msg = MIMEMultipart('alternative') msg['Subject'] = "AWS TEST" msg['From'] = fromaddr msg['To'] = toaddr html = open('index.html').read() mime_text = MIMEText(html, 'html') msg.attach(mime_text) s = smtplib.SMTP(EMAIL_HOST, EMAIL_PORT) s.set_debuglevel(10) s.starttls() s.login(EMAIL_HOST_USER, EMAIL_HOST_PASSWORD) s.sendmail(fromaddr, toaddr, msg.as_string()) s.quit()
If you want to send to multiple recipients, replace the lines #7 and #27 to look like this.
toaddr = "[email protected],[email protected],[email protected]" s.sendmail(fromaddr, msg['To'].split(','), msg.as_string())
Display remote SSL certificate
echo | openssl s_client -showcerts -servername blog.andreev.it -connect blog.andreev.it:443 2>/dev/null | openssl x509 -inform pem -noout -text
Windows DNS server – clear cache
From an elevated cmd prompt
dnscmd /clearcache
List public IP addresses associated with an instance in AWS
aws ec2 describe-instances --query "Reservations[*].Instances[*].PublicIpAddress" --output=text
RHEL\CentOS 7: Limit SSH to specific IPs
I have a CentOS VM that’s running behind a pfSense firewall and a NAT rule that forwards all SSH traffic to this VM. So, pretty much my VM is exposed to the public. I saw a lot of scripts trying to penetrate so what I did is, I used the firewalld service to restrict SSH to specific IPs. Make sure that you have firewalld enabled and running.
systemctl status firewalld
Now, add the trusted IPs or ranges. In my case my home network range and a single public IP.
firewall-cmd --zone="trusted" –-add-source=192.168.1.0/24 firewall-cmd --zone="trusted" –-add-source=11.12.99.88
Add the SSH service to the trusted zone.
firewall-cmd --zone="trusted" –add-service=ssh
Check if everything is OK
firewall-cmd --zone="trusted" –list-all
firewall-cmd –-zone=public –remove-service=ssh
Try to access your server from some other IP and you’ll see you are blocked. In order for these changes to be permanent, you’ll have to execute all these commands again with the –permanent option.
firewall-cmd --zone="trusted" –-add-source=192.168.1.0/24 --permanent firewall-cmd --zone="trusted" –-add-source=11.12.99.88 --permanent firewall-cmd --zone="trusted" –add-service=ssh --permanent firewall-cmd –-zone=public –remove-service=ssh --permanent
Now, the changes will stay across reboots. You can use the same scenario for other services as well.
Download Oracle JRE from command prompt
Go to the download page and find the archive that you want to download. Click to accept the agreement and then get the URL of the archive.
wget --header "Cookie: oraclelicense=accept-securebackup-cookie" <URL>
Convert MP3 files to Ogg-Vorbis using sox in all subfolders
find . -name '*.mp3' -exec bash -c ' sox -V3 "$1" "${1%.mp3}.ogg"' -- {} \;
Delete all mp3 files after.
find . -name "*.mp3" -exec rm {} \;
Extract a tar archive (tarball) without the head/container directory (folder)
You have a tarball aaa.tar.gz with the following structure.
—-file1.txt
—-file2.txt
You want to extract the files to a directory without the top aaa folder.
tar xzvf aaa.tar.gz --strip 1 -C destination_folder
Samba 4.x, list Windows share, mount Windows share
sudo mount.cifs -v -o username=my_username,domain=netbios_domain_name,vers=2.1 //host.domain.local/share /mnt
If you are unable to write to the mounted folder, specify the user as -o…vers=2.1,uid=4801105,gid=4800513 which is a user that has rights to that share.
smbclient //host.domain.local/share -U [email protected] -m SMB3 -W netbios_domain_name
Speed up video files x30
ffmpeg -i input.mov -vf "setpts=(PTS-STARTPTS)/30" -crf 18 output.mov
Replace pattern in file names
E.g. You want to remove [BBB] from these files 123[BBB]aaa.txt and asd[BBB]123.txt.
Get-ChildItem *.txt | ForEach { Move-Item -LiteralPath $_.Name $_.Name.Replace("[BBB]", "") }
PowerShell – create TCP listener
$Listener = [System.Net.Sockets.TcpListener]9999; $Listener.Start(); # Test the port with telnet # once completed execute below $Listener.Stop();
Get the model name of the computer from BIOS
wmic csproduct get name
uptime in Windows
Download the zipped EXE here. MD5: e37822139136b6296bc58617fceb010d. Source in C.
// uptime - shows the uptime on a Windows system // K.Andreev - 20180803 - BSD Simplified License #include "stdafx.h" #include <Windows.h> int main() { DWORD dMilliseconds = GetTickCount(); DWORD dDays = dMilliseconds / 86400000; DWORD dHours = dMilliseconds / 3600000 - dDays * 24; DWORD dMinutes = dMilliseconds / 60000 - dHours * 60 - dDays * 1440; DWORD dTemp = dDays * 86400 - dHours * 3600 - dMinutes * 60; DWORD dSeconds = dMilliseconds / 1000 - dDays * 86400 - dHours * 3600 - dMinutes * 60; if (dDays != 0) { printf("up %d days, %d hours, %d minutes, %d seconds", dDays, dHours, dMinutes, dSeconds); return 0; } if (dHours != 0) { printf("up %d hours, %d minutes, %d seconds", dHours, dMinutes, dSeconds); return 0; } if (dMinutes != 0) { printf("up %d minutes, %d seconds", dMinutes, dSeconds); return 0; } printf("up %d seconds", dSeconds); return 0; }
Replace CRLF in a file, DOS 2 UNIX text format
sed -i 's/\r//g' /tmp/script.sh