Home Editor's Pick General: Tips & Tricks and one-liners (Part I)

General: Tips & Tricks and one-liners (Part I)

by Kliment Andreev
17.5K views

Part II, Part III, Part IV.

MySQL Backup/Restore

BACKUP

mysqldump -u <username>  -p <password> databasename > /somewhere/dbname.sql

Do not leave space between -p and the password.

RESTORE

mysql -u <username>  -p   <password> databasename <  /somewhere/dbname.sql

CREATE USER/DATABASE and GRANT RIGHTS

mysql -u adminusername -p
CREATE USER 'custom'@'localhost' IDENTIFIED BY 'obscure';
CREATE DATABASE databasename;
GRANT ALL PRIVILEGES ON databasename.* TO "custom"@"localhost" IDENTIFIED BY "obscure";
FLUSH PRIVILEGES;

FreeBSD update OS and ports

To update the OS (not upgrade):

freebsd-update fetch
freebsd-update install

To update the ports tree:

portsnap fetch
portsnap update

Update the actual ports:

portmaster -a

tail under Windows

Get-Content -Path "<drive>:\Folder\FileName.extension" -Wait

tcpdump to monitor HTTP traffic

1. To monitor HTTP traffic including request and response headers and message body:

tcpdump -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&amp;0xf)<<2)) - ((tcp[12]&amp;0xf0)>>2)) != 0)'

2. To monitor HTTP traffic including request and response headers and message body from a particular source:

tcpdump -A -s 0 'src example.com and tcp port 80 and (((ip[2:2] - ((ip[0]&amp;0xf)<<2)) - ((tcp[12]&amp;0xf0)>>2)) != 0)'

3. To monitor HTTP traffic including request and response headers and message body from local host to local host:

tcpdump -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&amp;0xf)<<2)) - ((tcp[12]&amp;0xf0)>>2)) != 0)' -i lo

4. To only include HTTP requests, modify “tcp port 80” to “tcp dst port 80” in above commands

Get the OU for a user or a computer in PowerShell.

$comp=Get-ADComputer -identity <computer_name> -properties CanonicalName
$user=Get-ADUser -identity <user_name> -properties CanonicalName

Send e-mail using Python and AWS SES

Create an index.html file in the same directory where this script will reside called index.html. That will be the body of your e-mail.
In my case index.html looks like this.

<h1>Hello!</h1>

You can comment line #24 below if you don’t want to see the debug output. I suggest you leave it as is.

import smtplib

from email.mime.multipart import MIMEMultipart
from email.mime.text import MIMEText

fromaddr = "[email protected]"
toaddr = "[email protected]"
EMAIL_HOST = 'email-smtp.us-east-1.amazonaws.com'
EMAIL_HOST_USER = 'AKIAJUEQQ7DIHJUCKAVA'
EMAIL_HOST_PASSWORD = 'AlRPmyef-qAkajSzCtn43YY447rFlJ8GXCBMWyaNide'
EMAIL_PORT = 587

msg = MIMEMultipart('alternative')
msg['Subject'] = "AWS TEST"
msg['From'] = fromaddr
msg['To'] = toaddr

html = open('index.html').read()

mime_text = MIMEText(html, 'html')
msg.attach(mime_text)

s = smtplib.SMTP(EMAIL_HOST, EMAIL_PORT)
s.set_debuglevel(10)
s.starttls()
s.login(EMAIL_HOST_USER, EMAIL_HOST_PASSWORD)
s.sendmail(fromaddr, toaddr, msg.as_string())
s.quit()

If you want to send to multiple recipients, replace the lines #7 and #27 to look like this.

toaddr = "[email protected],[email protected],[email protected]"
s.sendmail(fromaddr, msg['To'].split(','), msg.as_string())

Display remote SSL certificate

echo | openssl s_client -showcerts -servername blog.andreev.it -connect blog.andreev.it:443 2>/dev/null | openssl x509 -inform pem -noout -text

Windows DNS server – clear cache

From an elevated cmd prompt

dnscmd /clearcache

List public IP addresses associated with an instance in AWS

aws ec2 describe-instances --query "Reservations[*].Instances[*].PublicIpAddress" --output=text

RHEL\CentOS 7: Limit SSH to specific IPs

I have a CentOS VM that’s running behind a pfSense firewall and a NAT rule that forwards all SSH traffic to this VM. So, pretty much my VM is exposed to the public. I saw a lot of scripts trying to penetrate so what I did is, I used the firewalld service to restrict SSH to specific IPs. Make sure that you have firewalld enabled and running.

systemctl status firewalld

Now, add the trusted IPs or ranges. In my case my home network range and a single public IP.

firewall-cmd --zone="trusted" –-add-source=192.168.1.0/24
firewall-cmd --zone="trusted" –-add-source=11.12.99.88

Add the SSH service to the trusted zone.

firewall-cmd --zone="trusted" –add-service=ssh

Check if everything is OK

firewall-cmd --zone="trusted" –list-all
firewall-cmd –-zone=public –remove-service=ssh

Try to access your server from some other IP and you’ll see you are blocked. In order for these changes to be permanent, you’ll have to execute all these commands again with the –permanent option.

firewall-cmd --zone="trusted" –-add-source=192.168.1.0/24 --permanent
firewall-cmd --zone="trusted" –-add-source=11.12.99.88 --permanent
firewall-cmd --zone="trusted" –add-service=ssh --permanent
firewall-cmd –-zone=public –remove-service=ssh --permanent

Now, the changes will stay across reboots. You can use the same scenario for other services as well.

Download Oracle JRE from command prompt

Go to the download page and find the archive that you want to download. Click to accept the agreement and then get the URL of the archive.

wget --header "Cookie: oraclelicense=accept-securebackup-cookie" <URL>

Convert MP3 files to Ogg-Vorbis using sox in all subfolders

find . -name '*.mp3' -exec bash -c ' sox -V3 "$1" "${1%.mp3}.ogg"' -- {} \;

Delete all mp3 files after.

find . -name "*.mp3" -exec rm {} \;

Extract a tar archive (tarball) without the head/container directory (folder)

You have a tarball aaa.tar.gz with the following structure.

—-file1.txt
—-file2.txt
You want to extract the files to a directory without the top aaa folder.

tar xzvf aaa.tar.gz --strip 1 -C destination_folder

Samba 4.x, list Windows share, mount Windows share

sudo mount.cifs -v -o username=my_username,domain=netbios_domain_name,vers=2.1 //host.domain.local/share /mnt

If you are unable to write to the mounted folder, specify the user as -o…vers=2.1,uid=4801105,gid=4800513 which is a user that has rights to that share.

smbclient //host.domain.local/share -U [email protected] -m SMB3 -W netbios_domain_name

Speed up video files x30

ffmpeg -i input.mov -vf "setpts=(PTS-STARTPTS)/30" -crf 18 output.mov

Replace pattern in file names

E.g. You want to remove [BBB] from these files 123[BBB]aaa.txt and asd[BBB]123.txt.

Get-ChildItem *.txt | ForEach { Move-Item -LiteralPath $_.Name $_.Name.Replace("[BBB]", "") }

PowerShell – create TCP listener

$Listener = [System.Net.Sockets.TcpListener]9999;
$Listener.Start();
# Test the port with telnet
# once completed execute below
$Listener.Stop();

Get the model name of the computer from BIOS

wmic csproduct get name

uptime in Windows

Download the zipped EXE here. MD5: e37822139136b6296bc58617fceb010d. Source in C.

// uptime - shows the uptime on a Windows system
// K.Andreev - 20180803 - BSD Simplified License

#include "stdafx.h"
#include <Windows.h>

int main()
{
DWORD dMilliseconds = GetTickCount();
DWORD dDays = dMilliseconds / 86400000;
DWORD dHours = dMilliseconds / 3600000 - dDays * 24;
DWORD dMinutes = dMilliseconds / 60000 - dHours * 60 - dDays * 1440;
DWORD dTemp = dDays * 86400 - dHours * 3600 - dMinutes * 60;
DWORD dSeconds = dMilliseconds / 1000 - dDays * 86400 - dHours * 3600 - dMinutes * 60;

if (dDays != 0) {
printf("up %d days, %d hours, %d minutes, %d seconds", dDays, dHours, dMinutes, dSeconds);
return 0;
}
if (dHours != 0) {
printf("up %d hours, %d minutes, %d seconds", dHours, dMinutes, dSeconds);
return 0;
}
if (dMinutes != 0) {
printf("up %d minutes, %d seconds", dMinutes, dSeconds);
return 0;
}
printf("up %d seconds", dSeconds);

return 0;
}

Replace CRLF in a file, DOS 2 UNIX text format

sed -i 's/\r//g' /tmp/script.sh

Related Articles

Leave a Comment

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More