Apache Cheatsheet

Log Responses Install the dump_io mod by running this as root: a2enmod dump_io Add these lines to the bottom of the /etc/apache2/apache2.conf file: LogLevel dumpio:trace7 DumpIOInput On DumpIOOutput On Restart the apache service to enact the changes: service apache2 restart View response data with this command: cat error.log | cut -f8- -d':' \ | egrep -v ' [0-9]+ bytes$' \ | grep -v '^$' | cut -c2- | sed 's/\\r\\n//' Run as an infinite loop:...

January 27, 2020 · Jayson Grace

Slack Cheatsheet

Search in conversation with a specific user in:@username <string to search for> Search in channel in:@channelname <string to search for> Resource: https://webapps.stackexchange.com/questions/103425/how-to-search-in-a-single-channel Keyboard Shortcuts Open search field COMMAND + g Create private channel w/ webhook Create a new private channel in slack Navigate to https://api.slack.com/apps and create a new app Navigate to https://api.slack.com/apps/YOURAPPID/incoming-webhooks Click Add New Webhook to Workspace Find the channel you created previously in the dropdown Click Allow Copy the Webhook URL and use it as needed

January 2, 2020 · Jayson Grace

Salt Notes

Secrets View secrets from master: salt '*' pillar.items Create key called mysecretkey on master: echo -n "supersecret" | gpg --armor --batch --trust-model always --encrypt -r "mysecretkey" View secrets from minion: salt-call pillar.items Get a specific secret from a minion: salt-call pillar.get a-secret Resource: https://fabianlee.org/2016/10/18/saltstack-keeping-salt-pillar-data-encrypted-using-gpg/ Directory structure There are two essential locations for salt related files (excluding service files): /etc/salt /srv/salt /etc/salt holds configuration files for the master and minion, as well as the keys for known minions....

December 2, 2019 · Jayson Grace

IOS Pentesting Cheatsheet

Jailbreaking At the time of this writing, only up to version 12.1.2 of iOS can be jailbroken. While it is theoretically possible to downgrade the version, it is a giant hassle and I was not able to find a fully working solution over the span of several hours of research. Save yourself some time and just get a phone with an older version of iOS. Jailbreak using Chimera Following the instructions on here: https://cydia-app....

September 7, 2019 · Jayson Grace

Chef Notes

Chef Server Download On Centos 8: CHEF_SERVER_DL=https://packages.chef.io/files/stable/chef-server/14.1.0/el/8/chef-server-core-14.1.0-1.el7.x86_64.rpm INSTALL_DIR=/home/admin wget $CHEF_SERVER_DL -P $INSTALL_DIR Installation sudo dnf localinstall -y $INSTALL_DIR/chef-server-core-14.1.0-1.el7.x86_64.rpm Configuration Start by setting the following variables to correspond with the commands below: USERNAME="chefadmin" FIRST_NAME="Chef" LAST_NAME="Administrator" EMAIL="chefadmin@myorg.com" KEY_PATH="${HOME}/chefadmin.pem" ORG_NAME="myorg" ORG_FULL_NAME="Organization Inc." VALIDATION_KEY_PATH="/etc/chef/myorg-validator.pem" Install Chef server and automatically accept the license: sudo chef-server-ctl reconfigure --chef-license=accept Show status of server sudo chef-server-ctl status Create new user The key at ${KEY_PATH} will be used by a workstation at a later time....

July 18, 2019 · Jayson Grace

Frida Cheatsheet

IOS List running applications: frida-ps -Ua Run a script on a plugged in phone (and spawn the application): frida -U -l <script>.js --no-pause -f <application>

July 16, 2019 · Jayson Grace

Google Search Analytic on a Ghost blog

Add google site verification Go to https://search.google.com/search-console register your site Easy way: Go to /ghost/##/settings/code-injection, and paste the code you’re given from the google site into the Site Header, click Save. Hard way: Go to your theme Open default.hbs Paste the code you’ve been given under the <head> area Add google search analytics Go to https://analytics.google.com to register your site Easy way: Go to /ghost/##/settings/code-injection, and paste the code you’re given from the google site into the Site Header, click Save....

March 1, 2019 · Jayson Grace

GDB Notes

Compile This will compile in debug mode and include symbols gcc -ggdb cprog.c -o cprog Load exec in gdb gdb ./exec Set breakpoint on main b main Show instructions for main function disassemble Show all functions info functions Show all variables This will only work if the program is compiled in debug mode (with symbols) info variables List breakpoints i b Break on a specific memory address b *0x8048417 Show register values i r Show multiple register values i r ebp esp View value for a particular register String value:...

February 26, 2019 · Jayson Grace

Puppet Notes

Modules Install module on Puppet master /opt/puppetlabs/bin/puppet module install <name of module> Uninstall module on Puppet master /opt/puppetlabs/bin/puppet module uninstall <name of module> Resource: https://www.puppetcookbook.com/posts/installing-modules-from-the-puppet-forge.html List installed Modules puppet module list Resource: https://puppet.com/docs/puppet/5.3/modules_installing.html Show module path Run this on the puppet master: puppet config print modulepath Resource: https://puppet.com/docs/puppet/5.5/dirs_modulepath.html Change module install path By default, puppet module install installs modules into the first directory in the Puppet modulepath, which defaults to $codedir/environments/production/modules....

February 18, 2019 · Jayson Grace

Ruby Notes

This will encompass things that I find useful and end up looking up later when I haven’t coded in a while. File Operations Chmod file File.chmod(0600, file) Resource: https://stackoverflow.com/questions/22707040/change-permissions-of-file-in-ruby Move file without fileutils File.rename source_path, target_path Resource: https://stackoverflow.com/questions/403239/how-do-i-move-a-file-with-ruby Fix extensions not built errors Run this command: gem pristine --all Resource: https://stackoverflow.com/questions/48339706/ignoring-gems-because-its-extensions-are-not-built Multiline comments =begin stuff =end Resource: https://stackoverflow.com/questions/2989762/multi-line-comments-in-ruby Install specific version of a gem Install the bcrypt_pbkdf package that came before version 2....

November 30, 2018 · Jayson Grace