Setting Up SSM, Packer, and Ansible: A Comprehensive Guide

In this comprehensive guide, we’ll walk through the process of setting up AWS Systems Manager (SSM) and HashiCorp Packer, with two different approaches: one using Ansible and one without. We’ll also cover the setup of the necessary IAM instance profile. Prerequisites Before we begin, ensure you have the following: An AWS account with appropriate permissions AWS CLI installed and configured An s3 bucket for storing files transferred by Packer when using SSM Packer installed Ansible installed (for the Ansible example) Setting Up SSM and IAM Instance Profile AWS Systems Manager (SSM) is a management tool that provides a unified user interface to view and control your AWS infrastructure. To use SSM with Packer, we need to set up an IAM instance profile with the necessary permissions. ...

Jayson Grace

Shodan Cheatsheet

Sites with valid SSL certs ssl:"orgname" 200 Negative search This is used to specify things you don’t want to be appended to your search -"content" An example could be: ssl:"orgname" 200 -"nosniff" Look for patterns in html html:"Dashboard Jenkins" Search for a specific technology This example will find all sites that use Bootstrap http.component:bootstrap Jenkins: http.component:"jenkins" Resources: https://twitter.com/shodanhq/status/985964783089233920?lang=en https://medium.com/bugbountywriteup/using-shodan-better-way-b40f330e45f6 Assets belonging to an organization org:"Name of Organization" With a 200 response code: ...

Jayson Grace

Slack Cheatsheet

Search in conversation with a specific user in:@username <string to search for> Search in channel in:@channelname <string to search for> Resource: https://webapps.stackexchange.com/questions/103425/how-to-search-in-a-single-channel Keyboard Shortcuts Open search field COMMAND + g Create private channel w/ webhook Create a new private channel in slack Navigate to https://api.slack.com/apps and create a new app Navigate to https://api.slack.com/apps/YOURAPPID/incoming-webhooks Click Add New Webhook to Workspace Find the channel you created previously in the dropdown Click Allow Copy the Webhook URL and use it as needed

Jayson Grace

SQL Cheatsheet

Generic Queries Update field UPDATE table_name SET column1 = value1, column2 = value2, ... WHERE condition; Get first row of data from table Replace table with a valid table in your db. SELECT * FROM <table> LIMIT 1; Single-line comment -- stuff to comment out Multi-line comment /** stuff to comment out **/ Delete the last n rows from a table DELETE FROM `table` WHERE `table`.`tableID` in (SELECT TOP 500 tableID FROM table ORDER BY tableID DESC) Delete the first n rows from a table DELETE FROM `table` WHERE `table`.`tableID` in (SELECT TOP 500 tableID FROM table ORDER BY tableID ASC) Get the number of rows in a table SELECT COUNT(*) FROM <table>; Resources: ...

Jayson Grace

Terraform Cheatsheet

Installation on Ubuntu 20.04 sudo apt-get update && sudo apt-get install -y gnupg software-properties-common curl curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add - sudo apt-add-repository "deb [arch=amd64] \ https://apt.releases.hashicorp.com $(lsb_release -cs) main" sudo apt-get update && sudo apt-get install -y terraform # Verify it works terraform -v Resource: https://learn.hashicorp.com/tutorials/terraform/install-cli Commands This is used to download and configure providers in your terraform code: terraform init Resource: https://learn.hashicorp.com/tutorials/terraform/eks Reconfigure state If you need to reconfigure your state, run the following: ...

Jayson Grace

Tmux Cheatsheet

Create session with a name SESSION_NAME='mysession' tmux new -s "${SESSION_NAME}" Create detached session with a name This particular example will run SimpleHTTPServer in the background: SESSION_NAME='python_sesh' tmux new -s "${SESSION_NAME}" -d 'python3 -m http.server' Kill tmux session programmatically kill -9 "$(top -n 1 | pgrep tmux)" Attach to session with name SESSION_NAME='mysession' tmux a -t "${SESSION_NAME}" # Alternatively: tmux attach -t "${SESSION_NAME}" List sessions # Outside of a tmux session: tmux ls # Within a tmux session: Ctrl b s Background session Ctrl b d Rename current session Ctrl b $ Kill session SESSION_NAME='ohno' tmux kill-session -t "${SESSION_NAME}" Background session on remote host and close ssh session return ~ . Resources: https://gist.github.com/henrik/1967800 ...

Jayson Grace

Useful Regexes

This contains various regexes that I find useful. Match any character except newline . Match first word of a string on multiple lines /(word1|word2|word3)/igm Multiple lines of neg and pos floating point numbers that are less than 1000 /^-?\d{1,3}\.\d+$/igm Do not return result from a group (?:) For example, do not return the year from this string: 12/06/2016 05:52 (^\d{2}\/\d{2}\/(?:2015|2016) (\d{2}:\d{2})$) Everything else that you expect from a capture group will be captured in the output. This merely ensures that 2015 or 2016 are omitted from any results. ...

Jayson Grace

Vim Cheatsheet

Useful Keyboard Shortcuts Select the beginning of a function Shift-V - Get version of vim :version Get to the end of a function $% Autoindent the current file gg=G Breaking it down: gg to get to the start of the file, = to indent and G to get to the end of the file. Use JQ to make JSON human readable :%!jq '.' Alternatively, you can also use python: :%!python -m json.tool Resources: ...

Jayson Grace

VSCode Notes

Symbols to keep in mind ⌘ is the command key aka the windows key ⇧ is the shift key ⌃ is the control key ⌥ is the alt key Switch between windows On Mac: ⌘ tab number For example: ⌘2 Resource: https://zellwk.com/blog/useful-vscode-keyboard-shortcuts/ Markdown This extension is great, install it: https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one&ssr=false#overview Show preview of MD file On Mac: ⌘⇧V On Windows and Linux: Ctrl Shift V Extensions via command line List existing extensions: code --list-extensions Install an extension: ...

Jayson Grace

Web Application Penetration Testing Notes

XXE Valid use case This is a non-malicious example of how external entities are used: <?xml version="1.0" standalone="no" ?> <!DOCTYPE copyright [ <!ELEMENT copyright (#PCDATA)> <!ENTITY c SYSTEM "http://www.xmlwriter.net/copyright.xml"> ]> <copyright>&c;</copyright> Resource: https://xmlwriter.net/xml_guide/entity_declaration.shtml Testing methodology Once you’ve intercepted the POST to the vulnerable page, see if you can get the system to do what it would normally, but with entities: <?xml version="1.0"?> <!DOCTYPE a [ <!ENTITY test "THIS IS A STRING!">] > <methodCall><methodName>&test;</methodName></methodCall> If that worked, let’s see if you can read files off of the system: ...

Jayson Grace