Develop, test and use exploit code with the Metasploit Framework:
cd /tmp
-wget http://www.metasploit.com/tools/framework-2.7-snapshot.tar.gz
-unp framework-2.7-snapshot.tar.gz
-cd framework*
+wget http://framework-mirrors.metasploit.com/msf/downloader/framework-3.0.tar.gz
+unp framework-3.0.tar.gz
+cd framework-3.0
./msfcli
--
Useful documentation:
See also: http://www.debian.org/releases/stable/i386/apcs04.html.en
Avoid all of the above steps - use grml-debootstrap(8) instead!
--
-Convert files from Unicode / UTF to ISO:
+Convert files from Unicode / UTF-8 to ISO:
% iconv -f utf8 -t iso-8859-15 < utffile > isofile
% startx 2>~/.xsession-errors &| exit
--
-Which process is writing to disk?
+Which process is writing to disk and/or causes the disk to spin up?
+
+First of all use lsof to check what's going on. Does not help? ->
# echo 1 > /proc/sys/vm/block_dump
-Warning: you must disable syslogd before you do this, or you must
-make sure that kernel output is not logged.
+The command sets a sysctl to cause the kernel to log all disk
+writes. Please notice that there is a lot of data. So please
+disable syslogd/syslog-ng before you do this, or you must make
+sure that kernel output is not logged.
When you're done, disable block dump using:
# echo 0 > /proc/sys/vm/block_dump
Alternative:
laptop-mode-tools provides a tool named lm-profiler (laptop mode profiler)
which handles block_dump on its own.
+
+See: $KERNEL-SOURCE/Documentation/laptop-mode.txt
+
+Also take a look at event-viewer(8) which is part of grml-debugtools.
--
Install initrd via initramfs-tools for currently running kernel:
# xfs_admin -l /dev/sda1
reiserfs without vol_id:
-# debugreiserfs /dev/sda1 | grep UUID
+# debugreiserfs /dev/sda1 | grep -i label
+
+jfs without vol_id:
+# jfs_tune -l /dev/sda1 | grep -i label
reiser4 without vol_id:
-# debugfs.reiser4 /dev/sda1 | grep uuid
+# debugfs.reiser4 /dev/sda1 | grep -i label
--
Check filesystem's UUID:
# vol_id -u /dev/sda1
ext2/3 without vol_id:
-# dumpe2fs /dev/sda1 | grep UUID
+# dumpe2fs /dev/sda1 | grep -i UUID
xfs without vol_id:
# xfs_admin -u /dev/sda1
reiserfs without vol_id:
-# debugreiserfs /dev/sda1 | grep LABEL
+# debugreiserfs /dev/sda1 | grep -i UUID
reiser4 without vol_id:
-# debugfs.reiser4 /dev/sda1 | grep label
+# debugfs.reiser4 /dev/sda1 | grep -i UUID
+--
+Change a filesystem's LABEL:
+
+swap:
+# mkswap -L $LABEL /dev/sda1
+
+ext2/ext3:
+# e2label /dev/sda1 $LABEL
+# tune2fs -L $LABEL /dev/sda1
+
+reiserfs:
+# reiserfstune -l $LABEL /dev/sda1
+
+jfs:
+# jfs_tune -L $LABEL /dev/sda1
+
+xfs:
+# xfs_admin -L $LABEL /dev/sda1
+
+fat/vfat:
+# echo 'drive i: file="/dev/sda1"' >> ~/.mtoolsrc
+# mlabel -s i:$LABEL
+
+ntfs:
+# ntfslabel $LABEL /dev/sda1
--
Disable pdiffs feature of APT:
More usage examples: man zsplit + man unzsplit
--
-Measure network performance using ipserf
+Measure network performance using iperf:
Server side:
% iperf -s -V
Start dnsmasq finally:
# Restart dnsmasq
--
-Find out which process(es) cause the disk to spin up:
-
-# echo 1 > /proc/sys/vm/block_dump
-
-The command sets a sysctl to cause the kernel to log all disk
-writes. Please notice that there is a lot of data.
-
-See: $KERNEL-SOURCE/Documentation/laptop-mode.txt
-
-Also take a look at event-viewer(8).
---
Display stats about memory allocations performed by a program:
Usage example for 'ls':
# tzconfig
which adjusts /etc/timezone and /etc/localtime according
- to the provided information.
+ to the provided information. Running:
+
+ # dpkg-reconfigure tzdata
+
+ might be useful as well.
* /etc/default/rcS: set variable UTC according to your needs,
whether your system clock is set to UTC (UTC='yes') or
* If you change the time (using 'date --set ...', ntpdate,...)
it is worth setting also the hardware clock to the correct time:
- # hwclock --hctosys [--utc]
+ # hwclock --systohc [--utc]
Remember to add the --utc -option if the hardware clock is set
to UTC!
http://www.debian.org/doc/manuals/system-administrator/ch-sysadmin-time.html
http://wiki.debian.org/TimeZoneChanges
--
+Recorder shellscript session using script:
+
+% script -t 2>~/upgrade.time -a ~/upgrade.script
+% scriptreplay ~/upgrade.time ~/upgrade.script
+--
+Test UTF-8 capabilities of terminal:
+
+wget http://melkor.dnp.fmph.uniba.sk/~garabik/debian-utf8/download/UTF-8-demo.txt.gz
+zcat UTF-8-demo.txt.gz
+
+or:
+
+wget http://www.cl.cam.ac.uk/~mgk25/ucs/examples/UTF-8-test.txt
+cat UTF-8-test.txt
+--
+UTF-8 at grml / some general information regarding Unicde/UTF-8:
+
+ http://wiki.grml.org/doku.php?id=utf8
+--
+
+This allows one ssh connection attepmt per minute per source ip, with a initial
+burst of 10. The available burst is like a counter which is initialised with
+10. Every connection attempt decrements the counter, and every minute where the
+connection limit of one per minute is not overstepped the counter is
+incremented by one. If the burst counter is exhausted the real rate limit
+comes into play. This gives you 11 connectionattepmts in the first minute
+before blocked for 10minutes. After 10 minutes block the game restarts.
+
+Hint: you could set the burst value to 5 and the block time to only 5 minutes
+to achive the same average connection rate but with halve the block time.
+
+iptables -A inet_in -p tcp --syn --dport 22 -m hashlimit --hashlimit-name ssh \
+ --hashlimit 1/minute \ --hashlimit-burst 10 --hashlimit-mode srcip \
+ --hashlimit-htable-expire 600000 -j ACCEPT
+iptables -A inet_in -p tcp --dport 22 -m state --state NEW -j REJECT
+--
+Tunnel a specific connection via socat:
+
+On the client:
+% socat TCP4-LISTEN:8003 TCP4:gateway:500
+
+On the gateway:
+# socat TCP4-LISTEN:500,fork TCP4:target:$PORT
+
+Using localhost:8003 on the client uses the tunnel now.
+--
+Set date:
+
+# date --set=060916102007
+
+where the bits are month(2)/day(2)/hour(2)/minute(2)/year(4)
+
+Set date using a relative date:
+
+# date -s '+3 mins'
+
+or
+
+# date -s '+tomorrow'
+
+Display a specific relative date:
+
+# date -d '+5 days -2 hours'
+
+Don't forget to set hardware clock via:
+
+# hwlock -w
+--
+Booting grml via network / PXE:
+
+Start grml-terminalserver on a system with network access
+and where grml is running:
+
+# grml-terminalserver
+
+Then booting your client(s) via PXE should work without
+any further work.
+--
+Debugging SSL communications:
+
+% openssl s_client -connect webmail.grml.org:993
+
+# ssldump -a -A -H -i eth0
projects / grml-tips.git / blobdiff