Roholt

My Sketchbook!

Menu tonen Verberg menu

CategoryProgramming

Ping addresses on a subnet (no nmap)

27 december 2021 / / Geen reacties

If you are on a remote host, and you have not the rights to install any other software, then this might come in handy.

Normally I would use “nmap” to scan for other devices on the network, but if that is not available and “ping” is, then this can also discover online devices on the network, assuming they are pingable (ICMP enabled).

#!/bin/bash
# Ping devices on a subnet

SUBNET=${1:-"192.168.2"}

function main()
{
  for i in $SUBNET.{1..254}
  do
    check_alive $i &
  done

  # Sleep to not put shell inbetween
  sleep 1
  exit 0
}

function check_alive()
{
  ping -c 1 $1 > /dev/null
  [ $? -eq 0 ] && echo -e "$i\t UP"
}

main $@

The output will look like the following:

⇒  ./ping-it.sh 192.168.2
192.168.2.69	 UP
192.168.2.62	 UP
192.168.2.254	 UP
192.168.2.14	 UP
192.168.2.65	 UP
192.168.2.182	 UP
192.168.2.25	 UP
192.168.2.200	 UP
192.168.2.210	 UP
192.168.2.190	 UP

Meaning of “man” numbers (e.g. mkfifo(3)

27 december 2021 / / Geen reacties

I always forget what the number after the man pages means.
For example mkfifo(3) (https://linux.die.net/man/3/mkfifo).

This post helps me (and you) to not forget 🙂

MANUAL SECTIONS
    The standard sections of the manual include:

    1      User Commands
    2      System Calls
    3      C Library Functions
    4      Devices and Special Files
    5      File Formats and Conventions
    6      Games et. al.
    7      Miscellanea
    8      System Administration tools and Daemons

    Distributions customize the manual section to their specifics,
    which often include additional sections.

Note: I found out that “man” has a man page of itself. So this is not really necessary anymore. I keep it here for others to find though.

But remember:

$ man man

Python3 custom logging module

7 december 2021 / / Geen reacties

I made a logging module based on the logging module of python itself.

It prints to file, and also in the console, and rotates the file automatically on a new start.

# Use it in your other modules as:
  # from Log import Log
  # logger = Log(__name__)

import logging
from logging import handlers
import os

LOG_LEVEL = logging.DEBUG

logger = logging.getLogger()
logger.setLevel(LOG_LEVEL)
formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')

ch = logging.StreamHandler()
ch.setLevel(LOG_LEVEL)
ch.setFormatter(formatter)
logger.addHandler(ch)

filename = "./log/log.txt"
should_roll_over = os.path.isfile(filename)
rfh = handlers.RotatingFileHandler(filename, maxBytes=5 * 1000 * 1000, backupCount=20)
if should_roll_over:
  rfh.doRollover()
rfh.setLevel(LOG_LEVEL)
rfh.setFormatter(formatter)
logger.addHandler(rfh)


class Log():
  def __init__(self, name):
    self.logger = logging.getLogger(name)

    self.info(f"Instantiated logger for {name}")

  def critical(self, msg):
    self.logger.critical(msg)

  def fatal(self, msg):
    self.logger.fatal(msg)

  def error(self, msg):
    self.logger.error(msg)

  def warning(self, msg):
    self.logger.warning(msg)

  def warn(self, msg):
    self.logger.warn(msg)

  def info(self, msg):
    self.logger.info(msg)

  def debug(self, msg):
    self.logger.debug(msg)

Swego: Go answer to Python’s SimpleHTTPServer

18 augustus 2021 / / Geen reacties

SimpleHTTPserver of Python is an easy way to create a HTTP Server in a directory:

python -m SimpleHTTPServer 80

Also an NGINX instance with Directory Listing enabled is another possibility.

But now we also have Swego, written in Go, fully packed with cool features. It came on my radar one year ago, and I forgot the name of this project. Up until know it was lost, but recently I re-discovered it.

Features:

  • HTTPS (auto generate certificate / key if no certificate / key specified)
  • Directory listing
  • Define a private folder with basic authentication
  • Upload multiple files
  • Download file as an encrypted zip (password: infected)
  • Download folder with a zip
  • Embedded files
  • Run embedded binary written in C# (only available on Windows)
  • Create a folder from the browser
  • Ability to execute embedded binary
  • Feature for search and replace (for fill the IP address in reverse shell for example)
  • Generate one-liners to download and execute a embedded file
  • Config file.
  • Auto generate random certificate for TLS

Especially the search and replace for text based files can be very useful for pentesters.

You can find the repository here: https://github.com/nodauf/Swego

Completely wipe Bash history

16 juli 2021 / / Geen reacties

Clearing out your bash history can be quite a hassle as it keeps a copy in the memory that will be flushed at the moment you log out. There is a workaround:

cat /dev/null > ~/.bash_history && history -c && exit

After this command the history is wiped.
I use this when creating binary copies of the filesystem when I do not want to include any history (Create bitwise copy of EMMC/SD/HDD/SDD over the network (backup using ssh pipe)).

Source: https://askubuntu.com/a/192001

Create bitwise copy of EMMC/SD/HDD/SDD over the network (backup using ssh pipe)

8 juni 2021 / / Geen reacties

It can be convenient to make a bitwise copy. For example to place the contents of 1 embedded board (i.e. Beaglebone) to another embedded board.

If the device to copy is also the storage device that holds the OS, then boot from another device, for example a “Try Ubuntu” usb drive.

We stream the data over the network, because the devices themselves mostly have no space to place the image somewhere on the that device.

Assumption is that you have a working ssh server on the device you want to copy to.

The perform the following:

  1. Find the correct device to make a copy from. So the whole device, not the partition.
    In my case it is “/dev/mmcblk0” so without the partition indicator -> “p1”.
  2. Find the ip adress of the device to copy to (or use hostname)

To create an image:

> sudo cat /dev/mmcblk0 | ssh <user>@<ip-adress> "gzip ~/image.gz"

After the operation is done you have a bitwise copy gzipped on your <ip-address> machine in the home directory of the <user>

To deploy an earlier created image back to the device, from the device to deploy to (Make sure you booted from another device than we are copying to):

> ssh <user>@<ip-address> "gzip -dc ~/image.gz" | dd of=/dev/mmcblk0 status=progress

Wipe bash history!

8 juni 2021 / / Geen reacties

If you were ever to create an image of your OS for example, but do not want to include your history.

It also wipes the history still in the memory.

cat /dev/null > ~/.bash_history && history -c && exit

Also, if you don’t even want that your command ends up in your bash history in the first place, add a space at the start of you command and it will not be in your bash history!

> echo "inhistory" > blaa
>   echo "notinhistory" > blaa  #notice the space

The “notinhistory” is not in the history file:

> history | tail -n1
10438  echo "inhistory" > blaa

Bash script template

3 februari 2021 / / Geen reacties

Whenever writing a script you might want to enable some options depending on what you provide on the CLI.

I’ve created a bash script template to getting started quick with a bash script. You can specify full options or the short ones with arguments or without.

#!/bin/bash
# Version 2.0
# Script template

set -eou pipefail

DO_OPT_A=false
DO_OPT_B=false

# directory of the script, can be useful for locating files which are next to the script.
THISDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"

function main() {
  check_root

  do_parse_opts $@

  [[ ${DO_OPT_A}   = true ]] && check_opt_a_prerequisites
  [[ ${DO_OPT_B}   = true ]] && check_opt_b_prerequisites

  print_info "Checks OK, you have 2s to abort now!"
  sleep 2
  echo ""

  [[ ${DO_OPT_A} = true ]] && {
    do_opt_a_function
  }

  [[ ${DO_OPT_B} = true ]] && {
    do_opt_b_function
  }
}

function show_help() {
  echo "Scripting template :)"

  echo "Usage:"
  echo "    $0 [-a/--option_a] [-b/--option_b <arg>]"

  echo "        *  [-h/--help]      Print this help"
  echo "        *  [-a/--option_a]  Perform option A"
  echo "        *  [-b/--option_b <arg>]  Perform option B with argument"
  echo ""
  exit 1
}

function do_parse_opts() {
  # convert long options to shorts
  for arg in "$@"; do
    shift
    case "$arg" in
        "--help")       set -- "$@" "-h" ;;
        "--option_a")   set -- "$@" "-a" ;;
        "--option_b")   set -- "$@" "-b" ;;
        *)              set -- "$@" "$arg"
    esac
  done

  OPTIND=1 # Reset in case getopts has been used previously in the shell.
  while getopts "hab:" opt; do
      case "$opt" in
      h)
          show_help
          exit 0
          ;;
      a)  DO_OPT_A=true
          ;;
      b)  DO_OPT_B=true
          BARG=$OPTARG
          ;;
      esac
  done

  shift $((OPTIND-1))

  [ "${1:-}" = "--" ] && shift

  print_info "DO_OPT_A    = $DO_OPT_A"
  print_info "DO_OPT_B    = $DO_OPT_B"

  [[ ${DO_OPT_A} = false ]] && [[ ${DO_OPT_B} = false ]] && {
    print_info "Hey! Your provided no options, this might help:"
    echo ""
    show_help
  }

  echo ""
}

function check_root() {
    [[ $EUID -ne 0 ]] && {
        echo "[ERROR]     This script must be run as root"
        show_help
    }
}

function check_opt_a_prerequisites() {
    print_info "Checking option A prerequisites"
    sleep 1
    print_ok
}

function check_opt_b_prerequisites() {
    print_info "Checking option B prerequisites"
    sleep 1
    print_ok
}


function do_opt_a_function() {
    print_info "Performing A"
    sleep 1
    print_ok
}


function do_opt_b_function() {
    print_info "Performing B, with arg: ${BARG}"
    sleep 1
    print_ok
}


function print_ok() {
  echo "[OK]"
}

function print_info() {
  echo "[INFO]      $1..."
}

function print_error() {
  echo "[ERROR]     $1"
  exit 1
}


main $@

print_info "All done!"
echo "[OK]"

Git status of multiple git repositories in one directory

31 januari 2021 / / Geen reacties

If a project consists of multiple git repositories I’d like to see if I forgot to create a commit in one of them at the end of a development day.

This little bash script traverses all directories with a .git directory and checks with a ‘git status’ what the status of that git repository is.

Handy! I’d use it, if it were me!

for x in $(find . -type d -name ".git"); do pushd $(dirname $x); pwd; git status; popd; done

How to check if path is a mountpoint in C

31 januari 2021 / / Geen reacties

For an application in C I wanted to know if a provided path is a mountpoint, so that a drive is mounted at that path.

With the help of the mtab file, which include all the mounts, we can iterate over that list and see if provided path is actually a mount point.
See ‘cat /etc/mtab’ to see the content of this file.

#include <mntent.h>
#include <stdio.h>
#include <string.h>

static bool path_is_mountpoint( CHAR* path )
{
  // Return if path is mountpoint (true), or not (false)
  BOOLEAN mounted = false;

  // Open mtab file.
  FILE * mtab = setmntent ("/etc/mtab", "r");
  struct mntent* mountpoint = nullptr;

  // Return directly if we could not open the file.
  if ( mtab == nullptr) return mounted;

  // Iterate over each entry in mtab list, and check if path is present
  while ( ( mountpoint = getmntent(mtab) ) != nullptr) {
    if ( (mountpoint->mnt_fsname != nullptr ) &&
         (strcmp(mountpoint->mnt_fsname, path ) == 0) )
    {
      // We found path in mtab, so path is mountpoint.
      // Stop iterating.
      mounted = true;
      break;
    }
  }

  endmntent (mtab);

  printf("path: %s, Is mountpoint: %d", path, mounted);

  return mounted;
}
Older posts Newer posts

Recente berichten

Recente berichten

© 2025 Roholt

Thema door Anders NorénOmhoog ↑