Kubernetes

kubectl installation

$ curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"

minikube installation

$ curl -LO https://github.com/kubernetes/minikube/releases/latest/download/minikube-linux-amd64
$ sudo install minikube-linux-amd64 /usr/local/bin/minikube && rm minikube-linux-amd64
$ sudo ln -s /usr/local/bin/minikube-linux-amd64 /usr/local/bin/minikube
$ minikube start
$ minikube status
$ docker exec -ti 4913739dd389 sh
$ minikube ssh
$ less ~/.kube/config
$ kubectl get no -o wide

oc installation

$ wget https://github.com/openshift/okd/releases/download/4.5.0-0.okd-2020-07-14-153706-ga/openshift-client-linux-4.5.0-0.okd-2020-07-14-153706-ga.tar.gz
$ tar -xvf openshift-client-linux-4.5.0-0.okd-2020-07-14-153706-ga.tar.gz
$ sudo mv oc /usr/local/bin/
$ oc login

Docker

sudo apt update

sudo apt install apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable"

sudo apt update

apt-cache policy docker-ce

sudo apt install docker-ce

sudo systemctl status docker

sudo usermod -a -G docker user

su - user

docker run hello-world

docker ps

Windows

Delay when hold the key

To fix this, press Windows + R and then type "control keyboard" and press okay. A popup box opens named "Keyboard properties". Over there in the "speed" tab, make sure that the "Repeat delay" is all the way towards "short" and the "Repeat rate" is all the way towards "fast" and then click the apply and okay button.

This should solve the slow backspace issue.

VirtualBox

How to install VM Guests

$ apt install bzip2 tar gcc make perl
$ ./VBoxLinuxAdditions.run
$ rcvboxadd setup
$ rcvboxadd reload
$ reboot

Dante

Install Dante

$ sudo apt update
$ sudo apt install dante-server
$  danted -v
$  sudo mv /etc/danted.conf /etc/danted.conf.bak
$  sudo vim /etc/danted.conf

logoutput: /var/log/socks.log
internal: eth0 port = 3128
external: eth0
clientmethod: none
socksmethod: username
user.privileged: root
user.notprivileged: nobody
client pass {
        from: 0.0.0.0/0 to: 0.0.0.0/0
        log: error connect disconnect
}
client block {
        from: 0.0.0.0/0 to: 0.0.0.0/0
        log: connect error
}
socks pass {
        from: 0.0.0.0/0 to: 0.0.0.0/0
        command: bind connect udpassociate
        log: error connect disconnect
        socksmethod: username
}
socks block {
        from: 0.0.0.0/0 to: 0.0.0.0/0
        log: connect error
}

$ sudo vim /lib/systemd/system/danted.service

[Unit]
Description=SOCKS (v4 and v5) proxy daemon (danted)
Documentation=man:danted(8) man:danted.conf(5)
After=network.target
[Service]
Type=simple
PIDFile=/run/danted.pid
ExecStart=/usr/sbin/danted
ExecStartPre=/bin/sh -c ' \
        uid=`sed -n -e "s/[[:space:]]//g" -e "s/#.*//" -e "/^user\\.privileged/{s/[^:]*://p;q;}" /etc/danted.conf`; \
        if [ -n "$uid" ]; then \
                touch /var/run/danted.pid; \
                chown $uid /var/run/danted.pid; \
        fi \
        '
PrivateTmp=yes
InaccessibleDirectories=/boot /home /media /mnt /opt /root
ReadOnlyDirectories=/bin /etc /lib -/lib64 /sbin /usr /var
DeviceAllow=/dev/null rw
ReadWriteDirectories=/var/log
[Install]
WantedBy=multi-user.target

$ systemctl daemon-reload
$ sudo systemctl status danted

$ sudo systemctl restart danted

Check Port

$ apt install net-tools

$ netstat -an | grep 3128

Log

$ less /var/log/socks.log
$ cat  /etc/danted.conf

Create User

$ sudo useradd -r -s /bin/false dante

$ passwd dante

Check public IP address

$ curl ipinfo.io/ip
$ curl icanhazip.com
$ curl -4 icanhazip.com
$ curl ifconfig.me
$ curl api.ipify.org
$ curl bot.whatismyipaddress.com
$ curl ipecho.net/plain

Check public IP address via Proxy

$ curl -v -x socks5://dante:password@server_ip:3128 ipinfo.io/ip

Maven

Configure settings.xml

$ cat ~/.m2/settings.xml

<?xml version="1.0" encoding="UTF-8"?>
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
<servers>
<server>
<id>...</id>
<username>...</username>
<password>...</password>
</server>
<server>
<id>...</id>
<username>...</username>
<password>...</password>
</server>
</servers>
</settings>

Setup path

$ cat .profile | tail
...
export MAVEN_PATH=/home/user/BUILD_ENV/MAVEN/LATEST
export PATH=${PATH}:${MAVEN_PATH}/bin

JKS

Show content

$ keytool -v -list -keystore test.jks

Generate aes key

$ keytool -genseckey -alias aes-key-1 -keyalg aes -keysize 128 -storetype jceks -keystore ks.jks
$ keytool -genseckey -alias aes-key-2 -keyalg aes -keysize 128 -storetype pkcs12 -keystore ks.p12

Import the pkcs12 into jks

$ keytool -importkeystore -srckeystore aes-ks.p12 -destkeystore aes-ks.jks -srcstoretype pkcs12 -alias aes-key-2

Import jks into pkcs12

$ keytool -importkeystore -srckeystore aes-ks.jks -destkeystore aes-ks.p12 -srcstoretype jceks -alias aes-key-1

Delete key from keystore by alias

$ keytool -delete -alias aes-key-2 -keystore aes-ks.jks

DNS

Name request to a specific Domain Name Server

$ dig @8.8.8.8 www.google.com

Gradle

Installation

Download Gradle and extract it to /usr/gradle/

Configuration

Set PATH to extracted archive

$ vim ~/.profile

export GRADLE_PATH=/usr/gradle/7.x
export PATH=${PATH}:${GRADLE_PATH}/bin

$ source ~/.profile

Build

$ ./gradlew build -x test

Clean

$ ./gradlew clean --quiet

Idea

 1. Download archive with Idea from official website.

2. Copy it to special folder

    $ sudo mkdir /usr/idea

    $ sudo cp ~/Downloads/ideaIC-2023.3.4.tar.gz /usr/idea

    $ rm ~/Downloads/ideaIC-2023.3.4.tar.gz

3. Unpack the archive

    $ cd /usr/idea

    $ sudo tar xvfz ideaIC-2023.3.4.tar.gz

    $ sudo rm ideaIC-2023.3.4.tar.gz

4. Add environment variable

    $ vim ~/.profile

    export IDEA_HOME=/usr/idea/idea-IC-233.14475.28

    export PATH=${PATH}:${IDEA_HOME}/bin

5. Apply changes

    $ source ~/.profile

6. Start Idea

     $ idea.sh

7. Create Desktop Entry

Settings (gear) > Create Desktop Entry...

Foundation DB

Installation

$ sudo dpkg -i foundationdb-clients_*.deb foundationdb-server_*.deb

Check connection to DB

$ fdbcli

Using cluster file `/etc/foundationdb/fdb.cluster'.

The database is available.

Welcome to the fdbcli. For help, type `help'.

fdb>

Configure TLS for server side

Up to root privs

$ sudo su

Edit fdb.cluster file

$ vim /etc/foundationdb/fdb.cluster

<some symbols>:<some symbols>@127.0.0.1:4500:tls

Check connection to DB by TLS

$ fdbcli

ERROR: fdbcli is not configured with TLS, but all of the coordinators have TLS addresses.

Generate certs

$ cd ~

$ openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout private.key -out cert.crt

$ cat cert.crt private.key > fdb.pem

Copy certs to FDB dir

$ sudo cp * /etc/foundationdb/

$ chmod +r /etc/foundationdb/private.key

Edit FDB conf

$ sudo vim  /etc/foundationdb/foundationdb.conf

...
[fdbserver.4500]
Public - address = 127.0.0.1:4500: TLS
listen-address = public
tls_certificate_file = /etc/foundationdb/fdb.pem
tls_ca_file = /etc/foundationdb/cert.crt
tls_key_file = /etc/foundationdb/private.key
tls_verify_peers= Check.Valid=0
...

Configure TLS for client side

Check connection by TLS

$ fdbcli -C /etc/foundationdb/fdb.cluster --tls_certificate_file /etc/foundationdb/cert.crt --tls_ca_file /etc/foundationdb/cert.crt --tls_verify_peers "Check.Valid=0" --tls-key-file /etc/foundationdb/private.key

Using cluster file `/etc/foundationdb/fdb.cluster'.

The database is available.

Welcome to the fdbcli. For help, type `help'.

fdb>

Configure ENV variables for client side

$ export FDB_TLS_CERTIFICATE_FILE=/etc/foundationdb/cert.crt
$ export FDB_TLS_CA_FILE=/etc/foundationdb/cert.crt
$ export FDB_TLS_KEY_FILE=/etc/foundationdb/private.key
$ export FDB_TLS_VERIFY_PEERS=Check.Valid=0

Check connection by TLS

$ fdbcli

Using cluster file `/etc/foundationdb/fdb.cluster'.

The database is available.

Welcome to the fdbcli. For help, type `help'.

fdb>

Testing Tool Kit

Testfully

Installation

Download app

Link to official site - https://docs.testfully.io/docs/download/

Install

$ sudo tar -xvz -f testfully_1.69.0_amd64.AppImage.tar.gz
$ sudo mkdir /opt/testfully
$ sudo mv testfully_1.69.0_amd64.AppImage /opt/testfully

Create shortcut

$ cd /usr/share/applications/
$ sudo touch Testfully.desktop && sudo vim Testfully.desktop

[Desktop Entry]
Encoding=UTF-8
Name=Testfully
Exec=/opt/testfully/testfully_1.69.0_amd64.AppImage
Terminal=false
Type=Application
Categories=Development

Configuration

Import collection

Plus - Import or Export

Kafka

Show all topics via Kafka:

./bin/kafka-topics.sh --bootstrap-server=localhost:9092 --list

Show all topics via Zoo:

./bin/kafka-topics.sh --zookeeper localhost:2181 --list

Show details of specific topic:

./bin/kafka-topics.sh --bootstrap-server=localhost:9092 --describe --topic <topic name>

VNC

Install VNC server

$ sudo apt-get install tightvncserver -y

Create display

$ vncserver -geometry 1920x1080

5901 - display 1

5902 - display 2

Check port

$ netstat -an | grep 5901

Kill display

$ vncserver -kill :1

Sublime

Pretty JSON

Installation

CMD + SHIFT + P > Install package > Search for Pretty JSON and install

Usage

Format data:

- CMD + CTRL + J (OSX)

- CTRL + ALT + J (Windows/Linux)

VSCODE

On Windows:    Shift + Alt + F  
On Mac:        Shift + Option + F  
On Linux:      Ctrl + Shift + I  

Red Hat Linux

Set new time:

$ timedatectl set-time HH:MM:SS

Disable ntp:

$ timedatectl set-ntp 0

Astra Linux

Set new password for user:

$ yes 12345678 | passwd user

Change locale to us:

$ ?

OpenVAS

$ sudo apt update

$ sudo apt install openvas

$ sudo gvm-setup

$ sudo gvm-start

Open web UI: http://localhost:9392

Add "Target" (hosts)

Check "Scan Configs"

Create new "Task"

Check results and report

Windows

How to manage services via cmd?

> sc \\comp-name config AVP start=demand

> sc \\comp-name config AVP start=disabled

> sc \\comp-name config AVP start=auto

How to escalade priv up to system?

1. Download and extract pack from Mark Russinovich

2. Run cmd from administrator

3. > psexec.exe -i -s cmd.exe

4. > whoami

5. > procexp64.exe

6. Find service with system priv

7. Open properties and permissions

8. Add user permissions for the current service

9. Go to the services and edit settings for service 

Where is the hosts file?

C:\Windows\System32\drivers\etc\hosts

VirtualBox

How to increase the hard disk size?

- shutdown VM

- add VirtualBox path to the PATH env. variable via computer properties

C:\Program Files\Oracle\VirtualBox

- open the cmd and go to the hard disk location

- modify disk

> VBoxManage modifyhd YOUR_HARD_DISK.vdi --resize SIZE_IN_MB

How to add shared folder?

- add folder via gui

- add current user to vbox group

$ sudo adduser $USER vboxsf

- logout

Disk

How to check HDD/SSD/USB disk?

Windows

Victoria ( hdd[dot]by/victoria )

MiniTool Partition Wizard ( partitionwizard[dot]com )

Linux

...

Mac OS X

...

Linux

How to create a systemd service?

Application:

$ cat myapp.sh

#!/usr/bin/bash

echo "I'm a test app" > /tmp/test.file

Service:

$ cat /etc/systemd/system/myapp.service

...

After=network.target

After=mysqld.service

Restart=on-failure

RestartSec=1

Start the service:

$ sudo systemctl start myapp

Start on boot:

$ sudo systemctl enable myapp

How to disable beep speaker?

# temporary

$ sudo rmmod pcspkr

# permanently

$ sudo gedit /etc/modprobe.d/blacklist

    blacklist pcspkr

$ reboot

SSH by key

$ ssh-keygen -t ed25519 -C "new"

$ cat ~/.ssh/config

Host x.x.x.x

  HostName x.x.x.x

  IdentityFile ~/.ssh/new

  IdentitiesOnly yes

  User root

  Port 22

$ ssh x.x.x.x

CentOS

How to get details about OS version?

$ cat /etc/os-release

$ cat /etc/centos-release

$ uname -a

HowTo Mac

How to fix a problem with russian characters in console?

Temporary solution: 

$ export LC_ALL=ru_RU.UTF-8
$ export LANG=ru_RU.UTF-8

Permanent solution:

Add env variables to the end of this file: ~/.bash_profile

$ source ~/.bash_profile

HowTo Install SonarQube

Target OS is Cent OS 7.

Step 1. Install Java

Download RPM Linux x64 RPM Package from oracle.com - jdk-11.0.11_linux-x64_bin.rpm

$ sudo yum -y localinstall jdk-11.0.11_linux-x64_bin.rpm
$ java -version

java version "11.0.11" 2021-04-20 LTS

Java(TM) SE Runtime Environment 18.9 (build 11.0.11+9-LTS-194)

Java HotSpot(TM) 64-Bit Server VM 18.9 (build 11.0.11+9-LTS-194, mixed mode)

Step 2. Install and configure PostgreSQL

Add repository:

$ sudo rpm -Uvh https://download.postgresql.org/pub/repos/yum/9.6/redhat/rhel-7-x86_64/pgdg-centos96-9.6-3.noarch.rpm

Install DB:

$ sudo yum -y install postgresql96-server postgresql96-contrib

Initialize DB:

$ sudo /usr/pgsql-9.6/bin/postgresql96-setup initdb

Java

1. Download archive with JDK from oracle website.

2. Copy it to special folder

    $ sudo mkdir /usr/java

    $ sudo cp ~/Downloads/jdk-8u281-linux-x64.tar.gz /usr/java

    $ rm ~/Downloads/jdk-8u281-linux-x64.tar.gz

3. Unpack the archive

    $ cd /usr/java

    $ sudo tar xvfz jdk-8u281-linux-x64.tar.gz

    $ sudo rm jdk-8u281-linux-x64.tar.gz

4. Add environment variable

    $ vim ~/.profile

    export JAVA_HOME=/usr/java/jdk1.8.0_281

    export PATH=${PATH}:${JAVA_HOME}/bin

5. Apply changes

    $ source ~/.profile

6. Check JAVA version

     $ java -version

java version "1.8.0_281"

Java(TM) SE Runtime Environment (build 1.8.0_281-b09)

Java HotSpot(TM) 64-Bit Server VM (build 25.281-b09, mixed mode)

HowTo PyCharm

How to add environment variable?

Run - Edit Configurations - Environment variables

Read it from code:import os
RT_USER = os.environ["rt_user"]

How to install python package?

Settings - Project - Python Interpreter

HowTo Samba

$ sudo apt-get install samba samba-common-bin

$ sudo vim /etc/samba/smb.conf

[samba]

path = /media/2tb 

writeable=Yes 

create mask=0777 

directory mask=0777 

public=no

$ sudo smbpasswd -a pi

$ sudo systemctl restart smbd

How to mount it in Windows:

“Computer” -> “Map network drive”

Disk: Z
Path: \\raspberrypi\samba

How to mount it in Mac OS X:

???

Vim

Copy, Cut, Paste

Press v to select characters, or uppercase V to select whole lines
Move the cursor to the end of what you want to cut.
Press d to cut (or y to copy).
Move to where you would like to paste.
Press P to paste before the cursor, or p to paste after.

Burp Suite

How to configure correct russian language in response?

User options - Character Sets - Use a specific character set - CESU-8

How to configure a mitm proxy? 

В настройках браузера установить proxy на 127.0.0.1:8080. В настройках Burp включить proxy: Proxy -> Options -> галочка напротив 127.0.0.1:8080.

Если приложение работает по https, то еще необходимо импортировать сертификат в бразуер.

Сдедать export сертификата из Burp (Proxy -> Options -> Export CA)

Сделать import сертификата в браузер.

Выключить прерывание запросов в Burp: Proxy -> Intercept is off.

На этом этапе веб-приложение должно успешно работать в браузере.

Далее все запросы из браузера будут видны во вкладке Proxy -> HTTP History. Там можно смотреть и реквесты и респонсы.

Для того, чтобы выполнить модифкацию запроса нужно кликнуть по нему правой кнопкой и выбрать "Send to repeater". Перейти во вкладку Repeater и там можно изменять запрос и отправлять его много раз.

HowTo FAR

####################

F3 - View file

F4 - Edit file

F5 - Copy file / folder

F6 - Move file / folder

F7 - Create new folder

F8 - Delete file / folder (via recycle bin)

####################

Shif­t + F4 - Create file

Shif­t + F6 - Rename file / folder

Shift + Delete - Delete file / folder (without recycle bin)

####################

Alt + F1 - Change drive ( left side)

Alt + F2 - Change drive ( right side)

Alt + F11 - Display view and edit history

Alt + ­F12 - Display folder history

####################

Ctrl + O - Hide/show both panels ( show cmd )

Ctrl + \ - Go to the root folder

Ctrl + Enter - Insert file name to cmd

How to disable lenovo update notifications

 Open Regedit:

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Lenovo\System Update\Preferences\UserSettings\Scheduler

Set "Frequency" to "No"

How to decrypt oracle password

SQL Developer:

%APPDATA%\SQL Developer\system*\o.jdeveloper.db.connection*\connections.xml

<StringRefAddr addrType="password">
<Contents>F35q3vdbVrI=</Contents>
</StringRefAddr>

%APPDATA%\SQL Developer\system*\o.sqldeveloper*\product-preferences.xml

<value n="db.system.id" v="3e8efb59-8a5a-4c13-b1d5-ff64f987787f"/>

$ java Decrypt_V4 F35q3vdbVrI= 3e8efb59-8a5a-4c13-b1d5-ff64f987787f

https://github.com/ReneNyffenegger/Oracle-SQL-developer-password-decryptor

$ python sqldeveloperpassworddecryptor.py -d 3e8efb59-8a5a-4c13-b1d5-ff64f987787f -p F35q3vdbVrI=

https://github.com/maaaaz/sqldeveloperpassworddecryptor

++++++++++++++++++

In Oracle 10g and all previous versions, the password is not encrypted at all. It is simply a DES hash that is salted with the username, both of which can be found quite easily in the DBA_USERS view.


In Oracle 11g, if backwards compatibility is not necessary, SHA-1 is used exclusively, uses an unlisted salt, and is a much harder nut to crack.


Question: I need to understand the importance of the spare4 column of the user$ table. This is not documented in Oracle but I understand that spare4 can be used to compromise Oracle passwords. Can you shed some light on the spare4 column?

Answer: Starting in Oracle 11g, the Oracle the hash password is no longer stored in DBA_USERS. Instead, the hash password is stored inside the SYS.USER$ table in the column "password" and "spare4″.

If your password_versions is 11g only then you will need to look in the sys.user$ spare4 column and you will see a much larger hex number. This is because Oracle has switched to the SHA-1 algorithm.

This means that there are different ways password can be set depending on whether "password" and "spare4″ are set in SYS.USER$.

This new SHA-1 algorithm is more secure than the old, and unlike the 10g and lower hashing does not appear to use the username to generate the hash instead a new salt value is added which is stored in the last 20 characters of the SPARE4 hash. It is possible the salt is somehow derived from the username but Oracle has not documented this feature for obvious reasons.


++++++++++++++++

Oracle Password Algorithm (7-10g Rel.2)

Up to 30 characters long. All characters will be converted to uppercase before the hashing starts
8-byte hash, encrypted with a DES encryption algorithm without real salt (just the username).
The algorithm can be found in the book "Special Ops Host And Network Security For Microsoft, Unix, And Oracle" on page 727.

Oracle database 11g offers the (optional) possibility to use passwords up to 30 characters (uppercase/lowercase). In Oracle 11g the passwords are now hashed with DES (column: password) AND using SHA-1 (column: spare4). The SHA-1 passwords are now supporting mixed-case passwords. In 11g the password hashes are no longer available in dba_users.

Oracle (7-10g R2) encrypts the concatenation of (username||password)
and sys/temp1 and system/p1 have the identical hashkey (2E1168309B5B9B7A)
Oracle (11g R1) uses SHA-1 to hash the concatenation of (password||salt)


Location of Oracle password hashes


Database - SYS.USER$ - Password
Oracle Password File
Data File of the system tablespace
(full) Export-Files
archive logs


Show Oracle password hashkey (old DES hash)

You should always select database users from the table not from the views (ALL_USERS, DBA_USERS). An explanation (modification of database views via rootkits) can be found here.


DBA_USERS : SELECT username, password FROM DBA_USERS;
SYS.USER$ : SELECT name,password FROM SYS.USER$ WHERE password is not null;


Show Oracle password hashkey (11g, new SHA-1 hash)

In 11g the password hash is no longer accessible via dba_users


SYS.USER$ : SELECT name,spare4 FROM SYS.USER$ WHERE password is not null;


How to change an Oracle password temporarily?

In Oracle it is possible to change a password temporarily. This can be useful for DBA which act as a different user.

SQL> select username,password from dba_users where username='SCOTT';

USERNAME PASSWORD
-------- ----------------
SCOTT F894844C34402B67

SQL> alter user scott identified by mypassword;


Now login with the following credentials: scott/tiger
After doing your work you can change the password back by using an undocumented feature called "by values"

SQL> alter user scott identified by values 'F894844C34402B67';






Q: How are Oracle passwords encrypted?


A: Oracle passwords are encrypted using the Data Encryption Standard (DES) algorithm to create eight-byte hashes stored in the table SYS.USER$.To create the hash, the username and the password are appended together and broken up into eight-byte pieces.The first eight bytes of the username/password are used as a key to DES encrypt the magic number 0x0123456789ABCDEF.The resulting eight bytes are then encrypted with the next eight bytes of the username/password, resulting in a new eight-byte value.This process is repeated until the entire username/password has been used. One interesting characteristic to note is the “salt” used to create the hash. The salt is actually the username.This adds some additional security in that different users with the same passwords will have different hashes. However, it falls short of a true salt in that the same password will always hash to the same value when used by the same user.

HowTo Unix Tools

find and grep

Linux:

$ find / -name jre 2>&1 | grep -v "Permission denied"

$ find / -name jre 2>/dev/null

Solaris:

$ find ./ -type f -exec grep "foo" {} +

$ find ./ -name "name of file" -type f -exec grep "sign of parameter" {} + | grep -v "ignore me"

openssl

Export cert from keystore

$ openssl pkcs12 -in keystore.p12 -out cert.pem -nodes

Show cert details

$ openssl x509 -in cert.pem -text -noout

Export public key from cert

$ openssl x509 -pubkey -noout -in cert.crt > pubkey.pem

Export private key from keystore in pem format

$ openssl pkcs12 -in keystore.p12 -nocerts -nodes -out key.pem

Convert key from pem to der format 

$ openssl rsa -pubin -inform PEM -in pubkey.pem -outform DER -out pubkey.der

$ openssl rsa -pubin -inform PEM -in key.pem -outform DER -out key.der

Decrypt private key

$ openssl rsa -in key.pem -out private.key

Calculate Shake256 hash

$ cat public.key | openssl shake256

nc

listen tcp port:

$ nc -lv <port>

telnet

connect to tcp port:

$ telnet <ip> <port>

finish connect:

Ctrl + ] - go to cmd

telnet> close - close the connection

touch

$ touch -a -m -t 202108180130.09 <file name>

networking

show
$ netstat -rn

show default gw

$ ip route

delete
$ sudo route delete default gw 192.168.88.1 eth1

curl

send post request

$ curl -H "Content-Type: application/json" --data @body.json http://localhost:8080/ui/webapp/conf

send GET request

$ curl http://localhost:8080/ui/webapp/conf

tar

Extract

$ tar -xvzf image.tar.gz

Create

$ tar -czvf image.tar.gz /path/to/dir

Show content

$ tar -ztvf image.tar.gz

dd

Add padding to file

$ dd if=/dev/zero bs=1 count=8 >> public.pad.key

sed

Replace A to B in file

$ cat input.file | sed 's/A/B/g' > output.file

keytool

Show contains

$ keytool -list -v -keystore keystore.jks

Convert keystore in JCEKS format to P12

$ keytool -importkeystore -srckeystore keystore.jks -destkeystore keystore.p12 -srcstoretype jceks -alias mycert

Import key/cert into jceks keystore from other

$ keytool -importkeystore -srckeystore source.jks -destkeystore keystore.jceks -srcstoretype jceks -alias mycert

Change password for key in keystore:

$ keytool -keypasswd -alias mycert -keystore keystore.jks

Delete alias from keystore:

$ keytool -delete -alias mycert -keystore keystore.jks

How to add a Shared Folder in VirtualBox

$ lsb_release -a

No LSB modules are available.

Distributor ID: Ubuntu

Description: Ubuntu 18.04.2 LTS

Release: 18.04

Codename: bionic

$ uname -a

Linux ubuntu-vm 4.18.0-25-generic #26~18.04.1-Ubuntu SMP Thu Jun 27 07:28:31 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux

Devices > Shared Folders > Settings

Add the Path, Name and enable "Auto-mount" and "Make permanent" options.

Finally add your user to the group vboxsf:

$ sudo usermod -G vboxsf -a <my_user_name>

Logout and back again or reboot the machine.

---

If you plugged in the drive (shared folder) after loading OS you can restart vbox service:

$ sudo systemctl restart vboxadd-service.service

How to build MKVToolNix from SC

$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 18.04.2 LTS
Release: 18.04
Codename: bionic

$ uname -a
Linux ubuntu-vm 4.18.0-25-generic #26~18.04.1-Ubuntu SMP Thu Jun 27 07:28:31 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux

$ mkdir mkv
$ cd mkv/
$ git clone https://gitlab.com/mbunkus/mkvtoolnix.git
$ cd mkvtoolnix/
$ sudo apt install autoconf
$ sudo apt install rake
$ cd ..
$ git clone https://github.com/Matroska-Org/libebml.git
$ git clone https://github.com/Matroska-Org/libmatroska.git
$ cd libebml/
$ mkdir build
$ cd build/
$ sudo apt install cmake
$ sudo apt install gcc
$ sudo apt install g++
$ cmake ..
$ make
$ sudo make install
$ cd ..
$ cd libmatroska/
$ mkdir build
$ cd build/
$ cmake ..
$ make
$ sudo make install
$ cd ..
$ cd mkvtoolnix/
$ ./autogen.sh
$ sudo apt install libogg-dev
$ sudo apt install libvorbis-dev
$ rake
$ git submodule init
$ git submodule update
$ sudo apt install zlib1g-dev
$ sudo apt install libboost1.65-all-dev
$ sudo apt install docbook-xsl
$ sudo apt install libxslt-dev
$ sudo apt install libxml2-dev
$ sudo apt install libxslt1-dev
$ sudo apt install libxml2
$ sudo apt autoremove
$ sudo apt install xsltproc
$ ./configure
$ rake
$ sudo rake install
$ mkvmerge -h
$ mkvextract -h
$ mkvinfo -h
$ mkvpropedit -h

Raspberry Pi

First start with raspberry!

1. Download Raspberry Pi OS Lite image

Official site: https://www.raspberrypi.org/software/operating-systems/

2. Copy image to SD card

 

- Raspberry Pi Imager - https://www.raspberrypi.org/software/

- balenaEtcher - https://www.balena.io/etcher/

3. First connection

login: pi
password: raspberry

4. Enable SSH

$ sudo update-rc.d ssh defaults
$ sudo su
$ systemctl enable ssh.socket
$ exit
$ sudo reboot

5. Update repositories

$ sudo apt-get update

6. Change keyboard layout

$ sudo raspi-config

Localization Options
    Change Keyboard Layout
        Choose your keyboard or one of the generics
            English (US)

$ sudo reboot

7. Configure wireless network

Fine your AP

$ sudo iwlist wlan1 scan | grep ESSID

Add info about access point to config file

$ vim /etc/wpa_supplicant/wpa_supplicant.conf

network={
  ssid="bla-bla-bla"
  psk="secret password"
}

Set IP address

$ sudo vim /etc/network/interfaces

allow-hotplug wlan0
iface wlan0 inet static
address 192.168.88.8
netmask 255.255.255.0
gateway 192.168.88.1
wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf

Set country for Wi-Fi (to activate 5Ghz)

via terminal:

$ sudo iw reg get
$ sudo iw reg set US

via raspi-config
$ sudo raspi-config
Localisation Options
  Change Wi-fi Country
    US United States
      OK
        Finish.

8. Install KODI

sudo apt-get install kodi

9. Install torrent client

$ sudo apt-get install transmission-daemon

qbit is better

7. Install vim

$ sudo apt-get install vim

8. Настройка Locale

$ sudo dpkg-reconfigure locales
en_US.UTF-8 UTF-8
ru_RU.UTF-8 UTF-8

In iTerm disable the checkbox "Preferences>Profiles>Default>Advanced>International>Set locale variables automatically on startup"

9. Connect remote usb drive

Identify The Devices Unique ID:
$ cat /var/log/messages | tail
$ sudo fdisk -l /dev/sda
$ ls -l /dev/disk/by-uuid/ | grep sda1

Auto Mount Configure:
$ sudo vim /etc/fstab

UUID=63AB615E7F0C41A6 /media/2tb ntfs-3g auto,nofail,noatime,users,rw,uid=pi,gid=pi 0 0

UUID=66f72624-fda3-0bf6-41f1-1e0d4b1df6b0 /media/4tb ext4 rw,suid,dev,exec,auto,users,nofail 0 0

$ sudo mkdir /media/2tb
$ sudo chown -R pi:pi /media/usb

# for ext4 uid parameters are unavailable. Root permissions will be changed automatically to User permission after mounting.

$ sudo mkdir /media/4tb

$ reboot

10. Настройка transmission

$ sudo systemctl stop transmission-daemon

$ sudo vim /etc/transmission-daemon/settings.json
"upload-limit": 300,
    "upload-limit-enabled": 1,
    "download-dir": "/media/usb/Downloads",
    "download-limit": 1000,
    "download-limit-enabled": 1
"rpc-whitelist": "127.0.0.1,<your-ip>"

$ sudo systemctl start transmission-daemon

11. Подключение к transmission (transmission - transmission)

http://<raspberry-ip>:9091/transmission

########################################

Problem 1: Cannot open access to console, the root account is locked.

1. Mount SD card to windows machine
2. Edit cmdline.txt
    Add to the end of file: init=/bin/bash
3. Start Raspberry Pi
4. Remount root partition to RW:
    $ mount -o remount,rw /dev/mmcblk0p2 /

5. Fix fstab file
    $ vim /etc/fstab

6. Mount SD card to windows machine and remove latest changes in cmdline.txt

7. Start Raspberry Pi

- How to install new locale?

$ sudo vim /etc/locale.gen

uncomment ru_RU.UTF-8, en_US.UTF-8

$ sudo locale-gen ru_RU.UTF-8
$ sudo locale-gen en_US.UTF-8

$ sudo update-locale en_US.UTF-8

#####

Git

Configuration

Setup name and email

$ git config --global user.name "Ivan Ivanov"
$ git config --global user.email ivanov@example.com

Show current settings

$ git config --list

Disable cert verify (permanently)

$ git config --global http.sslVerify false

Generate key

# RSA (Rivest–Shamir–Adleman)

$ ssh-keygen -b 2048 -t rsa

# EdDSA (Edwards-curve Digital Signature Algorithm)

$ ssh-keygen -t ed25519 -C "rokshd@example.org"

Copy key pair to ~/.ssh/

Add key to Git Bash (windows)

Add path to key to config C:\Program Files\Git\etc\ssh\ssh_config

    IdentityFile ~/.ssh/your-ssh-private-key

Basic workflow

Create local repo

$ git init

Download source code from remote repository

$ git clone https://path/to/the/repository.git

Push to remote repositiry

$ git remote add origin git@github.com:path/to/the/repository.git
$ git push -u origin master

Disable cert verify (temporary)

$ git -c http.sslVerify=false clone https://path/to/the/repository.git

Show current branch name

$ git branch

Show names for all branches 

$ git branch -a

Switch to the specific branch

$ git checkout test-branch

Create new branch and switch to it

$ git checkout -b new-branch

Show all commits for the current branch

$ git log
$ git log --graph

Move to the specific commit in the current branch

$ git reset --hard f9de5034ed4f6c1174137d06c85bad637c5c5890

Remove the specific branch

$ git branch -d test_branch

Выполнить слияние какой-либо ветки с текущей веткой

$ git merge master

Просмотр изменений по отношению к последнему коммиту:

$ git status

Добавить файлы, которые были изменены:

$ git add .

Add only the modified and deleted files (without untracked)

$ git add -u

Удалить файлы из отслеживаемых:

$ git rm -r --cached .idea/misc.xml

Создать коммит:

$ git commit -m "Commit description"

Добавить внешний репозиторий:

$ git remote add origin https://github.com/rokshd/test_app

Залить последние изменения на внешний репозиторий:

$ git push origin master
$ git push -u origin master (след. раз можно git push для данной ветки)
$ git push

Слить последние изменения из репозитория для указанной ветки:

$ git pull origin test-branch

$ git pull

Отменить изменения для конкретного файла:

$ git checkout db/migrate/20170224101945_create_answers.rb

$ git stash list

$ git stash apply

$ git pull

To unstage a specific file

$ git reset <file>

REBASE

After committing changes to your branch, checkout master and pull it to get its latest changes from the repo

$ git checkout master
$ git pull origin master

Then checkout your branch and rebase your changes on master

$ git checkout RB
$ git rebase master... 

or last two commands in one line:

$ git rebase master RB