initial commit. basic scripts
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/ait/poc/misc/benchmark.bash Sat May 04 12:03:46 2013 -0400
1.3 @@ -0,0 +1,7 @@
1.4 +#!/bin/bash
1.5 +START=$(date +%s)
1.6 +$1
1.7 +END=$(date +%s)
1.8 +DIFF=$(( $END - $START))
1.9 +echo "it took $DIFF seconds"
1.10 +
2.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
2.2 +++ b/ait/poc/nfs/exports Sat May 04 12:03:46 2013 -0400
2.3 @@ -0,0 +1,2 @@
2.4 +/export 10.137.2.9/24(rw,fsid=0,insecure,no_subtree_check,async)
2.5 +/export/user 10.137.2.9/24(rw,nohide,insecure,no_subtree_check,async)
3.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
3.2 +++ b/ait/poc/nfs/hosts.allow Sat May 04 12:03:46 2013 -0400
3.3 @@ -0,0 +1,11 @@
3.4 +#
3.5 +# hosts.allow This file contains access rules which are used to
3.6 +# allow or deny connections to network services that
3.7 +# either use the tcp_wrappers library or that have been
3.8 +# started through a tcp_wrappers-enabled xinetd.
3.9 +#
3.10 +# See 'man 5 hosts_options' and 'man 5 hosts_access'
3.11 +# for information on rule syntax.
3.12 +# See 'man tcpd' for information on tcp_wrappers
3.13 +#
3.14 +rcpbind mountd nfsd statd lockd rquotad : 10.137.2.9
4.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
4.2 +++ b/ait/poc/nfs/nfs_history_scanner Sat May 04 12:03:46 2013 -0400
4.3 @@ -0,0 +1,231 @@
4.4 + 1 top
4.5 + 2 gpk-update-viewer
4.6 + 3 top
4.7 + 4 :q
4.8 + 5 top
4.9 + 6 yum update
4.10 + 7 sudo yum update
4.11 + 8 sudo yum install clamav-scanner
4.12 + 9 sudo yum install clamav-update
4.13 + 10 freshclam
4.14 + 11 vim /etc/freshclam.conf
4.15 + 12 vim /etc/freshclam.conf sud
4.16 + 13 sudo vim /etc/freshclam.conf
4.17 + 14 freshclam
4.18 + 15 sudo freshclam
4.19 + 16 ls
4.20 + 17 exit
4.21 + 18 sudo yum install clamav
4.22 + 19 sudo freshclam
4.23 + 20 clamav
4.24 + 21 clamscan
4.25 + 22 freshclam
4.26 + 23 sudo freshclam
4.27 + 24 ls /mnt/
4.28 + 25 ls /mnt/removable/
4.29 + 26 yum update
4.30 + 27 sudo yum update
4.31 + 28 ifconfig
4.32 + 29 ifconfig eth0 down
4.33 + 30 sudo ifconfig eth0 down
4.34 + 31 sudo ifconfig eth0 up
4.35 + 32 ifconfig
4.36 + 33 sudo yum update
4.37 + 34 ping opengl.org
4.38 + 35 sudo yum search nfs
4.39 + 36 sudo yum help
4.40 + 37 sudo yum check-update
4.41 + 38 ps -ax | grep yum
4.42 + 39 kill 943
4.43 + 40 sudo kill 943
4.44 + 41 sudo yum check-update
4.45 + 42 ps -ax | grep yum
4.46 + 43 kill -9 943
4.47 + 44 sudo kill -9 943
4.48 + 45 sudo kill -9 949
4.49 + 46 sudo kill -9 942
4.50 + 47 ps -ax | grep yum
4.51 + 48 sudo yum check-update
4.52 + 49 sudo yum search nfs
4.53 + 50 sudo yum install nfs-utils
4.54 + 51 sudo yum install nfsserver
4.55 + 52 sudo yum install nfs-server
4.56 + 53 sudo yum search all nfs
4.57 + 54 sudo yum install nfs-utils.x86_64
4.58 + 55 dmesg -H
4.59 + 56 vim /etc/profile.d/colorls.sh
4.60 + 57 sudo vim /etc/profile.d/dmesg-h.sh
4.61 + 58 vim /etc/profile.d/colorls.sh
4.62 + 59 ls -la /etc/profile.d/colorls.sh
4.63 + 60 ls -la /etc/profile.d/dmesg-h.sh
4.64 + 61 sudo exec /etc/profile.d/dmesg-h.sh
4.65 + 62 sudo exec -c /etc/profile.d/dmesg-h.sh
4.66 + 63 exec
4.67 + 64 exec --help
4.68 + 65 alias dmesg="dmesg --human"
4.69 + 66 dmesg
4.70 + 67 ls /etc/exports
4.71 + 68 cat /etc/exports
4.72 + 69 ls
4.73 + 70 mkdir Exports
4.74 + 71 ls
4.75 + 72 ifconfig
4.76 + 73 sudo vim /etc/exports
4.77 + 74 /etc/init.d/network restart
4.78 + 75 sudo /etc/init.d/network restart
4.79 + 76 exportfs -ra
4.80 + 77 sudo exportfs -ra
4.81 + 78 ls
4.82 + 79 echo "test text" > ./Exports/test.txt
4.83 + 80 ls
4.84 + 81 sudo cat /etc/exports
4.85 + 82 ifconfig
4.86 + 83 exportfs -ra
4.87 + 84 sudo exportfs -ra
4.88 + 85 sudo /etc/init.d/network restart
4.89 + 86 sudo exportfs -ra
4.90 + 87 ifconfig
4.91 + 88 sudo cat /etc/exports
4.92 + 89 sudo vim /etc/exports
4.93 + 90 sudo exportfs -ra
4.94 + 91 ifconfig
4.95 + 92 iptables -I INPUT 5 -p tcp --dport 2049 -m state --state NEW -j ACCEPT
4.96 + 93 sudo iptables -I INPUT 5 -p tcp --dport 2049 -m state --state NEW -j ACCEPT
4.97 + 94 sudo iptables -I INPUT 5 -p tcp --dport 2049 -j ACCEPT
4.98 + 95 sudo iptables -I INPUT 5 -p udp --dport 2049 -j ACCEPT
4.99 + 96 iptables
4.100 + 97 iptables -l
4.101 + 98 iptables -h
4.102 + 99 ls /etc/init.d/
4.103 + 100 /etc/init.d/README
4.104 + 101 sudo /etc/init.d/README
4.105 + 102 sudo cat /etc/init.d/README
4.106 + 103 systemctl
4.107 + 104 systemctl | grep nfs
4.108 + 105 service nfs-server start
4.109 + 106 sudo service nfs-server start
4.110 + 107 exportfs -ra
4.111 + 108 sudo exportfs -ra
4.112 + 109 sudo vim /etc/exports
4.113 + 110 sudo exportfs -ra
4.114 + 111 sudo service nfs-server restart
4.115 + 112 cat /etc/hosts.allow
4.116 + 113 sudo vim /etc/hosts.allow
4.117 + 114 ls
4.118 + 115 chmod 777 Exports/
4.119 + 116 chmod 777 Exports
4.120 + 117 sudo service nfs-server restart
4.121 + 118 sudo exportfs -ra
4.122 + 119 sudo vim /etc/hosts.allow
4.123 + 120 sudo service nfs-server restart
4.124 + 121 sudo exportfs -ra
4.125 + 122 sudo vim /etc/exports
4.126 + 123 sudo exportfs -ra
4.127 + 124 mkdir -p /export/users
4.128 + 125 sudo mkdir -p /export/users
4.129 + 126 mv /export/users/ /export/user ; sudo mount --bind /home/user /export/user
4.130 + 127 sudo mv /export/users/ /export/user ; sudo mount --bind /home/user /export/user
4.131 + 128 ls /export/
4.132 + 129 sudo vim /etc/exports
4.133 + 130 sudo exportfs -ra
4.134 + 131 ifconfig
4.135 + 132 service nfs-kernel-server restart
4.136 + 133 sudo service nfs-kernel-server restart
4.137 + 134 sudo service nfs-server restart
4.138 + 135 sudo iptables -A INPUT -s 10.137.2.9 -d 10.137.2.16 111 -p 6 -j ACCEPT
4.139 + 136 sudo iptables -A INPUT -s 10.137.2.9 -d 0/0 111 -p 6 -j ACCEPT
4.140 + 137 sudo iptables -A INPUT -s 10.137.2.9 -d 0/0 --dport 111 -p 6 -j ACCEPT
4.141 + 138 sudo iptables -I INPUT 5 -p tcp --dport 111 -j ACCEPT
4.142 + 139 history | grep iptables
4.143 + 140 sudo iptables -I INPUT 5 -p udp --dport 111 -j ACCEPT
4.144 + 141 sudo iptables -I INPUT 5 -p udp --dport 32765:32768 -j ACCEPT
4.145 + 142 sudo iptables -I INPUT 5 -p tcp --dport 32765:32768 -j ACCEPT
4.146 + 143 service portmap restart
4.147 + 144 sudo service portmap restart
4.148 + 145 sudo service portmap.service restart
4.149 + 146* sudo service portmap start
4.150 + 147 statd -p 32765 -o 32766
4.151 + 148 sudo find / -name portmap*
4.152 + 149 portmap -d
4.153 + 150 sudo service nfs-server restart
4.154 + 151 service portmap restart
4.155 + 152 sudo service portmap restart
4.156 + 153 sudo yum search portmap
4.157 + 154 exportfs -a -v
4.158 + 155 sudo exportfs -a -v
4.159 + 156 iptabled -L -n
4.160 + 157 iptables -L -n
4.161 + 158 sudo iptables -L -n
4.162 + 159 sudo iptables -I INPUT 5 -s 10.137.2.9 -p tcp --dport 32765:32768 -j ACCEPT
4.163 + 160 sudo iptables -I INPUT 5 -s 10.137.2.9 -p udp --dport 32765:32768 -j ACCEPT
4.164 + 161 sudo iptables -I INPUT 5 -s 10.137.2.9 -p udp --dport 2049 -j ACCEPT
4.165 + 162 sudo iptables -I INPUT 5 -s 10.137.2.9 -p tcp --dport 2049 -j ACCEPT
4.166 + 163 sudo iptables -I INPUT 5 -s 10.137.2.9 -p tcp --dport 111 -j ACCEPT
4.167 + 164 sudo iptables -I INPUT 5 -s 10.137.2.9 -p udp --dport 111 -j ACCEPT
4.168 + 165 sudo iptables -I INPUT 5 -s 10.137.2.9 -d 10.137.2.16 -p tcp --dport 2049 -j ACCEPT
4.169 + 166 sudo iptables -I INPUT 5 -s 10.137.2.9 -d 10.137.2.16 -p udp --dport 2049 -j ACCEPT
4.170 + 167 ifconfig
4.171 + 168 sudo iptables -I INPUT 5 -s 10.137.2.9 -d 10.137.2.16 -p udp --dport 2049 -j ACCEPT
4.172 + 169 sudo iptables -I INPUT 5 -s 10.137.2.9 -d 10.137.2.16 -p tcp --dport 2049 -j ACCEPT
4.173 + 170 sudo iptables -L -n
4.174 + 171 sudo iptables -I INPUT 5 -s 10.137.2.9 -d 10.137.2.16 -p tcp --dport 20048 -j ACCEPT
4.175 + 172 sudo iptables -I INPUT 5 -s 10.137.2.9 -d 10.137.2.16 -p udp --dport 20048 -j ACCEPT
4.176 + 173 sudo iptables -L -n
4.177 + 174 uname
4.178 + 175 uname -a
4.179 + 176 host
4.180 + 177 host -l
4.181 + 178 sudo iptables -L -n
4.182 + 179 sudo iptables -D INPUT -s 10.137.2.9 -p udp --dport 111
4.183 + 180 sudo iptables -D INPUT -s 10.137.2.9 -d 0.0.0.0 -p udp --dport 111
4.184 + 181 sudo iptables -L -n
4.185 + 182 sudo iptables -D INPUT 10
4.186 + 183 sudo iptables -L -n
4.187 + 184 sudo iptables -D INPUT 10
4.188 + 185 sudo iptables -L -n
4.189 + 186 sudo iptables -D INPUT 10
4.190 + 187 sudo iptables -L -n
4.191 + 188 sudo iptables -D INPUT 10
4.192 + 189 sudo iptables -L -n
4.193 + 190 sudo iptables -D INPUT 9
4.194 + 191 sudo iptables -L -n
4.195 + 192 sudo iptables -A INPUT 8 -s 10.137.2.9 -p udp --dport 111
4.196 + 193 sudo iptables -A INPUT 7 -s 10.137.2.9 -p udp --dport 111
4.197 + 194 sudo iptables -A INPUT 5 -s 10.137.2.9 -p udp --dport 111
4.198 + 195 sudo iptables -I INPUT 8 -s 10.137.2.9 -p udp --dport 111
4.199 + 196 sudo iptables -L -n
4.200 + 197 sudo iptables -D INPUT 8
4.201 + 198 sudo iptables -L -n
4.202 + 199 sudo iptables -I INPUT 9 -s 10.137.2.9 -p udp --dport 111 -j ACCEPT
4.203 + 200 sudo iptables -L -n
4.204 + 201 /etc/init.d/network restart
4.205 + 202 sudo /etc/init.d/network restart
4.206 + 203 sudo iptables -L -n
4.207 + 204 sudo iptables -I INPUT 9 -s 10.137.2.9 -p tcp --dport 111 -j ACCEPT
4.208 + 205 sudo iptables -D INPUT 6
4.209 + 206 sudo iptables -L -n
4.210 + 207 sudo iptables -D INPUT 7
4.211 + 208 sudo iptables -L -n
4.212 + 209 sudo iptables -D INPUT 8
4.213 + 210 sudo iptables -L -n
4.214 + 211 sudo iptables -D INPUT 7
4.215 + 212 sudo iptables -I INPUT 7 -s 10.137.2.9 -p udp --dport 111 -j ACCEPT
4.216 + 213 sudo iptables -L -n
4.217 + 214 sudo iptables -I INPUT 7 -s 10.137.2.9 -p udp --dport 111 -j ACCEPT
4.218 + 215 sudo iptables -I INPUT 7 -s 10.137.2.9 -p tcp --dport 111 -j ACCEPT
4.219 + 216 sudo iptables -L -n
4.220 + 217 sudo iptables -D INPUT 8
4.221 + 218 sudo iptables -L -n
4.222 + 219 sudo iptables -D INPUT 7
4.223 + 220 sudo iptables -L -n
4.224 + 221 sudo iptables -I INPUT 7 -s 10.137.2.9 -d 10.137.2.16 -p tcp --dport 111 -j ACCEPT
4.225 + 222 sudo iptables -L -n
4.226 + 223 sudo iptables -I INPUT 7 -s 10.137.2.9 -d 10.137.2.16 -p udp --dport 111 -j ACCEPT
4.227 + 224 sudo iptables -L -n
4.228 + 225 sudo iptables -D INPUT 7
4.229 + 226 sudo iptables -L -n
4.230 + 227 sudo iptables -I INPUT 7 -s 10.137.2.9 -d 10.137.2.16 -p udp --dport 111 -j ACCEPT
4.231 + 228 sudo iptables -L -n
4.232 + 229 cat /etc/hosts.allow
4.233 + 230 sudo cat /etc/exports
4.234 + 231 history > ./nfs_history_scanner
5.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
5.2 +++ b/ait/poc/truecrypt/create_crypto_volume.sh Sat May 04 12:03:46 2013 -0400
5.3 @@ -0,0 +1,10 @@
5.4 +#!/bin/bash
5.5 +truecrypt -c $1 --password="" --volume-type=normal --filesystem=none --encryption=aes --size="33554432" --hash=SHA-512 --random-source=/dev/urandom -k "./key.txt" --non-interactive
5.6 +truecrypt --protect-hidden=no -k "./key.txt" --password="" --filesystem=none $1
5.7 +truecrypt -l
5.8 +sudo mkfs.ext3 /dev/mapper/truecrypt1
5.9 +truecrypt -d $1
5.10 +rm -rf ./encrypted
5.11 +mkdir ./encrypted
5.12 +truecrypt --protect-hidden=no -k "./key.txt" --password="" $1 ./encrypted/
5.13 +ls ./encrypted
6.1 Binary file ait/poc/truecrypt/key.txt has changed