TEAMSPEAK 3

1
Teamspeak running on ts3.tomvanommen.nl contact for password.

0x90.se Malware Analysis: Part I – Manual Analysis

1
http://packetstorm.foofus.com/papers/general/0x90.se_-_Malware_Analysis_-_Part_I.pdf

Windows Desktop Listview

1
https://code.google.com/p/desktoplistview/

Remote Etherape

1
ssh root@remotehost  tcpdump -n -w – | etherape -m ip -r -

Grep Pattern +1 Line

1
grep -A1 pattern file > newfile
1
sed -n ‘/LGIG/,+1p’ file.txt >newfile.txt

MySQL Dumping With WHERE Clause

1
mysqldump -p[password] -u[username] [database] [table] –where=”id > 666″ > dumpfile.sql
1
mysqldump –compact -p[password] -u[username] [database] [table] –where=’1 limit 1000′

Bash History With Timestamp

Put this in your .bashrc

1
HISTTIMEFORMAT="%d/%m/%y %T "

TCPDump HTTP Traffic

1
tcpdump -c 20 -s 0 -i eth1 -A host 192.168.1.1 and tcp port http
-c 20
Exit after capturing 20 packets.
-s 0
Don’t limit the amount of payload data that is printed out. Print it all.
-i eth1
Capture packets on interface eth1
-A Print packets in ASCII.
host 192.168.1.1 Only capture packets coming to or from 192.168.1.1.
and tcp port http Only capture HTTP packets.

Link: http://sleeplesscoding.blogspot.nl/2011/01/using-tcpdump-to-sniff-http-traffic.html

PoPToP Easy Setup

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
#!/bin/bash
# Interactive PoPToP install script on a OpenVZ VPS
# Tested on Debian 5, 6, and Ubuntu 11.04
# 2011 v1.1
# Author: Commander Waffles
# http://www.putdispenserhere.com/pptp-debian-ubuntu-openvz-setup-script/
#
# Serverd by: Asim Zeeshan via Gist
# https://gist.github.com/3799200

echo "######################################################"
echo "Interactive PoPToP Install Script for OpenVZ VPS"
echo "by Commander Waffles http://www.putdispenserhere.com"
echo "Should work on various deb-based Linux distos."
echo "Tested on Debian 5, 6, and Ubuntu 11.04"
echo
echo "Make sure to message your provider and have them enable"
echo "IPtables and ppp modules prior to setting up PoPToP."
echo
echo "You need to set up the server before creating more users."
echo "A separate user is required per connection or machine."
echo "######################################################"
echo
echo
echo "######################################################"
echo "Select on option:"
echo "1) Set up new PoPToP server AND create one user"
echo "2) Create additional users"
echo "######################################################"
read x
if test $x -eq 1; then
  echo "Enter username that you want to create (eg. client1 or john):"
  read u
  echo "Specify password that you want the server to use:"
  read p

# get the VPS IP
ip=`ifconfig venet0:0 | grep 'inet addr' | awk {'print $2'} | sed s/.*://`

echo
echo "######################################################"
echo "Downloading and Installing PoPToP"
echo "######################################################"
apt-get update
apt-get install pptpd

echo
echo "######################################################"
echo "Creating Server Config"
echo "######################################################"
cat > /etc/ppp/pptpd-options <<END
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
ms-dns 8.8.8.8
ms-dns 8.8.4.4
proxyarp
nodefaultroute
lock
nobsdcomp
END

# setting up pptpd.conf
echo "option /etc/ppp/pptpd-options" > /etc/pptpd.conf
echo "logwtmp" >> /etc/pptpd.conf
echo "localip $ip" >> /etc/pptpd.conf
echo "remoteip 10.1.0.1-100" >> /etc/pptpd.conf

# adding new user
echo "$u    *   $p  *" >> /etc/ppp/chap-secrets

echo
echo "######################################################"
echo "Forwarding IPv4 and Enabling it on boot"
echo "######################################################"
cat >> /etc/sysctl.conf <<END
net.ipv4.ip_forward=1
END
sysctl -p

echo
echo "######################################################"
echo "Updating IPtables Routing and Enabling it on boot"
echo "######################################################"
iptables -t nat -A POSTROUTING -j SNAT --to $ip
# saves iptables routing rules and enables them on-boot
iptables-save > /etc/iptables.conf

cat > /etc/network/if-pre-up.d/iptables <<END
#!/bin/sh
iptables-restore < /etc/iptables.conf
END

chmod +x /etc/network/if-pre-up.d/iptables
cat >> /etc/ppp/ip-up <<END
ifconfig ppp0 mtu 1400
END

echo
echo "######################################################"
echo "Restarting PoPToP"
echo "######################################################"
/etc/init.d/pptpd restart

echo
echo "######################################################"
echo "Server setup complete!"
echo "Connect to your VPS at $ip with these credentials:"
echo "Username:$u ##### Password: $p"
echo "######################################################"

# runs this if option 2 is selected
elif test $x -eq 2; then
  echo "Enter username that you want to create (eg. client1 or john):"
  read u
  echo "Specify password that you want the server to use:"
  read p

# get the VPS IP
ip=`ifconfig venet0:0 | grep 'inet addr' | awk {'print $2'} | sed s/.*://`

# adding new user
echo "$u    *   $p  *" >> /etc/ppp/chap-secrets

echo
echo "######################################################"
echo "Addtional user added!"
echo "Connect to your VPS at $ip with these credentials:"
echo "Username:$u ##### Password: $p"
echo "######################################################"

else
echo "Invalid selection, quitting."
exit
fi

source: https://github.com/asimzeeshan/LinuxUtils/blob/master/pptpinstall.sh

Grep IP Address

1
grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' /tmp/firewall