I recently had a need to create local firewall rules for certain executables which would block all outbound traffic for those executables. Whilst not particularly difficult I thought it would be useful to be able to do so from a “right-click” option. There seemed to be a lot of things on the web about thisContinue reading “Outbound Firewall Block Rule creation from Context Menu.”
Author Archives: cluelessatcoding
How to reset a forgotten or lost Guacamole user password in a Postgres Database
This week I found myself booting up an old environment which used Guacamole to present some resources. Whilst I had server credentials , I did not have any of the Guacamole user credentials so I looked in to how I could reset the accounts. My environment uses Postgres. After a bit of messing about IContinue reading “How to reset a forgotten or lost Guacamole user password in a Postgres Database”
Automated Script to install HAProxy 2.8.12 , OpenSSL 3.0.15 and Modsecurity.
So ….. My latest effort has been a bash script that runs on both Ubuntu 22.04 and Alma 8.6 and installs HAProxy 2.8.12, OpenSSL 3.0.15 and Modsecurity. The starting point is a clean build, with latest OS patches installed and no additional packages. This script downloads, extracts and installs the version of OpenSSL 3 andContinue reading “Automated Script to install HAProxy 2.8.12 , OpenSSL 3.0.15 and Modsecurity.”
Python script to parse a Sonicwall Firewall exp file
I had need to review a firewall config but was provided with an exp file. I did not want to pay for a tool do do the work and what I found on the internet did not work with my file version, so I wrote a script to do some of the heavy lifting forContinue reading “Python script to parse a Sonicwall Firewall exp file”
Automated Script to install Covenant on Ubuntu 20.04
Following on from my previous post I have created a noddy script to install Covenant on an Ubuntu 20.04 box. It can be found at : https://github.com/CluelessAtCoding/Efforts/tree/main/RedTeamTools Download the script to the Ubuntu machine, change the username specified at the beginning of the script if you so wish, then:
Installing Covenant on Ubuntu 20.04
Understanding how Red Team tools work and are used enables the Blue Team to develop better detections in their EDR/Security software. This short article details how to install Covenant (https://github.com/cobbr/Covenant) on Ubuntu 20.04 so you can use it as part of a Purple Team exercise. Build a minimal Ubuntu 20.04 Server, with OpenSSH Server installedContinue reading “Installing Covenant on Ubuntu 20.04”
Microsoft EDGE Version 105.0.1343.25 not launching
I recently upgraded to Microsoft Edge Version 105.0.1343.25 only to find that it would not launch. The fix according to a page I found on the interweb, which worked for me, was to delete the MetricsReportingEnabled registry key in HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Edge You may need to do the same in HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge The issue may have been causedContinue reading “Microsoft EDGE Version 105.0.1343.25 not launching”
CVE-2021-4034 – Polkit Vulnerability
With Proof of Concept exploits already on github, you need to ensure you are patched against this vulnerability. Details of the vulnerability can be found at https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034 Most vendors have released patches, so update
Installing HAProxy 2.4.7 with ModSecurity on AlmaLinux 8.4
This article is almost identical to my previous post regarding HAProxy on CentOS, but as Centos 8 is going End Of Life at the end of this year I thought I would revisit it on AlmaLinux. I used the 64-Bit minimal ISO that can be found at the appropriate mirror : https://mirrors.almalinux.org/isos/x86_64/8.4.html . By usingContinue reading “Installing HAProxy 2.4.7 with ModSecurity on AlmaLinux 8.4”
CentOS 8 EOL – Which Distro to move to?
CentOS 8 going end of life at the end of 2021 has left many people with a choice to make. Do I stay with an unsupported OS? Do I move to CentOS Stream ? Do I move to a different distro ? Most people use CentOS as it is binary compliant with RHEL, that isContinue reading “CentOS 8 EOL – Which Distro to move to?”
Tech Babble 