Posts

Regex IPv4 & IPv6

Regex is cool. But have you ever tried to grep IPv4 / IPv6 Adresses from a File or extract from a bunch of data ? Did you use Google Search and found lot of Links, Tip’s and Examples ? And non of them worked well ? I can highly recommend CyberChef for stuff like that … https://gchq.github.io/CyberChef/ Regex from CyberChef If you wanna use Regex in your own Scripts, here is a little Extract from Cyberchef.

AGE - Encrypt Files with SSH Keys

Stumbled upon something that I’ve missed for a long time: encrypting files with the ssh public key :) Source https://github.com/FiloSottile/age Install Package OpenBSD (and most others *nix systems) got a package for age. Just install it. doas pkg_add age Asymmetric Encryption Asymmetric Encryption encrypts and decrypts the data using two separate yet mathematically connected cryptographic keys. These keys are known as a ‘Public Key’ and a ‘Private Key’. Together, they’re called a ‘Public and Private Key Pair’

MAC Converter

MAC Address Converter We’re all dealing with MAC Addresses, some times … there are different formats on different systems. this little script convert it to all formats and you can choise the appropriate ones. Example $ maconvert aa:bb:cc:dd:ee:ff aabbccddeeff aa:bb:cc:dd:ee:ff aa-bb-cc-dd-ee-ff aabb.ccdd.eeff Script Copy/Paste will work on OpenBSD, Linux needs some small Modifications (as there is no doas for example …) doas su - cat << 'EOFSCRIPT' > /usr/local/bin/maconvert #!/usr/bin/env bash # v0.

FreeBSD on APU

While ago since i installed FreeBSD “by Hand” on a APU … let’s take some Notes (as we’re all getting older …) ;) Links https://docs.freebsd.org/en/books/handbook/serialcomms/#serialconsole-setup https://www.cyberciti.biz/faq/how-to-write-freebsd-image-to-usb-disk-for-installation-using-dd-command/ Get Install Image wget https://download.freebsd.org/ftp/releases/amd64/amd64/ISO-IMAGES/13.0/FreeBSD-13.0-RELEASE-amd64-memstick.img.xz xz -dv FreeBSD-13.0-RELEASE-amd64-memstick.img.xz Write to USB Stick time dd if=FreeBSD-13.0-RELEASE-amd64-memstick.img of=/dev/da1 bs=1M conv=sync status=progress Mount Stick mount /dev/da1s2a /mnt Redirect Serial Console and set other Stuff cat <<EOF>/mnt/boot/loader.conf boot_multicons="YES" boot_serial="YES" comconsole_speed="115200" console="comconsole,vidconsole" EOF Unmount Image umount /mnt Write to USB Stick time dd if=FreeBSD-13.

Poetry

Intro Poetry is a tool for dependency management and packaging in Python. It allows you to declare the libraries your project depends on and it will manage (install/update) them for you. Links https://python-poetry.org/ https://www.infoworld.com/article/3527850/how-to-manage-python-projects-with-poetry.html Install OpenBSD … and update path pip install --user poetry cat <<'EOF'>> ~/.profile # Poetry export PATH=$PATH:~/.local/bin EOF . ~/.profile ev install as root ? doas pip install --user poetry cat <<'EOF'>> ~/.profile # Poetry export PATH=$PATH:/root/.

SSH

Signing Files with SSH 8.0 unsigned file $ cat hosts 127.0.0.1 localhost ::1 localhost 1.2.3.4 egal sign $ ssh-keygen -Y sign -f id_rsa -n file hosts Signing file hosts Write signature to hosts.sig signed file $ cat hosts.sig -----BEGIN SSH SIGNATURE----- U1NIU0lHAAAAAQAAAZcAAAAHc3NoLXJzYQAAAAMBAAEAAAGBALJB+O4WCOM7V56H1xigpd uJem52Izwltl2cG9GQOO94HClebcr7C5aD24iI4wDcT9Ajv5/fu9cDVEXku83I/U0blUZe oMd8qCIH+4O+RVYyCvKFyEkcZ6n+RRH1G5EgcP0UXtmo4J3p8Hyo/6jtPA/r28+idi84A6 7yW1cmC5GpIw24Vr5aqA3e3rCJdFBZThzsTrwu/DHzIueQstEQdldycUit4X9UPBaCVnov +nhyijO9b8adzkTMxjcJAl65fdLUmwuJ5h3z0owdKOmrcNlbWxqTIuGU0in25ZDQVxLssc WI8oW7vR5F7+cXSV7fYliTG/XPsCkD1KpWc/xSOr35bALRQpxD1+T48mrbKToZuzu4hage cUSOvRI3R0hKIvcXYyf2SQoBfLNlpvl5CRcatlw2fMhFQPrVz0Bh543chEFsF4nxKQw8yq riJbqkvhW8tzKCnMA7vyTRxey6uSDJrw0YchXIJdprNUlgM1t+z9J3AwC4ugpvhgVd6H0v 9QAAAAxob3N0cy5zaWduZWQAAAAAAAAABnNoYTUxMgAAAZQAAAAMcnNhLXNoYTItNTEyAA ABgAB9zAZStPsSvPIBh66lAgGLE/JWPk0voZjTUz9pO5wl81aM6Kn1clY9n4jysEkiQ0xy yy/tWgFzKi10mVfh/SJ34L2Mdo8t+vBnha1KNlkFwXZl+GXiCLlVl+ei6xpRfp9knheoIh LyEHoxgkuI6lO0c8pi4ymNnrlfvkg9SvvZfSdXWUMfTWHDlHvFIGqMg3BWQu7ylTEgQVDF obpqDInU3hkisfsywQRQh6KVVe8eSUc0qVH/FSSLoG8X/IX9Vh3g4tT/2FJPrE4k464yie GdnLkp5edcnnE+jjoSQroMs52QWy2a3XXZC5KTaDL6w4mcry1RpavhXb5aJQ7o0852Pkc9 wDkwX/11JZhMmxNZbDlg+tHsWy12KUubKAxAjJ1HUFXMjTFI6HMu8WyU989e3dOTt/bL3W l7sDo5P8SGv3/6+tJxugz9shz8WaN9Xz6Oh2AfCM6+IROXaeUgWMXtDmGS5bUZxUOSxHa1 ww7wzYR0NKXuOk3IeJMSQ2f97g== -----END SSH SIGNATURE----- verify file allowed signers $ cat /etc/allowed_signers mail@world.net ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCyQfjuFgjjO1eeh9cYoKXbiXpudiM8JbZdnBvRkDjveBwpXm3K+wuWg9uIiOMA3E/QI7+f37vXA1RF5LvNyP1NG5VGXqDHfKgiB/uDvkVWMgryhchJHGep/kUR9RuRIHD9FF7ZqOCd6fB8qP+o7TwP69vPonYvOAOu8ltXJguRqSMNuFa+WqgN3t6wiXRQWU4c7E68Lvwx8yLnkLLREHZXcnFIreF/VDwWglZ6L/p4coozvW/Gnc5EzMY3CQJeuX3S1JsLieYd89KMHSjpq3DZW1sakyLhlNIp9uWQ0FcS7LHFiPKFu70eRe/nF0le32JYkxv1z7ApA9SqVnP8Ujq9+WwC0UKcQ9fk+PJq2yk6Gbs7uIWoHnFEjr0SN0dISiL3F2Mn9kkKAXyzZab5eQkXGrZcNnzIRUD61c9AYeeN3IRBbBeJ8SkMPMqq4iW6pL4VvLcygpzAO78k0cXsurkgya8NGHIVyCXaazVJYDNbfs/SdwMAuLoKb4YFXeh9L/U= verify

Httpie

got in touch with httpie, a restapi client for the cli install doas pkg_add httpie Hello World let’s do a little test $ https httpie.io/hello HTTP/1.1 200 OK Connection: keep-alive Content-Type: application/json; charset=utf-8 age: 0 cache-control: public, max-age=0, must-revalidate content-length: 264 date: Wed, 10 Nov 2021 17:34:19 GMT etag: "108-yw+Xn8xsGAsJIUMQvDLN7gAcQuc" server: Vercel strict-transport-security: max-age=63072000 x-matched-path: /api/hello x-vercel-cache: MISS x-vercel-id: fra1::iad1::4kmc7-1636565659646-cf763c94cea0 { "ahoy": [ "Hello, World! 👋 Thank you for trying out HTTPie 🥳", "We hope this will become a friendship.

OpenBSD 7.0

OpenBSD 7.0 released ! the 7.0 Release was released on 14. Oct 2021, two weeks before the official Launch Date (1. Nov). All the Changes are listed here: https://www.openbsd.org/70.html, or summarized: undeadly.org Things i have to consider for my Boxes: dhcpleased(8) was made the default program for configuring IPv4 addresses via DHCP resolvd(8) was activated to handle concurrent changes to resolv.conf(5) by both dhcpleased(8) and slaacd(8). Upgrade Guide Follow to official Upgrade Guide.

Aslo - AS Lookup

ASLO AS Lookup Helper Script. It’s written for OpenBSD and need’s some modification for Linux. It basically depends on Python, PIP Installer and Python Package “aslookup”. Have Fun ! Download wget https://blog.stoege.net/scripts/aslo chmod 755 aslo ./aslo 1.1.1.1 Script … and the Content himelf. It basically check’s if pip is installed, if as-lookup is installed, and then does the as lookup for the given IP Adress #!/usr/bin/env bash # AS Lookup for IP Address install_pip() { echo -e "\npip not found, install ?

Nextcloud on OpenBSD

Intro Wanna run your own Nextcloud Server on OpenBSD … ? Give a Try ! It’s quite trivial as you can see. Just fireup an empty machine, assign an Hostname / DNS Record, and follow the Examples below. This Setup is done on the current Version, 6.9. Have Fun ! Inspired by: https://dev.to/nabbisen/nextcloud-on-openbsd-installation-15d6 Packages install some packages. i use sqlite as db because i don’t expect a lot of users/traffic/files.

Git aliases

we all do like aliases, right ? https://git-scm.com/book/en/v2/Git-Basics-Git-Aliases Some Aliases git config --global alias.co checkout git config --global alias.br branch git config --global alias.ci commit git config --global alias.st status git config --global alias.bra "branch -a" and then, you just type: git co git br git ci git st git bra .gitconfig all this stuff is saved in ~/.gitconfig $ cat ~/gitconfig # This is Git's per-user configuration file. ... [alias] co = checkout br = branch ci = commit st = status bra = branch -a sha256: 772017dc340c3a08ab06572e0e17ad7b03ae7f82db93f2195ff1f04d180bc517

CAS@OST

it’s time for some education and i decided to do a CAS CyberSecurity @OST (prev. HSR Rapperswil). I expect to learn a lot in Attacking, Defense, Reverse Engineering and so on. Think i have already a “good basic” in many of these Topics. So, i expect the have an intersting Time in the next few Month. You can expect some posts here, or may i do another blog ? -> started a new blog for the CAS

Blog renamed

… just renamed the blog from “puffy.nolink.ch” to “blog.stoege.net” ! hope all the links are still working. redirection from old location should be in place sha256: f604551cd33be59d9fe19cdce2b44d32448d06d883b31f74f54c628a79f09b0c

PowerDNS on OpenBSD

Run PowerDNS on OpenBSD I’m mostly happy with NSD as Authoritative Nameserver. But why not look over the fence and have a look at PowerDNS ? At least the API looks promising to me … Install Package doas pkg_add powerdns-- Create Folder, DB and set Permission doas mkdir /var/db/pdns doas sqlite3 /var/db/pdns/pdns.sql < /usr/local/share/doc/pdns/schema.sqlite3.sql doas chown -R _powerdns:wheel /var/db/pdns/ Update Config File /etc/pdns/pdns.conf # DB gsqlite3-database=/var/db/pdns/pdns.sql launch=gsqlite3 setuid=_powerdns # Tuning & Protection max-queue-length=5000 overload-queue-length=2500 # Webserver webserver=yes webserver-address=ip-of-your-nameserver webserver-allow-from=127.

OS Helpers

here a small Collection of Helper and Scripts. You may find this stuff useful. Please be aware that you run this stuff on your own risk. It’s specially made for myself and you should not run this stuff as provided here. you may give me access to your system and you don’t want this ;) add bash & wget we need bash and wget for the following stuff. install it if not yet installed.