|
Recently I’ve been writing a lot of windows batch files that need to be compatible with both Windows 7 and Windows 10. I’ve decided to document some of what I have learned below. Check if .bat file was ran with elevated privileges WHOAMI /Groups | FIND “12288” >NUL IF ERRORLEVEL 1 ( ECHO This batch . . . → Read More: Windows Batch Programming Notes and Examples Recently I added a new drive to my Windows 10 VM using VMFusion 10.0. I was unable to write to it even after making myself owner of it. After digging in this for a while it appears that VMWare is treating new SCSI drives as USB devices and blocking writing (even though I can format . . . → Read More: vmfusion cannot write to new drive windows 10 Internet Explorer Enhanced Security mode can be frustrating to disable. Here is a fast way to disable it. First open an Administrative PowerShell Window. Next run the following: $AdminKey = “HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}” $UserKey = “HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}” Set-ItemProperty -Path $AdminKey -Name “IsInstalled” -Value 0 Set-ItemProperty -Path $UserKey -Name “IsInstalled” -Value 0 Stop-Process -Name Explorer . . . → Read More: Disabling Internet Explorer Security Mode from PowerShell I’ll be reviewing how to analyze a .reg file for unique values on OSX Prerequisite dos2unix will be required brew install dos2unix Instructions In this example we will assume you have dumped all of HKEY_CURRENT_USER\Software\ in to a file named software-all.reg Converting the .reg file to UTF-8 The .reg file must be converted to a . . . → Read More: Analyzing Windows Registry Keys on OSX Recently I needed to view the full HTTP GET and POST methods for a python application hosted on a headless server. I ended up using a tool call mitmproxy. This post will cover getting mitmproxy set up on a linux server and viewing the HTTP GET/POST requests on your local machine via a web interface. . . . → Read More: Capturing https traffic on a headless server I kept receiving an “API error” when attempting to run TheHive Project Cortex Analyzer for IBM Xforce. There is currently a bug that is adding an extra / with every request. To fix this issue you need to modify this file: /opt/Cortex-Analyzers/analyzers/IBMXForce Command to fix the problem: perl -pi -e ‘s|%s/|%s|g’ /opt/Cortex-Analyzers/analyzers/IBMXForce/ibmxforce_lookup.py If you install Cortex from Yum on Centos7 you will most likely receive this error: /etc/init.d/cortex: line 26: /lib/init/vars.sh: No such file or directory This is the fix: perl -pi -e ‘s|. /lib/init/vars.sh|[ -r /lib/init/vars.sh ] && . /lib/init/vars.sh|g’ /etc/init.d/cortex perl -pi -e ‘s|. /lib/lsb/init-functions|[ -r /etc/init.d/functions ] && . /etc/init.d/functions|g’ /etc/init.d/cortex Code loop through a range of IPs and query McAfee epo on client machines # Loop through IP address 10.0.0.10 – 10.0.0.20 and print out # the computer name and the agent version echo “” > output; for ((i=10;i<=20;i++)) do # -s Silent Curl # -m 1 Wait no longer than 1 second per host . . . → Read More: Querying McAfee ePo on End User Machines When you export your bookmarks from Chrome and Firefox the resulting HTML looks pretty plain. Exported Bookmarks with Icons To enhance the exported bookmarks file by added icons try the following perl -i’bak’ -ple ‘s/ ICON=”([^”]+”)>/><img src=”$1″> /’ bookmarks.html Enhance with CSS You can further enhance the file using this js fiddle: http://jsfiddle.net/vaj0tted/ . . . → Read More: Add icons to your exported Chrome/Firefox Bookmarks If you want to return the current AlienVault OSSIM version you are running from a command line try this: version=$(dpkg -l | grep ossim-cd-tools | awk ‘{print $3}’ | awk -F’-‘ ‘{ print $1 }’) echo $version |
|
|
Copyright © 2019 Brakertech - All Rights Reserved i can haz interweb |
|
