Brakertech

tech problems: solved

MISP Diagnostics internal error has occurred

Problem You are using the MISP cloud base image and receive error “Error: an internal error has occurred” when trying to access diagnostics from “administration -> server settings -> diagnostics” Solution As root run the following commands pear install /var/www/MISP/INSTALL/dependencies/Console_CommandLine/package.xml pear install /var/www/MISP/INSTALL/dependencies/Crypt_GPG/package.xml

Windows Batch Programming Notes and Examples

Recently I’ve been writing a lot of windows batch files that need to be compatible with both Windows 7 and Windows 10. I’ve decided to document some of what I have learned below. Check if .bat file was ran with elevated privileges WHOAMI /Groups | FIND "12288" >NUL IF ERRORLEVEL 1 ( ECHO This batch... » read more

Disabling Internet Explorer Security Mode from PowerShell

Internet Explorer Enhanced Security mode can be frustrating to disable. Here is a fast way to disable it. First open an Administrative PowerShell Window. Next run the following: $AdminKey = "HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}" $UserKey = "HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}" Set-ItemProperty -Path $AdminKey -Name "IsInstalled" -Value 0 Set-ItemProperty -Path $UserKey -Name "IsInstalled" -Value 0 Stop-Process -Name Explorer

Analyzing Windows Registry Keys on OSX

I’ll be reviewing how to analyze a .reg file for unique values on OSX Prerequisite dos2unix will be required brew install dos2unix Instructions In this example we will assume you have dumped all of HKEY_CURRENT_USER\Software\ in to a file named software-all.reg Converting the .reg file to UTF-8 The .reg file must be converted to a... » read more

Capturing https traffic on a headless server

Recently I needed to view the full HTTP GET and POST methods for a python application hosted on a headless server. I ended up using a tool call mitmproxy. This post will cover getting mitmproxy set up on a linux server and viewing the HTTP GET/POST requests on your local machine via a web interface.... » read more

TheHive Project Cortex IBM Xforce Analyzer is not Working

I kept receiving an “API error” when attempting to run TheHive Project Cortex Analyzer for IBM Xforce. There is currently a bug that is adding an extra / with every request. To fix this issue you need to modify this file: /opt/Cortex-Analyzers/analyzers/IBMXForce Command to fix the problem: perl -pi -e 's|%s/|%s|g' /opt/Cortex-Analyzers/analyzers/IBMXForce/ibmxforce_lookup.py

Cortex init.d Script Failure on Centos7

If you install Cortex from Yum on Centos7 you will most likely receive this error: /etc/init.d/cortex: line 26: /lib/init/vars.sh: No such file or directory This is the fix: perl -pi -e 's|. /lib/init/vars.sh|[ -r /lib/init/vars.sh ] && . /lib/init/vars.sh|g' /etc/init.d/cortex perl -pi -e 's|. /lib/lsb/init-functions|[ -r /etc/init.d/functions ] && . /etc/init.d/functions|g' /etc/init.d/cortex