Posts

使用 oh-my-posh 美化 PowerShell 樣式

使用 oh-my-posh 美化 PowerShell 樣式 # 這會從 PowerShell Gallery 下載並安裝 posh-git 和 oh-my-posh 這兩個模組，前者是在命令列中顯示 Git 專案的相關資訊，後者則是美美的樣式套件 Install-Module posh-git -Scope CurrentUser Install-Module oh-my-posh -Scope CurrentUser # 接著我們要修改 PowerShell 啟動時所載入的設定檔，在 PowerShell 中輸入 $PROFILE 可得到當前使用者啟動 PowerShell 時，會載入的個人設定檔位置。 # 你的電腦可能沒有這個實體檔案，這時可以執行下面的指令，如果沒有該設定檔，則建立一個，然後使用 notepad 來開啟該設定檔。 if (!(Test-Path -Path $PROFILE )) { New-Item -Type File -Path $PROFILE -Force } notepad $PROFILE 最後在該設定檔中加入下列指令 Import-Module posh-git Import-Module oh-my-posh Set-Theme Paradox oh-my-posh 內建了很多樣式，你也可以使用 Get-Theme 這個 Cmdlet 指令取得 oh-my-posh 有提供的所有樣式及相關檔案位置

Thursday, December 10, 2020 閱讀

冰山一角的駭客工具介紹

冰山一角的駭客工具介紹 [駭客工具 Day10] web 安全測試 - Burp Suite [駭客工具 Day11] 網站路徑遍歷 - DirBuster [駭客工具 Day12] 密碼暴力破解 - Hydra [駭客工具 Day13] 密碼字典檔生成工具 - crunch [駭客工具 Day16] 滲透神器 - Metasploit [駭客工具 Day18] windows 密碼獲取神器 - mimikatz [駭客工具 Day25] CTF Exploit 的 Python library - pwntools

Tuesday, December 8, 2020 閱讀

用 IIS、.NET 4.5 與 Octopus Deploy 建立 Windows Server Vagrant box

用 IIS、.NET 4.5 與 Octopus Deploy 建立 Windows Server Vagrant box 在 host 端執行 vagrant up 時如何正確使用 PowerShell script？ Windows 在 Vagrant 上的起步 https://followkman.com/2016/07/27/vagrant-up-on-windows-10-with-hyper-v/

Thursday, December 3, 2020 閱讀

Ansible Network 的新 LibSSH 連線外掛取代 Paramiko，並支援 FIPS 模式

Ansible Network 的新 LibSSH 連線外掛取代 Paramiko，並支援 FIPS 模式切換 Ansible Playbook 使用 LibSSH # 安裝 LibSSH pip install ansible-pylibssh 在 Ansible Playbook 中使用 LibSSH 方法 1. 在專案的 ansible.cfg 檔案中設定 ssh_type 參數使用 libssh [persistent_connection] ssh_type = libssh 方法 2: 設定 ANSIBLE_NETWORK_CLI_SSH_TYPE 環境變數 $ export ANSIBLE_NETWORK_CLI_SSH_TYPE=libssh 方法 3: 在 play 等級的 playbook 中設定 ansible_network_cli_ssh_type 為 libssh 用來測試 libssh 設定的 Playbook - hosts: "changeme" gather_facts: no connection: ansible.netcommon.network_cli vars: ansible_network_os: cisco.ios.ios ansible_user: "changeme" ansible_password: "changeme" ansible_network_cli_ssh_type: libssh tasks: - name: run show version command ansible.netcommon.cli_command: command: show version - name: run show version command ansible.netcommon.cli_command: command: show interfaces

Wednesday, November 25, 2020 閱讀

CentOS 7 掛載 Synology NAS 資料夾

Monday, November 9, 2020 閱讀

MacBook 设置 SSLKEYLOGFILE 环境变量解密 HTTPS 流量

MacBook 设置 SSLKEYLOGFILE 环境变量解密 HTTPS 流量创建 keylogfile mkdir ~/sslkeylogfile && touch ~/sslkeylogfile/keylogfile.log # 创建 keylogfile.log 文件 sudo chmod 777 ~/sslkeylogfile/keylogfile.log # 更改权限，确保 chrome 启动时能写入数据配置环境变量 vim ~/.zshrc # 打开配置文件 export SSLKEYLOGFILE=~/sslkeylogfile/keylogfile.log # 配置环境变量 source ~/.zshrc # 使配置文件生效配置 wireshark perferences -> Protocols -> TLS 配置 TSL debug file 记录解密日志配置 (Pre)-Master-Secret log filename 路径为 keylogfile.log 的绝对路径使用 termial 启动 chrome open -a 'Google Chrome' https://www.baidu.com/ 注意：从 termial 启动 chrome，为了确保 chrome 可以读取 SSLKEYLOGFILE 环境变量。

Friday, November 6, 2020 閱讀

使用 Ansible 透過 RestAPI 備份 FortiOS 設定

Fortigate RestAPI 設定備份 - FortiOS 6.0.4 使用 Ansible 透過 RestAPI 備份 FortiOS 設定建立存取設定檔 FGTAWS0004BE1ADE # config system accprofile FGTAWS0004BE1ADE (accprofile) # edit readOnly new entry 'readOnly' added FGTAWS0004BE1ADE (readOnly) # set sysgrp read FGTAWS0004BE1ADE (readOnly) # end 在 Fortigate 建立 API 使用者 FGTAWS0004BE1ADE # config system api-user FGTAWS0004BE1ADE (api-user) # edit api-admin new entry 'api-admin' added FGTAWS0004BE1ADE (api-admin) # set accprofile "readOnly" FGTAWS0004BE1ADE (api-admin) # set vdom root FGTAWS0004BE1ADE (api-admin) # config trusthost FGTAWS0004BE1ADE (trusthost) # edit 1 new entry '1' added FGTAWS0004BE1ADE (1) # set ipv4-trusthost 'ip_address_of_your_machine' 255.255.255.255 FGTAWS0004BE1ADE (1) # end FGTAWS0004BE1ADE (api-admin) # end 產生 API token FGTAWS0004BE1ADE # execute api-user generate-key api-admin New API key: 'your_api_token' NOTE: The bearer of this API key will be granted all access privileges assigned to the api-user api-admin. 測試 # fortigate.py import requests import urllib3 # disable security warning for SSL certificate urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) # disable security warning for SSL certificate def config_download(ipaddr, api_token, filename='backup.conf'): ''' input: ipaddr(string) - target ip address of fortigate input: api_token(string) - api_token for api user(accprofile should have sysgrp.mnt) input: filename(string) - file name of the config to be saved. default backup.conf output: True if backup successfule. False if not successful. Tested on: Fortigate OnDemand on AWS - FortiOS6.0.4 ''' base_url = f'https://{ipaddr}/api/v2/' headers = {'Authorization': f'Bearer {api_token}'} params = {'scope': 'global'} uri = 'monitor/system/config/backup/' rep = requests.get(base_url + uri, headers=headers, params=params, verify=False) if rep.status_code != 200: print(f'Something went wrong. status_code: {rep.status_code}') return False with open(filename, 'w') as f: f.write(rep.text) return True >>> import fortigate >>> >>> ip_addr = 'Fortigate_IP_Address' >>> api_token = 'API_TOKEN' >>> >>> if (fortigate.config_download(ip_addr, api_token, 'backup20190215.conf')): ... print('Done!') ... else: ... print('Error!!') ... Done! >>> >>> with open('backup20190215.conf', 'r') as f: ... f.readline() ... '#config-version=FGTAWS-6.0.4-FW-build0231-190107:opmode=0:vdom=0:user=api-admin\n' >>> 設定 Ansible inventory 與 playbook $ cat hosts [fortigate] x.x.x.x access_token=w4q9qtfbGry3Nbc40kHjsk9mxG**** y.y.y.y access_token=tfy8c9b8Nxw6N3Q5Q5bg9z69dn**** $ cat fortigate_backup.yml - name: fortigate config backup connection: local hosts: fortigate tasks: - name: get current config uri: url: 'https://{{ ansible_host }}/api/v2/monitor/system/config/backup/?scope=global&access_token={{ access_token }}' return_content: yes validate_certs: no register: current_config - name: write config to local file local_action: copy content={{ current_config.content }} dest=./{{ inventory_hostname }}_{{ ansible_date_time.date }}.txt

Tuesday, November 3, 2020 閱讀

2020年，最新NGINX的ngx_http_geoip2模块以精准禁止特定国家或者地区IP访问

2020 年，最新 NGINX 的 ngx_http_geoip2 模块以精准禁止特定国家或者地区 IP 访问 centos7 下安装 GeoIP2，在 nginx 中根据 ip 地址对应的国家转发请求安装 geoip2 lib cd /usr/local/src rm -f libmaxminddb-1.4.2.tar.gz wget https://github.com/maxmind/libmaxminddb/releases/download/1.4.2/libmaxminddb-1.4.2.tar.gz tar -xzf libmaxminddb-1.4.2.tar.gz cd libmaxminddb-1.4.2 yum install gcc gcc-c++ make -y ./configure make make check sudo make install echo '/usr/local/lib' > /etc/ld.so.conf.d/geoip.conf sudo ldconfig 下载 ngx_http_geoip2_module 模块 cd /usr/local/src wget https://github.com/leev/ngx_http_geoip2_module/archive/3.3.tar.gz tar -xzf 3.3.tar.gz mv ngx_http_geoip2_module-3.3 ngx_http_geoip2_module # nginx集成 cd /usr/local/src wget http://nginx.org/download/nginx-1.16.1.tar.gz tar -zxf nginx-1.16.1.tar.gz cd nginx-1.16.1 useradd -M -s /sbin/nologin www yum install gcc gcc-c++ make pcre-devel zlib-devel openssl-devel -y ./configure --user=www --group=www --prefix=/usr/local/nginx \ --with-ld-opt="-Wl,-rpath -Wl,/usr/local/lib" \ --with-http_sub_module \ --with-http_realip_module \ --with-http_gzip_static_module \ --with-http_ssl_module \ --with-http_v2_module \ --add-module=/usr/local/src/ngx_http_geoip2_module make make install geoip2 IP 地址库下载 2020 年最新 GeoLite2-City.mmdb 无法直接下载，必须注册 maxmind 账号

Tuesday, October 27, 2020 閱讀

使用 Nginx HTTPS 與 Basic Auth 反向代理 VMware ESXi 6.5 修復 VMRC /screen

使用 Nginx HTTPS 與 Basic Auth 反向代理 VMware ESXi 6.5 修復 VMRC /screen server { listen 80; server_name esxi.hackion.com; return 301 https://$server_name$request_uri; } server { listen 443 ssl; server_name esxi.hackion.com; ssl_certificate /mycert.crt; ssl_certificate_key /mykey.key; location / { auth_basic "Restricted Content"; auth_basic_user_file /etc/nginx/.htpasswd; proxy_set_header Upgrade $http_upgrade; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Origin ''; proxy_set_header Authorization ''; #Don't pass the Nginx Basic Auth to ESXi or it will break VMRC. proxy_pass_header X-XSRF-TOKEN; proxy_pass https://esxi_server; proxy_send_timeout 300; proxy_read_timeout 300; send_timeout 300; client_max_body_size 1000m; # enables WS support proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } server { listen 443 ssl http2; # ssl_certificate and ssl_certificate_key are required ssl_certificate /etc/letsencrypt/live/myletsencryptdomain/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/myletsencryptdomain/privkey.pem; include /etc/nginx/snippets/ssl-params.conf; # removed DH params as my ssl-params.conf specifies to only use ECDHE key exchange. server_name fqdn.extern; location / { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_ssl_verify off; # No need on isolated LAN proxy_pass https://vcenter.ip; # esxi IP Address proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_buffering off; client_max_body_size 0; proxy_read_timeout 36000s; proxy_redirect https://fqdn.local/ https://fqdn.extern/; # read comment below # replace vcenter-hostname with your actual vcenter's hostname, and esxi with your nginx's server_name. } location /websso/SAML2 { proxy_set_header Host fqdn.local; # your actual vcenter's hostname proxy_set_header X-Real-IP $remote_addr; proxy_ssl_verify off; # No need on isolated LAN proxy_pass https://vcenter.ip; # esxi IP Address proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_buffering off; client_max_body_size 0; proxy_read_timeout 36000s; proxy_ssl_session_reuse on; proxy_redirect https://fqdn.local/ https://fqdn.extern/; # read comment below # replace vcenter-hostname with your actual vcenter's hostname, and esxi with your nginx's server_name. } }

Saturday, October 17, 2020 閱讀

針對特定 Commit Message 觸發 GitHub Actions

針對特定 Commit Message 觸發 GitHub Actions 現在，只要我推送 wip commit 或任何包含 wip 的 commit，就會在 GitHub Actions 中被標記為跳過。 jobs: format: runs-on: ubuntu-latest if: "! contains(github.event.head_commit.message, 'wip')" 任何包含 [build] 的 commit 會觸發這些工作，其他則會被跳過。 jobs: format: runs-on: ubuntu-latest if: "contains(github.event.head_commit.message, '[build]')"

Sunday, October 11, 2020 閱讀

使用 Vagrant 在 vSphere 部署多台 VM

使用 Vagrant 在 vSphere 部署多台 VM vm1 = { 'name' => "PhotonVM1", 'ip' => "192.168.5.224" } vm2 = { 'name' => "PhotonVM2", 'ip' => "192.168.5.225" } vms = [ vm1, vm2] Vagrant.configure(2) do |config| vms.each do |node| vm_name = node['name'] vm_ip = node['ip'] config.vm.define vm_name do |node_config| node_config.vm.network 'private_network', ip: "#{vm_ip}" node_config.vm.box = "dummy" node_config.vm.box_url = "./example_box/dummy.box" node_config.vm.provider :vsphere do |vsphere| vsphere.host = 'vc01.testlab.local' vsphere.compute_resource_name = 'esxi01.testlab.local' vsphere.name = vm_name vsphere.customization_spec_name = 'centos66' vsphere.template_name = 'PhotonTemplate' vsphere.user = 'administrator@vsphere.local' vsphere.password = 'password' vsphere.insecure = true end end end end

Monday, October 5, 2020 閱讀

Vagrantfile and Provider

Day 8 - Vagrantfile and Provider Day 9 - Advanced Vagrantfile(編輯中) 用以下這個範例你只要使用 Vagrant up 加上 provider 參數，就可開啟不同來源的機器例如我要開啟 Vsphere 的機器，我只要下 vagrant up --provider=vsphere 要開 AWS 的機器，我只要下 vagrant up --provider=aws VAGRANTFILE_API_VERSION = "2" Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| # 我們定義一個 Ubuntu 的機器 # box 的需求是對於 local 的 VM 才需要的 # 所以在 provider 是 vmware_fusion 或 Virtualbox 時，才會用到這個設定 config.vm.box = "hashicorp/precise64" # vmware_fusion config.vm.provider "vmware_fusion" do |v, override| override.vm.box = "precise64_vmware" v.gui = false end # vsphere config.vm.provider :vsphere do |vsphere| # 對於私有雲及公有雲，要clone 的vm 是儲存在雲端上的 # 所以 box 使用 dummy box 來達到這個目的 vsphere.vm.box = "nkhasanov/vsphere-simple" vsphere.host = 'YOURIP' vsphere.compute_resource_name = 'YOUR DATACENTER' vsphere.resource_pool_name = 'YOUR RESOURCE POOL' vsphere.insecure = true vsphere.template_name = 'VM TEMPLATE' vsphere.name = "#{YOUR_NAME}-test-machine" vsphere.user = 'administrator' vsphere.password = '$p1unK_Lab' vsphere.vm_base_path = 'vmware_template' vsphere.linked_clone = true end # virtual box config.vm.provider "virtualbox" do |vb| vb.gui = false end # aws config.vm.provider :aws do |aws, override| # aws configurations aws.access_key_id = "#{YOUR_AWS_ACCESS_KEY_ID}" aws.secret_access_key = "#{YOUR_AWS_ACCESS_KEY}" aws.keypair_name = "#{YOUR_NAME}" aws.security_groups = "#{YOUR_NAME}" aws.instance_type = "t2.small" aws.region = "us-east-1" # ubuntu 14.04 x64 aws.ami = "ami-864d84ee" # override info override.ssh.username = "ubuntu" override.ssh.private_key_path = "#{YOUR_AWS_PRIVATE_KEY_PATH}" override.vm.synced_folder "#{YOUR_SYNC_FOLDER}", "/vagrant", type: "rsync" override.vm.box = "dimroc/awsdummy" end end LOCAL_BOXS = { "ubuntu1404x64" => "ubuntu/trusty64", "ubuntu1210x64" => "chef/ubuntu-12.10" } AWS_AMIS = { "ubuntu1404x64" => "ami-864d84ee", "ubuntu1210x64" => "ami-02df496b", "windows2012r2x64" => "ami-9ade1df2", "windows2012x64" => "ami-5ce32034", "windows2008r2x64" => "ami-2ae02342", "windows2008x64" => "ami-5e24e936", "windows2003r2x64" => "ami-b0e320d8" } VAGRANTFILE_API_VERSION = "2" Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| config.vm.box = "precise64_vmware" # vmware_fusion config.vm.provider "vmware_fusion" do |v, override| override.vm.box = "precise64_vmware" v.gui = false v.vmx["memsize"] = "1024" v.vmx["numvcpus"] = "2" end # vsphere config.vm.provider :vsphere do |vsphere| vsphere.vm.box = "nkhasanov/vsphere-simple" vsphere.host = '#{}' vsphere.compute_resource_name = '#{}' # vsphere.resource_pool_name = 'YOUR RESOURCE POOL' vsphere.insecure = true vsphere.template_name = 'qasus-tw-centos7x64-01' vsphere.name = "#{YOUR_NAME}-test-machine" vsphere.user = 'administrator' vsphere.password = '#{}' vsphere.vm_base_path = 'vmware_template' vsphere.linked_clone = true end # virtual box config.vm.provider "virtualbox" do |vb| vb.gui = false vb.memory = 1024 vb.cpus = 2 end # aws config.vm.provider :aws do |aws, override| # aws configurations aws.access_key_id = "#{YOUR_AWS_ACCESS_KEY_ID}" aws.secret_access_key = "#{YOUR_AWS_ACCESS_KEY}" aws.keypair_name = "#{YOUR_NAME}" aws.security_groups = "#{YOUR_NAME}" aws.instance_type = "t2.small" aws.region = "us-east-1" # ubuntu 14.04 x64 aws.ami = "ami-864d84ee" # override info override.ssh.username = "ubuntu" override.ssh.private_key_path = "#{YOUR_AWS_PRIVATE_KEY_PATH}" override.vm.synced_folder "#{YOUR_SYNC_FOLDER}", "/vagrant", type: "rsync" override.vm.box = "dimroc/awsdummy" end # VMs (1..MAX_VM_NUMBER).each do |i| # define linux config.vm.define "l#{i}" do |node| # aws node.vm.provider :aws do |aws| aws.tags = { "Name" => "#{YOUR_NAME}-linux-#{i}" } end # local # node.vm.network "private_network", ip: "192.168.33.%d" % (i+2) node.vm.hostname = "ftan-linux-#{i}" end # define windows config.vm.define "w#{i}" do |node| node.vm.provider :aws do |aws| aws.ami = "ami-2ae02342" aws.tags = { "Name" => "#{YOUR_NAME}-windows-#{i}" } end end end # define customer YOUR_CUSTOMIZED_VM.each do |vm| config.vm.define "%s" % vm["name"] do |node| # aws node.vm.provider :aws do |aws| aws.ami = AWS_AMIS[vm["platform"]] aws.tags = { "Name" => "#{YOUR_NAME}-%s" % vm["name"] } end # vmware fusion # vmware workstation node.vm.provider :vmware_fusion do |fusion| fusion.vm.box = LOCAL_BOXS[vm["platform"]] fusion.vm.hostname = "#{YOUR_NAME}-%s" % vm["name"] end # vsphere # azure end end end

Friday, October 2, 2020 閱讀