Regret using BashCore Injector? Easy fix.
๐งผ Just open the script โ all installed packages are listed. Remove them with sudo apt remove, then run:
sudo apt autoremove
sudo rm -rf /opt/*
๐ก If something crashes mid-install, just delete the incomplete folder in /opt and rerun the script. It's smart โ it only installs what's missing.
No lock-in. No mess. Total control.
#BashCore #Linux #Minimalism #Debian #Ubuntu #SysadminTips #CleanUninstall
๐ ๏ธ WordPress Admins using AI-generated PNGs from ChatGPT: be aware!
ImageMagick on the backend often chokes when resizing these PNGs, breaking thumbnails or uploads.
โ Quick fix: open the PNG, re-save it as a JPEG, then upload.
Avoid the headache. Share if this saved you. #WordPress #AI #ImageMagick #SysAdminTips
alias please='sudo $(history -p \!\!)'
As a rule, you DON'T deploy to production on Fridays.
But here's the catch: if you hasten through deployment on Thursday evening so you can do it BEFORE Friday, that's NOT necessarily much better.
#nonmention #sysadmintips
Evening reflection, observing the little Raspberry Pi A that manages the outdoor lights (powered by FreeBSD): one of the reasons I chose FreeBSD over other BSDs and Linux is the ease of running it in read-only mode when installed on a UFS file system.
Just change "rw" to "ro" in /etc/fstab, and upon the next reboot, the system will operate in read-only mode.
For systems with unstable power or the potential for dirty reboots (especially when using memory cards not optimized for frequent writes), this can ensure near-infinite file system longevity.
This has often saved remote systems, even those powered by batteries or solar panels, from corruption and inaccessibility. Achieving the same with OpenBSD or NetBSD isn't difficult, as they always write to specific locations (easily mountable in RAM file systems), while many Linux distributions (except Alpine and a few others) tend to write all over the place, making the operation more complex.
#FreeBSD #RaspberryPi #SysadminTips #NetBSD #OpenBSD #Linux #AlpineLinux
Found a guide for NetScaler (Citrix ADC) CVE-2023-3519 that explains how to validate and check for (currently) known Indicators of Compromise (IoCs) on a local CITRIX device.
The full guide including the commands, can be found here: [Checklist for Citrix ADC CVE-2023-3519](https://www.deyda.net/index.php/en/2023/07/19/checklist-for-citrix-adc-cve-2023-3519/)
Please bear in mind that this is a guide "found on the internet". Although it appears to be reliable and it was mentioned by SANS stormcast, these devices are not my specific area of expertise. Use your brain and use at your own risk...
Here are some key points from the article:
1. **Log in with nsroot or another administrative account.**
2. **Find out the time of the last update.** - This command lists the details of the files in the /var/nsinstall directory, which can help determine when the last update occurred.
```
shell ls -ll /var/nsinstall
```
3. **Check whether certain files have been adjusted since the last update.** - These commands find and list files in specified directories that have been modified since the last update.
```
shell
find /netscaler/ns_gui/ -type f -name *.php -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
find /var/vpn/ -type f -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
find /var/netscaler/logon/ -type f -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
find /var/python/ -type f -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
```
4. **Check for HTTP error log files.** - These commands search for .sh and .php entries in the HTTP error log files.
```
zgrep '\.sh' /var/log/httperror.log*
zgrep '\.php' /var/log/httperror.log*
```
5. **Check for Shell log files.** - This command searches for entries related to '/flash/nsconfig/keys' in the shell log files.
```
grep '/flash/nsconfig/keys' /var/log/sh.log*
```
6. **Check log files for known IOCs.** - This command finds and lists files with root permissions that have been modified since the last update.
```
find /var -perm -4000 -user root -not -path "/var/nslog/*" -newermt {Timestamp of Installer Files +1} -exec ls -l {} \;
```
7. **Check for Nobody processes.** - This command lists processes running under the 'nobody' user that are not associated with '/bin/httpd'.
```
shell ps aux | grep nobody | grep -v '/bin/httpd'
```
#NetScaler #CitrixADC #CVE20233519 #SecurityGuide #IndicatorsOfCompromise #IoCs #InfoSec #CyberSecurity #VulnerabilityManagement #SecurityInvestigation #SysAdminTips #NetworkSecurity #CyberThreats #ITSecurity #OnlineSecurity #CyberAware #TechSafety #SecureNetworking #VulnerabilityScanning #InfoSecAwareness
CICD pipelines with tools like Github Actions are great for use cases where certain collaboration and complexity require that ecosystem; but I've really come to appreciate simple automated deploy setups with git hooks and basic bash scripts.
Scenario: setup a remote repo via ssh access, add a post-receive hook that triggers a deploy script that pulls latest code and restarts a system service...
No external dependencies, high level of security, quick to get running, elegant in its simplicity. For side projects I've found this to be an extremely satisfying automated process that takes a push to main and translates that into a production deploy. Very convenient. #Sysadmin #SysadminTips #automation #programming #DevOps #git
Yop, des gens utilisent #CodiMD sur leur serveur (avec #yunohost ou pas ) ?
Je suis preneur de REX avant de tenter l'install chez moi ๐
https://forum.yunohost.org/t/experience-with-codimd-hackmd/7840
