Skip to content

Home

Linux bash script, basic script that records the website availability HTTP code 200s, 300s, 400s, 500s

Linux bash script, basic script that records the website availability HTTP code 200s, 300s, 400s, 500s

"Linux bash script, basic script that records the website availability HTTP code 200s, 300s, 400s, 500s"

To do next... color coding alerts maybe?!

the-linux-bash-script

#!/bin/bash

IFS='
'

LIST_URLs="https://www.antoniofeijao.com/
https://www.antoniofeijao.pt/
https://www.antoniocloud.com/
https://antonio.cloud/
https://www.cyberantonio.com/
https://www.cloudsecurity.cc/
https://www.securitygames.net/
https://www.root.pt/
https://www.ninja.pt/
https://www.ntp.pt/"


for URL in $(echo ${LIST_URLs} | tr '\ ' '\n'); do
    while true; do
        LOGS="${URL:8:-1}-$(date +%F).txt" && \
        DATE=$(date +%F-%H%M-%Ss) && \
        RESULT=$(curl -I ${URL} --silent | head -n 1) && \
        echo -e "${DATE}; \t ${URL}; \t ${RESULT}" >> ${LOGS} && \
        sleep 15
    done &
done

Happy learning,

Antonio Feijao

cyberantonioctf

AWS SSM documents and SSM session-start command to ssh directly to an instance without using the ssh keys

Assuming you have a role with the necessary permissions, you can list the instances InstanceId and the tags Name if present, within the region you define.

aws-ec2-list-all-ec2-instance-and-their-tag-name

for instance in $(aws ec2 describe-instances | jq -r '.Reservations[].Instances[].InstanceId' ); do
    echo "${instance} : $(aws ec2 describe-instances --instance-ids ${instance} | jq '.Reservations[].Instances[].Tags[] | select(.Key == "Name")|.Value') "
done

("ping me" if you know how to simplify the above comand with the --query native from aws cli)

Then you can run various AWS Systems Manager documents (SSM document) against a "target" instance(s).

docs here - https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-ssm-docs.html


aws-ssm-list-documents-example

If you prefer the AWS CLI, you can list available documents.

aws ssm list-documents

docs here - https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ssm/list-documents.html


example-using-aws-ssm-start-session

docs here - https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ssm/start-session.html

aws ssm start-session --target i-123456789012

by-antonio-feijao-uk

Thank you for you time and happy learning,

Antonio Feijao

AWS SSM command to tunnel proxy network traffic to another remote instance

If you have access to an instance (server, virtual machine) in AWS,

and this instance can access to other applications,

this means you can use this machine to proxy traffic from your local laptop (desktop or server) to the specified host.

requirements

Your local laptop needs permission to use the AWS SSM agent - AWS STS role or temporary token.

Your local laptop connects to the instance in AWS and then forward the traffic to the host specified in the command.

If you do not specify the remote host, you will be connected to a local port on your AWS instance.

example

For example, adjust as needed.

Connect to ${INSTANCE_ID} and tunnel (forward, proxy) traffic to the remote IP 192.168.0.10.

INSTANCE_ID="i-123456789012345"

aws ssm start-session \
    --target ${INSTANCE_ID} \
    --document-name AWS-StartPortForwardingSessionToRemoteHost \
    --parameters '{ "host":["192.168.0.10"], "portNumber":["443"], "localPortNumber":["8443"] }'

documentation


antonio feijao uk

Happy learning,

Antonio Feijao

AWS Organisation get only the account name from the account id

AWS Organisation get only the account name from the account id

import boto3

organizations = boto3.client('organizations')

organizations.describe_account(AccountId='123456789012')

account_name = organizations.describe_account(AccountId='123456789012')['Account']['Name']

print(account_name)
source: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/organizations.html#Organizations.Client.describe_account

HACKING GOOGLE

HACKING GOOGLE

Hacking Google series 2022

"hacking-google-series-2022"

Five elite security teams.
Six never-before-told stories.
Go behind the scenes with the hacking teams at Google keeping more people safe online than anyone else in the world.

Youtube playlist for the series

Thank you Security Now for the mention and thank you Google for creating these series!

Learning by doing, enjoy learning!

Antonio Feijao

aws-lambda-function-to-email-notification-for-new-file-uploaded

import json
import urllib.parse
import boto3

import os
sns_topic_arn = os.environ['sns_topic_arn']

print('Loading function')

s3_client  = boto3.client('s3')
sns_client = boto3.client('sns')

# useful links
# https://github.com/awsdocs/aws-doc-sdk-examples/blob/main/python/example_code/s3/s3_basics/presigned_url.py
# https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/s3.html#S3.Client.generate_presigned_url
# https://boto3.amazonaws.com/v1/documentation/api/latest/guide/s3-presigned-urls.html
# https://docs.aws.amazon.com/lambda/latest/dg/with-s3-tutorial.html


def lambda_handler(event, context):
    #print("Received event: " + json.dumps(event, indent=2))
    #print('This is sns_topic_arn: {}.'.format(sns_topic_arn))

    # Get the object from the event and show its content type
    bucket = event['Records'][0]['s3']['bucket']['name']
    key = urllib.parse.unquote_plus(event['Records'][0]['s3']['object']['key'], encoding='utf-8')
    
    try:
        response = s3_client.get_object(Bucket=bucket, Key=key)
        #print("CONTENT TYPE: " + response['ContentType'])
        #print('Object name `{}` from bucket `{}`.'.format(key, bucket))
        
        url = s3_client.generate_presigned_url(
            ClientMethod='get_object',
            Params={'Bucket': bucket, 'Key': key},
            ExpiresIn='25200' #7 days
        )
        
        #print('This is the result URL - {} '.format(url))
        
        #presigned_url_for_email = '<a href="{}">Your private link for download</a>'.format(url)
        #print(presigned_url_for_email)
        
        response = sns_client.publish(
             TopicArn=sns_topic_arn,
             Message='Notification for bucket {}. \nA new file name {} was added. \n\nHere is the link for download: \n\n {} \n\nPlease let us know if you need a new link as for security they expire after 1 hour. \nThank you. \nThe fantastic staff.'.format(bucket, key, url),
             Subject='Bucket notification - new file {}'.format(key)
        )
        
        return 0
        #response['ContentType']
        
    except Exception as e:
        print(e)
        print('Error getting object {} from bucket {}. Make sure they exist and your bucket is in the same region as this function.'.format(key, bucket))
        raise e

Sample lambda functions that run based on S3 event trigger on s3:ObjectCreated.

UPDATE

Upload objects greater than 16MB+ requires the additional event trigger of s3:ObjectCreated:CompleteMultipartUpload.

Kudus for AWS Support for helping me with the troubleshoot.

1) SNS topic with email, txt, ... subscribers.

2) Create S3 event trigger with the lambda funtion as a target

s3-object-created-trigger-lambda-and-sns-notification

S3 events for:

  • s3:ObjectCreated:Put

  • s3:ObjectCreated:CompleteMultipartUpload

3) Target a lambda functions to run below logic

lambda sample code for s3 presign url

  • DISCLAIMER >> Use at your own responsability. <<

Sample Lambda code


UPDATE and other details

Upload objects greater than 16MB+ requires the additional event trigger of s3:ObjectCreated:CompleteMultipartUpload.

Kudus for AWS Support for helping me with the troubleshoot.

S3 events trigger for:

  • s3:ObjectCreated:Put

  • s3:ObjectCreated:CompleteMultipartUpload

Objects greater than 16MB are getting uploaded as a Multipart uploads.

Multipart upload allows us to upload a single object as a set of parts. Each part is a contiguous portion of the object's data.

S3 bucket event s3:ObjectCreated:Put provides notification when an object is created by an HTTP PUT operation.

S3 bucket event s3:ObjectCreated:CompleteMultipartUpload provides notification for an object which was created by the completion of a S3 multi-part upload.

Documentation

Happy learning

Antonio Feijao

Paintball 25 event

2022 Paintball 25

  • Private event

  • Event location address

Delta Force Paintball East London 1 Aveley Rd, Upminster RM14 2TN

Google maps link - https://goo.gl/maps/jcaCaLXtZ1aVEGMv8

Message from the organisation:

"Many thanks for your booking.

Please note that all players must complete an Online Registration Form before they are allowed to play.

This should be done before arriving at the centre so as to ensure smooth entry on the day of your event.

Completing registration in advance allows you to start playing sooner, and mobile reception may be limited at the centre and therefore your registration process may be difficult to complete on the day.

To complete your Online Registration Form please click the button below.
  
    (Antonio to share the link in private)

This email can be forwarded on to your other players, or you can forward the link to your unique Online Registration Portal to your group via SMS, Facebook or WhatsApp by copying the link below.


Once you have completed your Online Registration Form you can click the Home button in the top left corner of the registration portal and then click the yellow Registered button in the top right corner to see a list of all of the registered players. If there are any players yet to register then please remind them in advance so as to fast track your arrival on the day.


If you have any further queries do not hesitate to give me a call or email me.

Kind regards,
Nancy Mills
Event Co-ordinator
0203 869 9135*

Rubik's cube solved in 3 minutes by Antonio Feijao

TIP - Use the video controls to change the playback speed.


I learned these steps initially from this video https://youtu.be/7Ron6MN45LY - Learn How to Solve a Rubik's Cube in 10 Minutes (Beginner Tutorial)

You too can learn how to solve the rubik cube

(Detailed videos for each step coming soon...)


01-all-white-middles-to-the-top


02-turn-whites-middles-to-white-center


03-yellow-up-fix-white-corners


04-yellow-up-fix-the-middle-colors


05-do-yellow-cross


06-put-the-yellow-middles-in-the-right-place


07-put-the-yellow-corners-in-the-right-place


08-rotate-the-yellow-corner-to-fix-position


09-you-have-solved-the-rubik-cube


Happy learning,

Antonio Feijao