awesome nmap grep

Nmap’s greppable output is really handy. Saving greppable output from a scan means the output is delimited in a way that can be easily processed using tools such as grep, sed, cut and awk. This post shows a few examples of post scan processing of the greppable output produced with the -oG flag. A more up to date repository with examples and command explanations can be found in my awesome-nmap-grep github repository. ...

July 9, 2016 · 2 min · Leon Jacobs

Kali Linux Oracle Support

EDIT This guide has been updated to accomodate a few changes (see here) Recently I have had to get Oracle support sorted in my Kali Linux install. I will try not to rant about the reasons why it doesn’t just work out of the box and just get the steps written down quickly. Typically, when you try to use a module such as oracle_login, metasploit may error out with: msf auxiliary(oracle_login) > run [-] Failed to load the OCI library: cannot load such file -- oci8 [-] See http://www.metasploit.com/redmine/projects/framework/wiki/OracleUsage for installation instructions [*] Auxiliary module execution completed msf auxiliary(oracle_login) > run The link provided seems a little out of date, so here is an updated guide. ...

August 17, 2014 · 3 min · Leon Jacobs

KVM Redirecting CentOS Kernel and tty output to a virtual serial console

Console all the things! First and foremost, I will start with a warning. Like any other virtualization software, you risk leaving the console open. This is a often overlooked part of securing your infrastructure. An administrator may have been required to do some work on the virtual console, and forget to log out. What if that account that is still logged in, is r00t? Having administrative access to a VM Host gives you access to the consoles, but not necessarily to the guests. Remember to log out! Or, setup shells to auto-logout after a few minutes of inactivity. ...

August 3, 2013 · 3 min · Leon Jacobs