Thankful to be here ๐ŸŒ
12741 words
http://aliciasykes.com@Lissy_Sykes

Fave YouTube Chanels ๐Ÿ“ผ

๐Ÿ”จ Hardware/ Electronics/ DIY

๐Ÿ” Cyber Security/ Hacking

๐Ÿ’ฟ Linux / Servers

๐Ÿงฎ Coding/ Algorithms/ Math

๐Ÿ’ป Technology/ PCs/ Consumer Electronics

๐Ÿ›ฐ Astronomy

๐Ÿ“บ Cartoons

โœ Bible

๐Ÿš… Trains

๐Ÿงช Science/ Engineering

๐Ÿƒโ€โ™‚๏ธ Motivational/ Lifestyle

๐Ÿ‘พ Fun/ Sometimes Educational

โšฐ Past Legends/ Rarely Updated

๐ŸŒŸ Personal Favorite Favorites

Notes

These are my personal favorite YouTube channels, the talent and hard work behind each of these channels is very inspirational. Since I can't feasibly financially support all of them, I am instead sharing there content here.

I try to avoid using the official YouTube app and website (due to privacy concerns) (I instead use Invidious (web) / FreeTube (desktop) / NewPipe (mobile)). Therefore I need to manage my subscriptions externally, and that is part of what this list is for.

[HOW-TO] Use SSH for Server Authentication ๐Ÿ”“

Option #1 - Manual Configuration

Generating a new SSH Key Pair

  1. Run ssh-keygen -t rsa -b 4096
  2. When prompted, enter a passphrase
  3. SSH keys should be stored in ~/.ssh/

Importing Public Key to Remote Machine

  1. SSH into remote server, with username + password
  2. cd into your /home directory, and mkdir .ssh
  3. Copy public key from local to remote machine scp ~/.ssh/my_key.pub user@0.0.0.0:/home/username/.ssh/my_key.pub
  4. Append SSH public key to authorized hosts file cat ~/.ssh/my_key.pub >> ~/.ssh/authorized_keys
  5. Set permissions to .ssh directory (read, write, execute) and files (read, write) chmod 700 ~/.ssh/ && chmod 600 ~/.ssh/*

Disable Password Authentication

  1. Make a backup of the sshdconfig file, before modifying it `sudo cp /etc/ssh/sshdconfig.backup`
  2. Turn off password authentication
    • sudo vim /etc/ssh/sshd_config
    • Find #PasswordAuthentication yes and replace with PasswordAuthentication no
    • Save and exit
  3. Restart SSH service sudo service ssh restart

Option #2 - SSH Copy ID Command

After generating an SSH key pair, simple run ssh-copy-id user@0.0.0.0
This adds your public key to the .ssh/authorized_keys file on the remote server

Further Links

[HOW-TO] Operate the SharkJack ๐Ÿฆˆ

A Quick-Start Guide for the Hak5 SharkJack, a portable network attack tool

Access the SharkJack

  1. Switch to Arming Mode (center), and connect to PC via Ethernet
  2. Find the IP: Default is 172.16.24.1, run ifconfig to check
  3. Login: ssh root@172.16.24.1, using password hak5shark
  4. On first setup, change the default password, run passwd

Navigating the SharkJack

  • The active payload is located at: ~/payload/payload.sh
  • Captured loot is stored with the ~/loot/... directory
  • To save all loot locally, run: scp -r root@172.16.24.1:/root/loot/* .
  • To upload a new payload, run scp payload.sh root@172.16.24.1:/root/payload/

Conducting an Attack

  1. Flip into Attack Mode (fully forward), and wait for LED to go magenta
  2. Plug device into victim Ethernet port, watch LED's blink
  3. Once LED turns off, unplug device and switch to off

Out-of-the box, the ShakJack comes with an nmap payload, useful for initial network reconnaissance

Additional Tools

CLI Helper Tool

The SharkJack Helper a CLI tool for carrying out common tasks:
Get a shell, push a payload, grab saved loot and upgrade the firmware etc

  1. Download from: https://downloads.hak5.org/shark
  2. Make executable: chmod +x sharkjack.sh
  3. Run ./sharkjack.sh, and follow on-screen prompts

Web Interface

Once the firmware has been updated (V1.01 and newer), you can access the SharkJack's web interface by visiting 172.16.24.1 in your browser. From here you can view and modify the current payload, download your loot and view device status

Cloud C2

  1. Download and run Cloud C2 for your system, from https://shop.hak5.org/products/c2
  2. Go to Add Device --> SharkJack. Then select the listing --> Setup, and config file will download
  3. The device.config needs to be uploaded to /etc. Run scp device.config root@172.16.24.1:/ete/
  4. To connect, run CTCONNECT. Back on the web interface, your now able to open a shell, for remote access!
  5. To get the loot, run C2EFIL STRING /root/loot/nmap/nmap-scan_1.txt nmap, data now will show up in Loot tab!

Note that it the SharkJack does not connect to CloudC2 automatically, but by using the CTCONNECT and C2EFIL .. commands to your payload, you'll be able to exfiltrate the loot immediately, and access it remotely.

Reference Info

Switch Positions

  • Back: Off/ Charging
  • Middle: Arming Mode
  • Front: Attack Mode

LET Lights

  • Green (blinking): Booting up
  • Blue (blinking): Charging
  • Blue (solid): Fully Charged
  • Yellow (blinking): Arming Mode
  • Red (blinking): Error / No Payload

Individual Payloads have their own LED routines, but usually:
Red: Setup, Amber: Scanning, Green: Finished

Specifications

  • OS: OpenWRT 19.07-based GNU/Linux
  • SoC: 580MHz MediaTek MT7628DAN mips CPU
  • MEMORY: 64 MB DDR2 RAM, 64 MB SPI Flash
  • IO: RJ45 IEEE 802.3 Ethernet + USB-C charge port
  • DIMENSIONS: 62 x 21 x 12 mm
  • POWER: 2.5W (USB 5V 0.5A)
  • BATTERY: 1S 401020 3.7V 50mAh 0.2W LiPo
  • BATTERY TIMES: ~15 mins run, ~7 mins charge
  • TEMP: Operating- 35ยบC ~ 45ยบC, Storage -20ยบC ~ 50ยบC
  • RELATIVE HUMIDITY: 0% to 90% (noncondensing)

My worry about the future of Keybase ๐Ÿ˜Ÿ

When I heard that Zoom had acquired Keybase last week, my initial reaction was that it was a prank.

A bit of background

Keybase is a cryptography-based platform, where you control your private keys and use them to encrypt files, messages and more. It's mostly used by techy people and the privacy-conscious. Personally, I've been a big fan, and user of keybase for the past 4 years.
And Zoom, it seemed to come from nowhere when lockdown started, suddenly it was super popular: it has allowed us to stay in touch with our friends and family, for free and with excellent video quality. But it seems that nearly everyday recently, there's been another critical security issue with Zoom, they don't come across as a company that values the privacy of their users.

My Worries about the future of Keybase

This is an extract from the acquisition article posted on Keybase:

"Initially, our single top priority is helping to make Zoom even more secure. There are no specific plans for the Keybase app yet. Ultimately Keybase's future is in Zoom's hands, and we'll see where that takes us. Of course, if anything changes about Keybaseโ€™s availability, our users will get plenty of notice."

This is what worries me about the above quote:

  • "๐˜–๐˜ถ๐˜ณ ๐˜ด๐˜ช๐˜ฏ๐˜จ๐˜ญ๐˜ฆ ๐˜ต๐˜ฐ๐˜ฑ ๐˜ฑ๐˜ณ๐˜ช๐˜ฐ๐˜ณ๐˜ช๐˜ต๐˜บ ๐˜ช๐˜ด ๐˜ฉ๐˜ฆ๐˜ญ๐˜ฑ๐˜ช๐˜ฏ๐˜จ ๐˜ต๐˜ฐ ๐˜ฎ๐˜ข๐˜ฌ๐˜ฆ ๐˜ก๐˜ฐ๐˜ฐ๐˜ฎ ๐˜ฆ๐˜ท๐˜ฆ๐˜ฏ ๐˜ฎ๐˜ฐ๐˜ณ๐˜ฆ ๐˜ด๐˜ฆ๐˜ค๐˜ถ๐˜ณ๐˜ฆ" - Implies, that the KeyBase team will now be working on the Zoom platform, and not Keybase.
  • "๐˜Œ๐˜ท๐˜ฆ๐˜ฏ ๐˜ฎ๐˜ฐ๐˜ณ๐˜ฆ ๐˜ด๐˜ฆ๐˜ค๐˜ถ๐˜ณ๐˜ฆ" - HA! They are pretending Zoom is secure
  • "๐˜›๐˜ฉ๐˜ฆ๐˜ณ๐˜ฆ ๐˜ข๐˜ณ๐˜ฆ ๐˜ฏ๐˜ฐ ๐˜ด๐˜ฑ๐˜ฆ๐˜ค๐˜ช๐˜ง๐˜ช๐˜ค ๐˜ฑ๐˜ญ๐˜ข๐˜ฏ๐˜ด ๐˜ง๐˜ฐ๐˜ณ ๐˜ต๐˜ฉ๐˜ฆ ๐˜’๐˜ฆ๐˜บ๐˜ฃ๐˜ข๐˜ด๐˜ฆ ๐˜ข๐˜ฑ๐˜ฑ ๐˜บ๐˜ฆ๐˜ต" - this doesn't sound good
  • "๐˜œ๐˜ญ๐˜ต๐˜ช๐˜ฎ๐˜ข๐˜ต๐˜ฆ๐˜ญ๐˜บ ๐˜’๐˜ฆ๐˜บ๐˜ฃ๐˜ข๐˜ด๐˜ฆ'๐˜ด ๐˜ง๐˜ถ๐˜ต๐˜ถ๐˜ณ๐˜ฆ ๐˜ช๐˜ด ๐˜ช๐˜ฏ ๐˜ก๐˜ฐ๐˜ฐ๐˜ฎ'๐˜ด ๐˜ฉ๐˜ข๐˜ฏ๐˜ฅ๐˜ด" - FUCK
  • "๐˜ช๐˜ง ๐˜ข๐˜ฏ๐˜บ๐˜ต๐˜ฉ๐˜ช๐˜ฏ๐˜จ ๐˜ค๐˜ฉ๐˜ข๐˜ฏ๐˜จ๐˜ฆ๐˜ด ๐˜ข๐˜ฃ๐˜ฐ๐˜ถ๐˜ต ๐˜’๐˜ฆ๐˜บ๐˜ฃ๐˜ข๐˜ด๐˜ฆโ€™๐˜ด ๐˜ข๐˜ท๐˜ข๐˜ช๐˜ญ๐˜ข๐˜ฃ๐˜ช๐˜ญ๐˜ช๐˜ต๐˜บ" - Makes it sound like Keybase could one day be discontinued

And from the Zoom blog post:

  • "๐˜ž๐˜ฆ ๐˜ข๐˜ณ๐˜ฆ ๐˜ฆ๐˜น๐˜ค๐˜ช๐˜ต๐˜ฆ๐˜ฅ ๐˜ต๐˜ฐ ๐˜ช๐˜ฏ๐˜ต๐˜ฆ๐˜จ๐˜ณ๐˜ข๐˜ต๐˜ฆ ๐˜’๐˜ฆ๐˜บ๐˜ฃ๐˜ข๐˜ด๐˜ฆโ€™๐˜ด ๐˜ต๐˜ฆ๐˜ข๐˜ฎ ๐˜ช๐˜ฏ๐˜ต๐˜ฐ ๐˜ต๐˜ฉ๐˜ฆ ๐˜ก๐˜ฐ๐˜ฐ๐˜ฎ ๐˜ง๐˜ข๐˜ฎ๐˜ช๐˜ญ๐˜บ" - Yup, they bought Keybase just to use their engineers
  • "๐˜›๐˜ฉ๐˜ช๐˜ด ๐˜ข๐˜ค๐˜ฒ๐˜ถ๐˜ช๐˜ด๐˜ช๐˜ต๐˜ช๐˜ฐ๐˜ฏ ๐˜ฎ๐˜ข๐˜ณ๐˜ฌ๐˜ด ๐˜ข ๐˜ฌ๐˜ฆ๐˜บ ๐˜ด๐˜ต๐˜ฆ๐˜ฑ ๐˜ง๐˜ฐ๐˜ณ ๐˜ก๐˜ฐ๐˜ฐ๐˜ฎ ๐˜ข๐˜ด ๐˜ธ๐˜ฆ ๐˜ข๐˜ต๐˜ต๐˜ฆ๐˜ฎ๐˜ฑ๐˜ต ๐˜ต๐˜ฐ ๐˜ข๐˜ค๐˜ค๐˜ฐ๐˜ฎ๐˜ฑ๐˜ญ๐˜ช๐˜ด๐˜ฉ ๐˜ต๐˜ฉ๐˜ฆ ๐˜ค๐˜ณ๐˜ฆ๐˜ข๐˜ต๐˜ช๐˜ฐ๐˜ฏ ๐˜ฐ๐˜ง ๐˜ข ๐˜ต๐˜ณ๐˜ถ๐˜ญ๐˜บ ๐˜ฑ๐˜ณ๐˜ช๐˜ท๐˜ข๐˜ต๐˜ฆ ๐˜ท๐˜ช๐˜ฅ๐˜ฆ๐˜ฐ ๐˜ค๐˜ฐ๐˜ฎ๐˜ฎ๐˜ถ๐˜ฏ๐˜ช๐˜ค๐˜ข๐˜ต๐˜ช๐˜ฐ๐˜ฏ๐˜ด ๐˜ฑ๐˜ญ๐˜ข๐˜ต๐˜ง๐˜ฐ๐˜ณ๐˜ฎ" - I don't think they have any intention of creating a "truly private" platform. And the word "attempt" doesn't exactly instill confidence in me
  • "๐˜–๐˜ถ๐˜ณ ๐˜จ๐˜ฐ๐˜ข๐˜ญ ๐˜ช๐˜ด ๐˜ต๐˜ฐ ๐˜ฑ๐˜ณ๐˜ฐ๐˜ท๐˜ช๐˜ฅ๐˜ฆ ๐˜ต๐˜ฉ๐˜ฆ ๐˜ฎ๐˜ฐ๐˜ด๐˜ต ๐˜ฑ๐˜ณ๐˜ช๐˜ท๐˜ข๐˜ค๐˜บ ๐˜ฑ๐˜ฐ๐˜ด๐˜ด๐˜ช๐˜ฃ๐˜ญ๐˜ฆ ๐˜ง๐˜ฐ๐˜ณ ๐˜ฆ๐˜ท๐˜ฆ๐˜ณ๐˜บ ๐˜ถ๐˜ด๐˜ฆ ๐˜ค๐˜ข๐˜ด๐˜ฆ, ๐˜ธ๐˜ฉ๐˜ช๐˜ญ๐˜ฆ ๐˜ข๐˜ญ๐˜ด๐˜ฐ ๐˜ฃ๐˜ข๐˜ญ๐˜ข๐˜ฏ๐˜ค๐˜ช๐˜ฏ๐˜จ ๐˜ต๐˜ฉ๐˜ฆ ๐˜ฏ๐˜ฆ๐˜ฆ๐˜ฅ๐˜ด ๐˜ฐ๐˜ง ๐˜ฐ๐˜ถ๐˜ณ ๐˜ถ๐˜ด๐˜ฆ๐˜ณ๐˜ด ๐˜ข๐˜ฏ๐˜ฅ ๐˜ฐ๐˜ถ๐˜ณ ๐˜ค๐˜ฐ๐˜ฎ๐˜ฎ๐˜ช๐˜ต๐˜ฎ๐˜ฆ๐˜ฏ๐˜ต ๐˜ต๐˜ฐ ๐˜ฑ๐˜ณ๐˜ฆ๐˜ท๐˜ฆ๐˜ฏ๐˜ต๐˜ช๐˜ฏ๐˜จ ๐˜ฉ๐˜ข๐˜ณ๐˜ฎ๐˜ง๐˜ถ๐˜ญ ๐˜ฃ๐˜ฆ๐˜ฉ๐˜ข๐˜ท๐˜ช๐˜ฐ๐˜ณ ๐˜ฐ๐˜ฏ ๐˜ฐ๐˜ถ๐˜ณ ๐˜ฑ๐˜ญ๐˜ข๐˜ต๐˜ง๐˜ฐ๐˜ณ๐˜ฎ" - When they talk about "balancing" the needs of customers, this implies that they will not be aiming for true end-to-end encryption and anonymity, it could be possible but I doubt Zoom will peruse that path

I know all this is just legal speak, and they have to word it in this way to cover themselves, but too me this is worrying. I'd come to love Keybase over the years, the team behind it are very talented, and have done an amazing job. It's going to be sad to say goodbye, but for now I'm going to enjoy it while I can :)

Expressing my Gratitude to the Universe ๐ŸŒŒ

Dear Universe,
Thanks!




AHT GPG Public Key ๐Ÿ”‘

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQENBF48O4ABCAC9IEjW7+Q2uF7efrxguXeRVr0NgHPIbTdAioVp2TkPlAi+h+yW
gbyeluutVlg2Mo5uWccPBaPHLm9Pr0CKTKiF8Y1RrYiDZ8RmyJSNux40FBGFPsNs
mfj3v7pjdTinI4v+EW8Lqd704fGCkgEpUpamefI2O8Hc7pHAtH1PUz99dcO1ThDY
Bn5grO8CPmM6XfRIHvBf7oJ0DwBH/yoS5Gjs2P4ijk/GMplApaVroCo8dAjyS7QJ
xreko5yVr2hhzrIznJYc63UBe6lAoM7wpArLCHxJ2fw1zHMuWg431EnpZa5nwrml
iSXizo1MuVUXm1Mt52wb3s26koLUoCXhNcqfABEBAAG0KEFsaWNpYSBIYWlnLVRo
b21hcyA8YWxpY2lhLmh0QGFsaWNpYS5odD6JAU4EEwEIADgWIQSEJgDk7beVIXMv
TmyOI+xzzok6aQUCXjw7gAIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRCO
I+xzzok6aTL7B/4knCMhDX5MOTiAd0NKKE89EqApayJuxWovnvYmYEN2fje+rMH2
gf1J6+XET7jJ8jNujYIpvQmJcnumfzk9/dXNfT+MWn93ZOn+8Y2FmFD4jCdG20dS
Bx9mPAH00QoG7qZXk8EUvqo0EHtVPHW0PREyB3B/qd+tx1RcBva4vp8eYQezl16w
gjxGM4rjtcwgDGmlHM1PoeplJ6dr9kmB1fJ/HnuQnPKFMcU2bBj6Mbv2uensd4Js
zDgKWAaT5X+LA7xLs65bSgPFnos6gUFg+dS2tYf/zoIGiCGaeiv93RnWdvTYPcba
fHPmwsLX97HFk4KXnNvdAEaJlykbTvujHP14uQENBF48O4ABCAC5YOL+GBpmoTKB
nniRlRdt2Y+oWN0eyongTwLb3oPyc6+BfcMJS+8mV9hp96qYvXLDoNwkZZWUuHAP
SFhS4YjNW7mufOqKejUlkOgNvFpQ6eiU6QxmLu7RB4dWsPXMWxKAayaDsIJ75amf
EPyEcy+8/jkpAs62copxdJcJNkD3GGda2W6EC1GjhZGZjK4UnDAMg/iVpbygJFiH
EYHEL4JvS0HrW+30eikvXi9R8MxW/pNQIuJyjp8rJTwbV3fPeCwfuasPECuLK9qN
FmpL7NEAyreYET+uZxW16r7tDo3pIAZcz6+y4sBvf3+hR6T5IGL8nvezu71l0YhO
r4b38CIBABEBAAGJATYEGAEIACAWIQSEJgDk7beVIXMvTmyOI+xzzok6aQUCXjw7
gAIbDAAKCRCOI+xzzok6aWmdB/9yyai3QfSNhXnljLN7bLDyukFWnioqNZZWRKsp
1Coi2b7/yIYm1i4nd7W9YMXSZ2Lojl5471A4/u74M8c3Ua7RLxS5SJGDTYm1TX8L
xM4MY+iaYcbSMt+8ll0Y2av4cQAx/S69DIONSAqsIuKtNptKxedyKmB9IX3QLtpK
J2SFOTHVXWg4EVovhCvr7DlI9nkQtFJ+fgVk4GW8UeY5b+uR3Emcpcfo7h/FVwav
Pc0jCYP8i2YZQ3IdN6+Py2PXnhS6+OZukVy3GSib6dmdk1XhaUCcE8xbht92GiK0
2TVqWk8NQtfrMH6TvJmsgfNUAuOz3dOGgUwK1DqvhYQRWMh1
=4Lz6
-----END PGP PUBLIC KEY BLOCK-----

Fingerprint: 8426 00E4 EDB7 9521 732F 4E6C 8E23 EC73 CE89 3A69

[HOW-TO] Enable/ Disable Pi-Hole from CLI ๐Ÿฅง

Pi Hole has an API that can be hit from browser, PostMan or CLI
This is useful for creating a physical button, voice command or automation script

To enable or diable Pi Hole, just hit the following end points
Disable URL : http://pi.hole/admin/api.php?disable&auth=[WEB_PASSWORD]
Enable URL : http://pi.hole/admin/api.php?enable&auth=[WEB_PASSWORD]
Disable for [X] Seconds: http://pi.hole/admin/api.php?disable=[X]&auth=[WEB_PASSWORD]

[WEB_PASSWORD] can be found in /etc/pihole/setupVars.conf
It is a 64-character string with the identifierWEBPASSWORD
It is NOT your pi-hole interface or server password

API Docs: https://discourse.pi-hole.net/t/pi-hole-api/1863

Or, if logged into pi server, run: pihole enable
Docs: https://docs.pi-hole.net/core/pihole-command

Hello World ๐Ÿ‘‹

This is my blog. It has a bunch of random notes. The stuff here is mostly pointless, some of it's cool- but most of it pointless. Kind of like the rest of what I do with my life.

I keep the posts and information up-to-date.