Archiwa Bash - Page 2 of 3

Domain list get IP adresses

Posted on October 20, 2021October 21, 2021 by soban

In this case, I’ll show you how to get IP from domains. We will save the domains in the file, then, after calling the command, we will get a list of IP addresses along with the names of the domains from which we want to get the IP address.

Command that we will use is “host“:

I placed some domains, for example:

$ for i in `cat host_list.txt`; do echo $i ; host $i | awk '/has address/ { print $4 }'; done

1	$ for i in `cat host_list.txt`; do echo $i ; host $i \| awk '/has address/ { print $4 }'; done

After calling the command:

It’s worth noting that in some cases there are more IPs – like netflix.com. This is because traffic is spread across different servers.

If you want to get only IP addresses without domain names, remove “echo” from the command:

for i in `cat host_list.txt`; do host $i | awk '/has address/ { print $4 }'; done

1	for i in `cat host_list.txt`; do host $i \| awk '/has address/ { print $4 }'; done

The result of the command is:

Random generator IP adress in bash

Posted on October 20, 2021October 20, 2021 by soban

re situations where we can benefit from generating arbitrary IP addresses in bash. In this case, the first octet situations where There are situations where we can benefit from generating arbitrary IP addresses in bash. In this case, the first octet situations where we can benefit from generating arbitrary IP addresses in bash. In this case, the first octet in bash. In this case, the first octet situations where we can benefit from generating arbitrary IP addresses in bash. In this case (224.*.*.* / 10.*.*.* / 127.*.*.* / 0.*.*.* / 192.168.*.* / 172.16.*.* / 172.31.*.*) is not generated. Of course, the script can be adapted to your needs.

$ cat random_ip.sh

1	$ cat random_ip.sh

#!/bin/bash
while true; do
          set $(dd if=/dev/urandom bs=4 count=1 2>/dev/null | od -An -tu1)
            if [ $1 -lt 224 ] && [ $1 -ne 10 ] && [ $1 -ne 127 ] && [ $1 -ne 0 ] && { [ $1 -ne 192 ] || [ $2 -ne 168 ]; } && { [ $1 -ne 172 ] || [ $2 -lt 16 ] || [ $2 -gt 31 ]; }
            then
                            ip_address=$1.$2.$3.$4
                            echo $ip_address
            fi
done

#!/bin/bash

while true; do

set $(dd if=/dev/urandom bs=4 count=1 2>/dev/null | od -An -tu1)

if [ $1 -lt 224 ] && [ $1 -ne 10 ] && [ $1 -ne 127 ] && [ $1 -ne 0 ] && { [ $1 -ne 192 ] || [ $2 -ne 168 ]; } && { [ $1 -ne 172 ] || [ $2 -lt 16 ] || [ $2 -gt 31 ]; }

then

ip_address=$1.$2.$3.$4

echo $ip_address

done

You can also download this script:

$ wget soban.pl/bash/random_ip.sh

1	$ wget soban.pl/bash/random_ip.sh

You should give the script the ability to run it:

$ chmod +x random_ip.sh

1	$ chmod +x random_ip.sh

Here’s the effect when you run it:

Long history in Linux date of execute command and some tricks

Posted on October 15, 2021October 15, 2021 by soban

In my opinion, one of the most important things about Linux is history. Thanks to it, we know what has been done in the system and we can quickly check what commands were executed in the system. When working on different systems it is very useful to use grep and use (ctrl + r) in the shell to quickly search the command history. However, to make it even more useful, we will try to enlarge the history to 10000 by default, it is 1000 command lines. We will also add a date that will be next to the command issued. If we want to run the history command, just:

$ history

$ history

To enlarge the history and add a date when executing a given command, you should:

$ cd 
$ echo 'HISTFILESIZE=5000000' >> ~/.bash_profile
$ echo 'HISTSIZE=10000' >> ~/.bash_profile 
$ echo 'export HISTTIMEFORMAT="%d/%m/%y %T "' >> ~/.bash_profile

$ cd

$ echo 'HISTFILESIZE=5000000' >> ~/.bash_profile

$ echo 'HISTSIZE=10000' >> ~/.bash_profile

$ echo 'export HISTTIMEFORMAT="%d/%m/%y %T "' >> ~/.bash_profile

The whole thing can be reduced to one command.

$ cd && echo 'HISTFILESIZE=5000000' >> ~/.bash_profile && echo 'HISTSIZE=10000' >> ~/.bash_profile && echo 'export HISTTIMEFORMAT="%d/%m/%y %T "' >> ~/.bash_profile

1	$ cd && echo 'HISTFILESIZE=5000000' >> ~/.bash_profile && echo 'HISTSIZE=10000' >> ~/.bash_profile && echo 'export HISTTIMEFORMAT="%d/%m/%y %T "' >> ~/.bash_profile

After re-logging, it looks like this:

Finally, I would like to introduce a few more tricks that I mentioned, e.g. greping history:

$ history | grep cp

1	$ history \| grep cp

Of course, you can use any other command instead of ‘cp’.

Mentioned useful way to search history is to use (ctrl + r). After pressing this combination, we can start writing any command. History will be searched. If we hold ctrl again and press kolena once ‘r‘ we will jump to the command above from the bottom. In my case, as you can see, this is the second command from the bottom, that is:

If you are interested in where the history is saved and in what form, you can view it or delete it from the file:

$ vi ~/.bash_history

1	$ vi ~/.bash_history

If we accidentally use the wrong command on the system, it makes sense to remove it.

Checking SSL certyfikat date using nmap and curl

Posted on October 14, 2021October 14, 2021 by soban

This time I will use Kali Linux it is a great distro for pentesters. After all, nothing prevents you from using another distribution, such as Debian Linux.

Sometimes we need to check the certificate issuance date. Nmap and curl are a very good tool for this.
Both of these tools allow for advanced analysis of the SSL connection. Let’s try to check the certificate date with nmap:

$ nmap -p 443 --script ssl-cert soban.pl

1	$ nmap -p 443 --script ssl-cert soban.pl

To be more precise, let’s leave the date and time alone:

$ nmap -p 443 --script ssl-cert soban.pl | grep after | awk '{ print $5 }'

1	$ nmap -p 443 --script ssl-cert soban.pl \| grep after \| awk '{ print $5 }'

Here is the result:

In my experience nmap is a very good tool – however curl is much faster, to use it, do the following:

$ curl -X GET -i 'https://google.com' | grep -i 'date:' | grep GMT

1	$ curl -X GET -i 'https://google.com' \| grep -i 'date:' \| grep GMT

This is the effect:

It is worth getting acquainted with both tools. Besides checking the date of the certificate, they offer a number of other possibilities.

keytools add new alias to keystor (jceks) and delete old

Posted on October 13, 2021February 25, 2023 by soban

Java Keytool is a command-line tool that is used for managing cryptographic keys, certificates, and keystores in Java-based applications. In Linux, Java Keytool is often used for managing SSL/TLS certificates and securing web applications that run on Java-based servers like Tomcat, GlassFish, and JBoss.

Some of the key features of Java Keytool in Linux include:

Generating key pairs: Java Keytool can be used to generate key pairs, which are used for encryption, decryption, and digital signatures.
Importing and exporting certificates: Java Keytool can import and export certificates, which are used for verifying the authenticity of digital signatures and ensuring secure communications.
Managing keystores: Java Keytool can create, modify, and delete keystores, which are containers for cryptographic keys and certificates.
Configuring SSL/TLS: Java Keytool can be used to configure SSL/TLS connections for Java-based web applications, which are essential for securing data communications.

Some of the most commonly used Java Keytool commands in Linux include:

keytool -genkeypair: This command is used to generate a new key pair.
keytool -import: This command is used to import a certificate into a keystore.
keytool -list: This command is used to list the contents of a keystore.
keytool -delete: This command is used to delete a key or certificate from a keystore.

Overall, Java Keytool is an important tool for managing cryptographic keys and certificates in Java-based applications in Linux, and it is essential for securing web applications and ensuring the privacy and integrity of sensitive information.

Before we begin make copy of old keystor like this:

$ cp /path/to/keystore.jceks cp /path/to/keystore.jceks.backup.$(date +%F)

1	$ cp /path/to/keystore.jceks cp /path/to/keystore.jceks.backup.$(date +%F)

and then we can remove alias:

$ /opt/java/bin/keytool -delete -alias name_alias  -keystore /path/to/keystore.jceks -storetype JCEKS

1	$ /opt/java/bin/keytool -delete -alias name_alias -keystore /path/to/keystore.jceks -storetype JCEKS

when you gonna add new alias by keytool:

$ /opt/java/bin/keytool -import -file /path/to/cert.pem  -alias mc -keystore /path/to/keystore.jceks

1	$ /opt/java/bin/keytool -import -file /path/to/cert.pem -alias mc -keystore /path/to/keystore.jceks

To be sure, you can check it and see more information like date or fingerprint:

$ /opt/java/bin/keytool -list -keystore /path/to/keystore.jceks -storetype JCEKS -v | less

1	$ /opt/java/bin/keytool -list -keystore /path/to/keystore.jceks -storetype JCEKS -v \| less

When sometings go wrong, you can also copy backup file.

Good luck!

Checking the disk for errors and bad sectors

Posted on October 12, 2021October 12, 2021 by soban

This script helps to notify me by e-mail about the condition of the disk. Remember to indicate the disk accordingly – in this case it is “/dev/sda” and change the e-mail address from “soban@soban.pl” to your own. Save the script in “/root/checkbadsector.sh“:

#!/bin/bash
date > /root/badsectortest.txt
badblocks /dev/sda -v &>> /root/badsectortest.txt
hoursworkhdd=`smartctl --all /dev/sda | grep Power_On_Hours | awk '{print $10}'`
dayworkhdd=`expr $hoursworkhdd / 24`
yesworkhdd=`expr $dayworkhdd / 366`
echo -e "Hours working hdd:" >> /root/badsectortest.txt
echo -e $hoursworkhdd >> /root/badsectortest.txt
echo -e "Days working hdd:" >> /root/badsectortest.txt
echo -e $dayworkhdd >> /root/badsectortest.txt
echo -e "Years working hdd:" >> /root/badsectortest.txt
echo -e $yesworkhdd >> /root/badsectortest.txt
date >> /root/badsectortest.txt
cat /root/badsectortest.txt | /usr/bin/mail -s "badsector - `date`" soban@soban.pl

#!/bin/bash

date > /root/badsectortest.txt

badblocks /dev/sda -v &>> /root/badsectortest.txt

hoursworkhdd=`smartctl --all /dev/sda | grep Power_On_Hours | awk '{print $10}'`

dayworkhdd=`expr $hoursworkhdd / 24`

yesworkhdd=`expr $dayworkhdd / 366`

echo -e "Hours working hdd:" >> /root/badsectortest.txt

echo -e $hoursworkhdd >> /root/badsectortest.txt

echo -e "Days working hdd:" >> /root/badsectortest.txt

echo -e $dayworkhdd >> /root/badsectortest.txt

echo -e "Years working hdd:" >> /root/badsectortest.txt

echo -e $yesworkhdd >> /root/badsectortest.txt

date >> /root/badsectortest.txt

cat /root/badsectortest.txt | /usr/bin/mail -s "badsector - `date`" soban@soban.pl

You can also download it from https://soban.pl/bash/checkbadsector.sh:

# cd
# wget https://soban.pl/bash/checkbadsector.sh

1 2	# cd # wget https://soban.pl/bash/checkbadsector.sh

Remember to grant permission to perform it:

# chmod +x /root/checkbadsector.sh

1	# chmod +x /root/checkbadsector.sh

On my server I added it once a month so that it would be performed periodically in the crontab:

# crontab -l | grep checkbadsector
30 17 20 * * /root/checkbadsector.sh > /dev/null 2>&1

1 2	# crontab -l \| grep checkbadsector 30 17 20 * * /root/checkbadsector.sh > /dev/null 2>&1

You should receive an email similar to the one below:

Good luck and I wish you no errors!

Error on Oracle Linux 7 rpmdb: BDB0113

Posted on October 12, 2021October 12, 2021 by soban

Sometimes on Oracle Linux there is problem, when you try use “yum” and get error like this:

# yum update

error: rpmdb: BDB0113 Thread/process 16934/140571185240320 failed: BDB1507 Thread died in Berkeley DB library

error: db5 error(-30973) from dbenv->failchk: BDB0087 DB_RUNRECOVERY: Fatal error, run database recovery

error: cannot open Packages index using db5 -  (-30973)

error: cannot open Packages database in /var/lib/rpm

CRITICAL:yum.main:

 

Error: rpmdb open failed

# yum update

error: rpmdb: BDB0113 Thread/process 16934/140571185240320 failed: BDB1507 Thread died in Berkeley DB library

error: db5 error(-30973) from dbenv->failchk: BDB0087 DB_RUNRECOVERY: Fatal error, run database recovery

error: cannot open Packages index using db5 - (-30973)

error: cannot open Packages database in /var/lib/rpm

CRITICAL:yum.main:

Error: rpmdb open failed

The fixing of this problem, you can try rebuild db:

# rpm --rebuilddb

1	# rpm --rebuilddb

And then should work:

# yum update

1	# yum update

That’s all!

Check DNS and more information about domain

Posted on October 12, 2021October 12, 2021 by soban

The best way to check information about domain and DNS configuration is “whois” and “dig”. This tools can provide a lot of informations. Lets try use it. First we must check that package is installed.
I have already installed “dig”:

# which dig
/usr/bin/dig

1 2	# which dig /usr/bin/dig

In debian, you can use “dpkg -S”

# dpkg -S /usr/bin/dig
dnsutils: /usr/bin/dig

1 2	# dpkg -S /usr/bin/dig dnsutils: /usr/bin/dig

if you don’t have it then you should install:

# apt install dnsutils

1	# apt install dnsutils

Now we can check “dig” in “soban.pl” domain:

The same case in “whois”:

# which dig
/usr/bin/dig

1 2	# which dig /usr/bin/dig

Check what package provide:

# dpkg -S /usr/bin/whois
whois: /usr/bin/whois

1 2	# dpkg -S /usr/bin/whois whois: /usr/bin/whois

And if you don’t have it, then install:

# which dig
/usr/bin/dig

1 2	# which dig /usr/bin/dig

In debian, you can use “dpkg -S”

# dpkg -S /usr/bin/dig
dnsutils: /usr/bin/dig

1 2	# dpkg -S /usr/bin/dig dnsutils: /usr/bin/dig

if you don’t have it then you should install:

# apt install dnsutils

1	# apt install dnsutils

Now we can check “dig” on “soban.pl” domain:

The same case in “whois”:

# which dig
/usr/bin/dig

1 2	# which dig /usr/bin/dig

Check what package provide:

# dpkg -S /usr/bin/whois
whois: /usr/bin/whois

1 2	# dpkg -S /usr/bin/whois whois: /usr/bin/whois

And if you don’t have it, then install:

# apt install whois

1	# apt install whois

As you can see, the domain “soban.pl” is currently using cloudflare DNS – which I highly recommend.

Pointing DNS to a different IP address

Posted on October 11, 2021October 11, 2021 by soban

Sometimes it is necessary to change the DNS name indication to a different IP address. As you can see in the example below, google.com currently points to:

To change google.com indication to, for example – 37.187.101.239, edit the file: “/etc/resolv.conf” as root:

# cat /etc/resolv.conf
google.com 37.187.101.239

1 2	# cat /etc/resolv.conf google.com 37.187.101.239

After making this change, the effect is as follows:

Windows as you see there is similar situation:

File must be edited as administrator “C:\Windows\System32\drivers\etc\hosts”:

After saving the file, the effect is as follows:

Automatic update of the Debian Linux test environment

Posted on October 8, 2021October 8, 2021 by soban

A convenient way to maintain the test environment is automatic updating.
However, remember to set the backup, e.g. the day before – I always set it like that in proxmoxe.
The script that updates the Debian system looks like this:

# cat /root/update.sh
#!/bin/bash
apt-get update
apt-get upgrade -q -y
apt-get autoremove -y -q
rm -rf /var/cache/apt/archives/*.deb

# cat /root/update.sh

#!/bin/bash

apt-get update

apt-get upgrade -q -y

apt-get autoremove -y -q

rm -rf /var/cache/apt/archives/*.deb

You can download the script from:

$ cd /root/
$ wget https://soban.pl/bash/update.sh

1 2	$ cd /root/ $ wget https://soban.pl/bash/update.sh

The script cleans unnecessary deb files after the update.
Keep in mind the permissions and capabilities of the script:

# chmod +x /root/update.sh

1	# chmod +x /root/update.sh

In crontab, I set the day after automatic backup in proxmoxe:

10 4 * * 3 /root/update.sh > /dev/null 2>&1

1	10 4 * * 3 /root/update.sh > /dev/null 2>&1

Of course, the script can be added in the production environment, but it should not be added to the crontab.