Wednesday, September 11, 2024

nmap: smb enumeration

Enumeration, in the context of cybersecurity, refers to the process of discovering information about a target system or network. This can include identifying users, groups, shares, services, and other resources.

Therefore, SMB enumeration would likely involve using tools and techniques to gather information about SMB shares and resources on a target system. This information could then be used by an attacker to identify potential vulnerabilities or targets for further exploitation.

 nmap --script smb-vuln* -p 139,445 10.1.1.0/24 -Pn


smbclient -L <target-ip>


smbclient \\\\<target-ip>\ADMIN$

Saturday, January 20, 2024

How add a Tenable Vulnerability Management (formerly Tenable.io) Scanner to Tenable Security Center

https://docs.tenable.com/security-center/6_2/Content/AddTenableioScanner.htm?Highlight=Add%20Tenable%20Scanner

 *Note: By default, Tenable Vulnerability Management selects the regional scanner that corresponds with the location of your Tenable Vulnerability Management user account. For example, if you run a scan from a user account located in the United States, Tenable Vulnerability Management selects the United States scanner. If you run a scan from a user account in Germany, Tenable Vulnerability Management selects the Germany scanner.

Tuesday, January 9, 2024

How to send a command line mail by mutt with a gmail account?

Mutt is an open-source, text-based email client used in command-line interfaces. Known for its simplicity, flexibility, and powerful features, it supports various email protocols like IMAP and POP3.

Sending emails is an indispensable requirement for an application developer or system administrator. After Google disabled the less secure mail setting, the scripts I used to send emails using Gmail accounts stopped working.

By activating the 2FA (Two-Factor Authentication) feature in your Gmail account and defining an App, you can still use your scripts to send emails by using the password you set for this app.

The steps you need to follow for this solution are outlined below.

Steps:

--

1. Enable MFA

2. Define App Password

3. Install Mutt

4. Example Config:

set from = "aliokan@gmail.com"
set realname = "KALE - Server"
#set imap_user = "aliokan@gmail.com"
#set imap_pass = "myverysecretpassword"

set smtp_url = "smtp://aliokan@smtp.gmail.com:587/"
set smtp_pass = "myverysecretpassword"
set folder = "imaps://imap.gmail.com:993"
set spoolfile = "+INBOX"
set ssl_starttls = yes
set ssl_force_tls = yes

## Opsiyonel: E-postaları yerel olarak saklamak için
#set header_cache = ~/.mutt/cache/headers
#set message_cachedir = ~/.mutt/cache/bodies
#set certificate_file = ~/.mutt/certificates 

Test:

# echo "Bu bir test mesajıdır." | mutt -s "Test Konusu" targetmail@gmail.com

Possible error message:

No authenticators available
Could not send the message.

Solution:

# yum -y install cyrus-sasl-plain


(Platform: CentOS Linux release 7.9.2009 (Core))

Monday, December 4, 2023

Xcode - develop for iOS and macOS Xcode 15.0.1 Unable to get list of installed Simulator runtimes

Error:

Xcode - develop for iOS and macOS Xcode 15.0.1 Unable to get list of installed Simulator runtimes



Solution:


$ xcodebuild -downloadPlatform iOS

$ flutter doctor

Saturday, November 4, 2023

AWS Certified Cloud Practitioner exam notes

Before attending AWS Cloud Practitioner courses, I was thinking that this program is just for newbies. But after taking the course and passing the exam. I can clearly say that the content is really useful to start to learn and discover AWS services.

Quick notes after exam:

Amazon Inspector is an automated vulnerability management service that continually scans AWS workloads for software vulnerabilities and unintended network exposure.

AWS Transit Gateway connects your Amazon Virtual Private Clouds (VPCs) and on-premises networks through a central hub.

Benefits of AWS Global Accelerator
https://tutorialsdojo.com/aws-global-accelerator/

Questions about shared responsibility model

Amazon FSx: Question about smb file sharing

Difference between reserved instance and on-demand instance

 

Reserved instance, spot instance and on-demand instance use-cases

Reserved Instances provide you with a significant discount compared to On-Demand instance pricing. In addition, when Reserved Instances are assigned to a specific Availability Zone, they provide a capacity reservation, giving you additional confidence in your ability to launch instances when you need them.

Standard Reserved Instances provide you with a significant discount compared to On-Demand instance pricing and can be purchased for a 1-year or 3-year term. The average discount off On-Demand instances varies based on your term and chosen payment options (up to 40% for 1-year and 60% for a 3-year term). Customers have the flexibility to change the Availability Zone, the instance size, and networking type of their Standard Reserved Instances.

Convertible Reserved Instances provide you with a significant discount compared to On-Demand Instances and can be purchased for a 1-year or 3-year term. Purchase Convertible Reserved Instances if you need additional flexibility, such as the ability to use different instance families, operating systems, or tenancies over the Reserved Instance term.

Amazon EC2 On-Demand Instances Although it is suitable to run non-interruptible workloads for a period of three years, it entails a higher running cost compared to Reserved or Spot instances. In fact, this is actually the most expensive type of EC2 instance and not the cheapest one.


For 5 hours data processing task which service should be used on AWS?

(It cannot be Lambda. It works maximum 15 minutes with 10gb memory.)

Learn what is AWS wavelength, it was an option for some questions.

What is AWS Artifact, when we should use it?

S3 Storage Classes

Amazon S3 Glacier Flexible Retrieval 

DDOS protection service?

SQL injection protection service?

https://tutorialsdojo.com/amazon-sqs/

How do you find externally shared assets? 

IAM Access Analyzer uses provable security to analyze all access paths and provide comprehensive analysis of external access to your resources.

Which tool should be used for cost estamation?

Where do you store database passwords?

(Secret manager) 

What is AWS Control Tower?

AWS Marketplace use-cases

Migration from on-prem to AWS cloud related scenarios

Amazon Direct Connect

AWS VPC Endpoints

There are a lot of IoT devices on a ship and the customer wants to transfer data of these devices to AWS when internet is available. Which AWS service should be used for this scenario? https://aws.amazon.com/iot-core/ ?

 the customer started to use AWS for backups and they need to synced backups in on-premise site. Which service should be used?