Wednesday, September 16, 2020

private docker registry nasıl oluşturulur?

 [aokanx@control-plane opt]$ cd /opt

 [aokanx@control-plane opt]$ ls
containerd  docker-registry  gitlab

[aokanx@control-plane opt]$ cd docker-registry/

[aokanx@control-plane docker-registry]$ ls
data  docker-compose.yml

[aokanx@control-plane docker-registry]$ cat docker-compose.yml
version: '3'

    image: registry:2
    - "5000:5000"
      - ./data:/data

Tuesday, July 21, 2020

QRadar: Could not retrieve "manifest_list_512": 500 Can't connect to Could not download manifest list.

While installing autoupdate package on an offline environment, I got this error message:

Could not retrieve "manifest_list_512": 500 Can't connect to Could not download manifest list.

For solution I set the hostname as QRadar dns name and I test connection with:

[root@qradar autoupdates]# /opt/qradar/bin/ -testConnect 1 0


Thursday, July 16, 2020

Install-Module : The term ‘Install-Module’ is not recognized as the name of a cmdlet, function, script file, or operable program

Recently, I was trying to use Install-Module cmdlet to install a required module for some testing on a client machine however I ran into the following error

Install-Module: The term ‘Install-Module’ is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:1Install-Module MSOnline. CategoryInfo : ObjectNotFound: (Install-Module:String) [], CommandNotFoundException FullyQualifiedErrorId : CommandNotFoundException

The error looks like below:

Install-Module : The term ‘Install-Module’ is not recognized as the name of a cmdlet, function, script file, or operable program

The error usually comes, if your PowerShell is not upto date. The major version of PowerShell should be equal or greater than 5. You can run the below cmdlets to check the PowerShell version.


My PowerShell major version was 4.

Download and install

Wednesday, July 8, 2020

Block malicious IP on Windows-MacOS commandline

netsh advfirewall firewall add rule name="IP Block" dir=in
interface=any action=block remoteip=x.x.x.x

sudo echo “block drop from any to x.x.x.x” >> /ect/pf.conf” &&
sudo pfctl -e -f /etc/pf.conf

Friday, June 19, 2020

how systemd works?

systemd is 10 years old, but feelings about it in the Linux community haven’t mellowed—it’s as divisive now as it ever was. Although it’s used by many major Linux distributions, the hardcore opposition hasn’t relented.

hashcat 6.0 released

The new major features of hashcat 6.0.0:

  • New plugin interface - for modular hash-modes
  • New compute-backend API interface - for adding compute APIs other than OpenCL
  • CUDA added as a new compute-backend API
  • Comprehensive plugin developer guide
  • GPU Emulation mode - for using kernel code on the host CPU
  • Better GPU memory and thread management
  • Improved auto-tuning based on available resources

Saturday, June 6, 2020

allow http/https by using firewall-cmd on RHEL 7

[root@server ~]# firewall-cmd --get-active-zones
  interfaces: eth0

firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-service=https
firewall-cmd --reload

Saturday, May 30, 2020

Tuning vim for yaml file modifications

When vi detects that you are editing a YAML file, it performs a 2-space indentation when you press the Tab key and autoindents subsequent lines.

 $HOME/.vimrc file:
autocmd FileType yaml setlocal ai ts=2 sw=2 et

Saturday, May 16, 2020

IBM QRadar: Internal CA signed certificate configuration

Web browsers give visual cues, such as a lock icon or a green bar, to make sure visitors know when their connection is secured. HTTPS also protects against phishing attacks. A phishing email is an email sent by a criminal who tries to impersonate your website.

Using a signed certificate and a dns entry for QRadar provides an extra security layer between end user and QRadar Web Console interface. 

The video content covers these topics:
- Create certificate private key with openssl 
- Create certificate sign request (csr) 
- Sign certificate with Certification Authority on Windows Server 2012 R2 
- Push ca certificate with Active Directory Group Policy on Windows Server 2012 R2 
- Create DNS entry on DNS Server on Windows Server 2012 R2 
- Import ca certificate on Mozilla Firefox 

Reference doc:


# Look on the service IP with the default dictionary for dirs/files with PHP and HTML extension.
$ python3 -u -e php,html -f
 _|. _ _  _  _  _ _|_    v0.3.7
(_||| _) (/_(_|| (_| )

Extensions: php, html | Threads: 10 | Wordlist size: 15054


[21:15:20] Starting:
[21:15:35] 403 -  304B  - /.ht_wsr.txt.html
[21:15:35] 403 -  303B  - /.ht_wsr.txt.php
[21:16:33] 200 -   11KB - /README.html
[21:19:40] 200 -  597B  - /index.html

Task Completed

Sunday, May 10, 2020

Containers without daemons: Podman and Buildah available in RHEL 7.6 and RHEL 8

When to use Buildah and when to use Podman

Buildah and Podman are two complementary open-source projects that  reside on GitHub: Buildah (containers/buildah) and Podman (containers/libpod). Both Buildah and Podman are command line tools that work on OCI images and containers. The two projects are related, but differ in their specialization.
Buildah specializes in building OCI images. Buildah’s commands replicate all of the commands that are found in a Dockerfile. Buildah’s goal is also to provide a lower level coreutils interface to build container images, allowing people to build containers without requiring a Dockerfile. Buildah’s other goal is to allow you to use other scripting languages to build container images without requiring a daemon.
Podman specializes in all of the commands and functions that help you to maintain and modify those OCI container images, such as pulling and tagging. It also allows you to create, run, and maintain those containers. If you can do a command in the Docker CLI, you can do the same command in the Podman CLI. In fact you can just alias podman for docker on your machine and you can then build, create and maintain container images and containers without a daemon being present, just as you always have.
Although Podman uses Buildah’s build functionality under the covers to create a container image, the two projects have differences. The major difference between Podman and Buildah is their concept of a container. Podman allows users to create traditional containers and the intent of these containers is to be controlled through the entirety of a container life cycle (pause, checkpoint/restore, etc). While Buildah containers are really created just to allow content to be added to the container image. Each project has a separate internal representation of a container that is not shared. Because of this you cannot see Podman containers from within Buildah or vice versa. However the internal representation of a container image is the same between Buildah and Podman. Given this, any container image that has been created, pulled or modified by one can be seen and used by the other.
Some of the commands between the two projects overlap significantly but in some cases have slightly different behaviors. The following table illustrates the commands with some overlap between the projects.


Additional Resources

docker.sock/v1.40/containers/json: dial unix /var/run/docker.sock: connect: permission denied

localuser@ubuntu:~$ docker ps
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.40/containers/json: dial unix /var/run/docker.sock: connect: permission denied


localuser@ubuntu:~$ sudo su -
root@ubuntu:~# usermod -g docker localuser

localuser@ubuntu:~$ sudo su
root@ubuntu:/home/localuser# chmod 666 /var/run/docker
docker/   docker.sock 
root@ubuntu:/home/localuser# chmod 666 /var/run/docker.sock
root@ubuntu:/home/localuser# exit
localuser@ubuntu:~$ docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES

Phishing templates

Zphisher is an upgraded form of Shellphish. The main source code is from Shellphish . But I have not fully copied it . I have upgraded it & cleared the Unnecessary Files . Zphisher has 37 Phishing Page Templates ; including Facebook , Twitter & Paypal . It also has 4 Port Forwarding Tools