If you have an own PKI in your AD, you may stop reading and move on. Nothing to see here. My gut however tell me, many mid-sized companies don’t have one and are at the mercy of Alex Neff’s Python script.1 Wsuks2 positions itself as man-in-the-middle between a Windows Update Server (WSUS) and the various servers/clients. It spoofs the WSUS IP in the ARP table. Upon contact (default: every 24 hours), a psexec64.exe along with a PowerShell script is distributed to the machines and executed, including elevation to Administrator. The payload can be adjusted arbitrarily. Read more

Yes, I have a passion for exotic languages. This time I experimented with Purebasic1 and wanted to see how quickly a robust, multi-threaded HTTP REST API could be created. Cross-platform for Linux, Windows and OS X, free of additional dependencies as a single-file binary behind a reverse proxy that takes care of everything with TLS and load balancing. The result is a complete skeleton framework that can be quickly customized for your own purposes. With only 100 KB, it is ridiculously small and extremely fast, with its own config file and logging. I even found time to integrate Swagger. The project is available on Codeberg, have fun!2 Read more

The simple, unspectacular things in life bring you ahead the curve. This bash script, for instance, removes all comments from a configuration file. In order that no empty lines remain instead, these are subsequently removed afterwards. What remains is the essence: what really counts. The usage is straightforward: Just add the desired config file(s) as parameters and you’re done! #!/bin/bash # Beseitigt alle Kommentar- und Leerzeilen aus einer Configfile # Sichert Datei mit Erweiterung .backup und # erwartet Dateiname oder -liste als Parameter for FILE in "$@" do # Erstellt Sicherungskopie(n) cp --backup=numbered $FILE $FILE.backup # Entfernt alle Kommentarzeilen > Arbeitsdatei sed -e 's/#.*$//' $FILE > $FILE.tmp # Entfernt alle Leerzeilen aus Arbeitsdatei sed -i '/^$/d' $FILE.tmp # Ersetzt Ausgangsdatei mit Arbeitsdatei mv $FILE.tmp $FILE done; This simplifies automation and above all the search in page-long comments within a config file. However, be careful! Behind every line theres much of wisdom: Everything after a # sign is mercilessly removed, really everything! Take the following line as example: Read more