NOC-Rocky_Linux NOC監控告警需求彙整 Request Monitoring System VM1 - Zabbix Host OS: Debian 12 CPU: 4 Core

Web 2linenodejs steve@Desktop:~/CTF/Balsn2022$ ls 2linenodejs/ docker-compose.yml Dockerfile flag readflag.c src steve@Desktop:~/CTF/Balsn2022$ ls 2linenodejs/src/ index.js server.js usage.js steve@Desktop:~/CTF/Balsn2022$ cat 2linenodejs/src/server.js #!/usr/local/bin/node process.stdin.setEncoding('utf-8'); process.stdin.on('readable', () => {

How ssl(x509) verify the cert signature with issuer pub key? Implementation First we visit google.com and get certs(end, intermediate, and root) $ openssl s_client -showcerts -connect 8.8.8.8:443 Connecting to 8.8.8.8 CONNECTED(00000003) Can't use SSL_get_servername depth=2 C=US, O=Google Trust Services LLC, CN=GTS Root R1 verify error:num=20:unable to get local issuer certificate

External Pre-Scan └─$ sudo nmap -Pn -p- --min-rate 10000 -sT 10.10.10.48 Starting Nmap 7.92 ( https://nmap.org ) at 2021-12-24 01:29 CST Completed Connect Scan at 01:31, 104.15s elapsed (65535 total ports) Nmap scan report for 10.10.10.48 Host is up (0.20s latency). Not shown: 35527 filtered tcp ports (no-response), 30004 closed tcp ports (conn-refused) PORT STATE SERVICE 22/tcp open ssh

contributer: [name=宏儒， ] 這是一個自由的環境，請各位不要拘束，暢所欲言～盡情使用markdown 語法將想法與過程寫成writeup，有任何為題也可以提出來交流，我們不是專業的，所以志在參加不在得獎，別有太多壓力，但願透過brain storming與技術交流讓彼此成長，一次比一次更強！ Goto: https://balsnctf.com/challenges And login teamname/pass: HollyBug/HollyBug Table of Content [Toc]

Step 1. Info Gathering Nmap Nitko Step 2. Vulnerability Analysis :::success SNMP不僅可使用於網路設備之日常維運作業，亦可提供網路維運人員即時監控設備異常事件發生及因應處理。 SNMP運作於 OSI App layer，管理端經由UDP傳送request至代理者(port 161)，代理者透過來源埠傳送response至管理端。此外，當被監控設備發生異常事件時，例如cold start或link down，代理者可經由UDP主動傳送notification至管理端(port 162)。

:::info FTP The File Transfer Protocol (FTP), using a client–server structure to ::: The target we play today, Cap, is quiet easy one and noob friendly. From HTB dashboard, we can acknowledge its IP address : 10.10.10.245. Step 1. Info Gathering So first step we might want to begin with info gathering.

part 1. Buffer Overflow and Advanced Memory (Stack) Protection What Does Buffer Overflow Mean? When executing a program, which may contain some variables, such as an array, a distributed space by function malloc, etc., it must generate buffers, which are used to store variables' values under normal circumstances, utilized by attackers to implant shellcodes for obtaining the control. The causes of buffer overflow vary from over-long user input covering the return address to the user input exceeding the extreme value of the variable. Even if the vulnerabilities of the buffer overflow is triggered, it's not easy to implant shellcode to achieve the goal because there are some defense mechanism exsited into the system's memory. What Does Advanced Memory Protection Mean? When executing a program, the system adopts some specific approaches to keep the program operating normally. Structured Exception Handling (SEH): A protection mechanism to prevent buffer overflow with handling specific abnormal code situations.

1. Introduction In conventional computing, we need data centers with massive computing resources in order to meet an organization’s maximum needs of data processing. However, the computing resources are costly and often largely idle which cause computing resources underutilized. Thus cloud computing took over the place of conventional computing with data centers. An organization can obtain the computing resources from cloud service provider. Instead of purchasing the computing resources, organizations can purchase computing services from cloud providers, such as AWS, Azure or GCP, where it is much cheaper then purchasing the computing resources. Cloud computing is not without the issues. Organizationshave concerns in moving their data to a cloud due to the dataprivacy. Possible threats to the data privacy could be from cloud providers’ employees, clients, and network hackers. :::success "Homomorphic encryption is a form of encryption that permits users to perform computations on its encrypted data without first decrypting it." --- cited from wikipedia ::: The difficilt thing is: most of existing encryption schemes require data to be decrypted for computations, where decrypted data becomes vulnerable. But what if a computations scheme can be performed on encrypted data without decryption, then the security of data would not be a concern at all. Homomorphic encryption makes it possible to process encrypted data without decryption whereby the encrypted results can only be decrypted by the client who requests the service.

Suggestion of using this Because this is budget-friendly. Texas Instrucment production, wisely used There is a Develope ToolKit -- BTool Practical Developement Compile environment -- IAR or gcc Platform -- smartRF, RaspberryPi

Amercan Fuzzy Lop I've tried two afl-* compiler, one is afl-gcc and the other is afl-clang-fast, to know what's different on the speed. The reason is that when I use afl-gcc on my laptop, it turn out to be some cpu scaling issue required by afl. Meanwhile, I tried it on my Desktop, nothing happened. Result - Laptop, Kali However, by running afl-fuzz, I felt no different comparing these two. Curiously I search some relative material about it, which shown below. It said that the total path is less while compile with afl-clang-fast. Result - Desktop, Ubuntu

:::success Project Goal: To move formal network function onto Docker Container and making an extensable Web-Service, take HTTP server, WAF, VPN, DB for example, user can conveniently use this framework to deply his own web application. ::: :::info Progress and Code Review: [x] Unfinished [ ] Vulnerablity Fixed

Basic of Ansible Select a machine Ansible is based on ssh connection, thus make sure you can ssh into the remote system. If necessary, add your public SSH key to the authorized_keys file on those systems. After selecting a machine, edit /etc/ansible/hosts and add the remote systems into it. For this example, use either IP addresses or FQDNs: # This is the default ansible 'hosts' file. # # It should live in /etc/ansible/hosts #

5/7上課教材 $對象:隘門國小\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ 講師:林宏儒$ :::info 今日內容 自訂函式 為什麼我們需要這個===> 我們花了很多時間定義了新的紅色積木

李宗南 教授 Good material 5GC 課程投影片 5GC architecture 5G 3 Senerio

cite:https://docs.rapid7.com/metasploit/metasploitable-2-exploitability-guide https://searchsecurity.techtarget.com/tip/Using-Metasploit-for-real-world-security-tests Need-to-know Metasploit commands(mostly is show, set, use) Below is an example of a Metasploit test using the free Metasploit Framework. I will be testing for WannaCry, a worm that exploited a vulnerability in the Microsoft Server Message Block protocol known as EternalBlue. Before jumping into the specific steps to execute this exploit, there are some common Metasploit console commands you should know about. The Metasploit console is referred to as msfconsole, which also happens to be the name of the batch file that starts up the program. Commands you should be familiar with include:

JavaScript 是一種能在瀏覽器裡直接執行的程式語言，和 HTML 與 CSS 並列網頁前端三大核心技術，然而，HTML 與 CSS 都不是程式語言 (programming language)，HTML 是定義內容的標籤語言 (markup language)，而 CSS 是一種頁面樣式 (style)。 只有 JavaScript 是程式語言，JavaScript 賦予了網頁互動、處理和創造新內容的可能性，開發者透過 JavaScript 賦予網頁使用者可以在網頁上有操作行為。 JavaScript 的起源 JavaScrpit 誕生於1995年，由 Netscape 這家公司專門為其 Netscape 瀏覽器而發明的。一開始的角色是讓使用者與網頁有即時的互動效果，例如檢查表單、跳出 Alert 視窗，以及網頁特效。 JavaScript 誕生時，瀏覽器的世界還處於戰國時代，各家的標準不一，常常有在 IE 能執行的效果，到另一個瀏覽器完全走樣的問題，JavaScript 的維護為網頁開發者帶來巨大的痛苦。當時前端工程師的主要工作，通常是維持網頁在各瀏覽器的一致性。1995 年前後，有許多五花八門的瀏覽器，進入 2010 左右才慢慢由 Chrome、Firefox、IE、Safari 等幾大家獨佔鰲頭。 在這個混亂的時期，一個叫 ECMA 的國際標準化組織致力於統一標準，他們推出的標準稱為 ECMAScript，例如 ECMAScript 第 5 版會簡稱為 ES5。1999~2010 年之間，JavaScript 通行標準得到廣泛支持，也慢慢轉變成一個成熟的程式語言。今天坊間 JavaScript 學習教材大多採用 ES5 或 ES6，ES6 又稱為 ES2015。

在 CSS 問世前(~1996)，網頁開發者偏好使用 HTML 標籤的屬性來指派樣式，例如： <p><font size="+3" color="red"><b>一段文字</b></font></p> 這樣的作為衍生不少問題，例如讓網頁內容包覆過多的標籤，讓程式碼變得不好閱讀——對人與搜尋引擎都是。其中最重要的，是讓網站維護變得非常困難。例如：我們的網頁裡有十個 <h4> 大小的副標題。</h4> <h4><font size="+3" color="blue"><b>副標題一</b></font></h4> …<h4><font size="+3" color="blue"><b>副標題二</b></font></h4> …

HTML, Hypertext Markup Language，是標記語言，不是程式語言。 最基本的 HTML 網頁結構範例 <!DOCTYPE html> <!--宣告--> <html> <head> <!-- 網頁的資訊 --> </head> <body> <!-- 網頁的內容 -->

origin: IEEE standard 802.15.1, 2002 - Wireless Medium Access Control (MAC)and Physical Layer (PHY) Specifications for Wireless Personal Area Networks (WPANs) background the idea of WPAN and piconet :::success Why WPAN? WPAN的提出，可追溯到電腦的轉變，從本來的桌上電腦縮小化、多樣化，衍伸到PDA、MP3、掌上型遊戲機、數位相機、行動電話等。因此進入「一人多機」的時代後，也就逐漸形成另一種需求，「多機」之間需要一個便捷的傳輸、溝通、交換網路，因此有了WPAN。 :::