Occasionally I’ll encounter myself doing something in Linux I don’t do very often and I know other people aren’t doing much as well. When that happens, I try to document the stupid, quirky things I did. Maybe for posterity, maybe because I need a life, I dunno.
What is the stupid trick today?
Every once in a blue moon, I have to inject a line at the top of a file. Sometimes it’s an import statement in python, sometimes it’s a shebang line. While it’s easy to just vim ./filename and add it that way, it’s more fun to try to do it programmatically. I’ve seen a few solutions using sed, but I’d like to introduce a less popular tool: tac
tac reads files, but from bottom to top, moving the opposite direction of its cousin, cat. You might have even noticed that tac is just cat backwards. Clever, eh? tac doesn’t get much attention, but this is one instance in which its actually useful.
Let’s imagine you want to add an import statement at the top of a python script because you forgot it.
# useless_script.py
print(os.environ['PWD'])
This won’t work without import os at the top, so let’s add it.
I do a lot of things in Linux that would make baby Jesus cry, so I figure I’ll just document them here when I notice I’m doing them.
There are a lot of other secops things I do that I’d love to share here, but they’re not useful for most folks in the forum and only a few people would find them interesting. The life of an average security engineer hardening their infrastructure is much more dull than stuff @_py is posting about pwning binaries.
Believe it or not my lack of knowledge on the topics you’re good at actually slows down my pwning process a ton. Your posts would be much appreciated by the community. Proper workflow is key to productivity and you definitely know about that.
I’m looking at this like @_py does as well.
These nifty little tricks and knowledge bombs for certain tools, or other methods to automate things are good to know.
So getting a digest of what you can do every now and would really be appreciated !
pry0cc
(Leader & Offsec Engineer & Forum Daddy)
11
Immutable infrastructure baby. If it breaks just reinitialise it. I bet fraq barely ssh’s in to his infra anymore. Ansible, packer and docker do that sort of stuff.
You’re right, I actually don’t. I deploy my app stack on ECS and occasionally ssh into my bastion servers to kick off a load test. I rarely ever SSH into the docker hosts. If I do, it’s because something very wrong has happened.
I probably log into the AWS console 1-2 times a week. Most of the time I authenticate over the CLI and just rip things that way.