added new one-liners, minor fixes

- signed-off-by: trimstray <trimstray@gmail.com>
pull/1/head
trimstray 2018-07-09 11:43:21 +02:00
parent b0ecf4f049
commit 4a9beba7c1
1 changed files with 133 additions and 1 deletions

134
README.md
View File

@ -18,7 +18,7 @@
<img src="https://awesome.re/badge.svg"
alt="Awesome">
<a href="https://github.com/trimstray/awesome-ninja-admins">
<img src="https://img.shields.io/badge/Status-Ninja-red.svg?longCache=true"
<img src="https://img.shields.io/badge/Status-09072018-red.svg?longCache=true"
alt="Status">
</a>
<a href="http://www.gnu.org/licenses/">
@ -275,6 +275,7 @@ performance of any of your sites from across the globe.<br>
* [screen](#tool-screen)
* [du](#tool-du)
* [inotifywait](#tool-inotifywait)
* [openssl](#tool-openssl)
- **[HTTP/HTTPS](#http-https)**
* [curl](#tool-curl)
* [httpie](#tool-httpie)
@ -559,6 +560,124 @@ du | sort -r -n | awk '{split("K M G",v); s=1; while($1>1024){$1/=1024; s++} pri
while true ; do inotifywait -r -e MODIFY dir/ && ls dir/ ; done;
```
##### Tool: [openssl](https://www.openssl.org/)
###### Testing connection to remote host
```bash
echo | openssl s_client -connect google.com:443 -showcerts
```
###### Testing connection to remote host with specific ssl version
```bash
openssl s_client -tls1_2 -connect google.com:443
```
###### Testing connection to remote host with specific ssl cipher
```bash
openssl s_client -cipher 'AES128-SHA' -connect google.com:443
```
###### Generate private key
```bash
# _ciph: des3, aes
( _ciph="des3" ; _fd="private.key" ; _len="2048" ; \
openssl genrsa -${_ciph} -out ${_fd} ${_len} )
```
###### Remove password from private key
```bash
( _fd="private.key" ; _fd_unp="private_unp.key" ; \
openssl rsa -in ${_fd} -out ${_fd_unp} )
```
###### Get public key from private key
```bash
( _fd="private.key" ; _fd_pub="public.key" ; \
openssl rsa -pubout -in ${_fd} -out ${_fd_pub} )
```
###### Generate private key + csr
```bash
( _fd="private.key" ; _fd_csr="request.csr" ; _len="2048" ; \
openssl req -out ${_fd_csr} -new -newkey rsa:${_len} -nodes -keyout ${_fd} )
```
###### Generate csr
```bash
( _fd="private.key" ; _fd_csr="request.csr" ; \
openssl req -out ${_fd_csr} -new -key ${_fd} )
```
###### Generate csr (metadata from exist certificate)
```bash
( _fd="private.key" ; _fd_csr="request.csr" ; _fd_crt="cert.crt" ; \
openssl x509 -x509toreq -in ${_fd_crt} -out ${_fd_csr} -signkey ${_fd} )
```
###### Generate csr with -config param
```bash
( _fd="private.key" ; _fd_csr="request.csr" ; \
openssl req -new -sha256 -key ${_fd} -out ${_fd_csr} \
-config <(
cat <<-EOF
[req]
default_bits = 2048
prompt = no
default_md = sha256
req_extensions = req_ext
distinguished_name = dn
[ dn ]
C=<two-letter ISO abbreviation for your country>
ST=<state or province where your organization is legally located>
L=<city where your organization is legally located>
O=<legal name of your organization>
OU=<section of the organization>
CN=<fully qualified domain name>
[ req_ext ]
subjectAltName = @alt_names
[ alt_names ]
DNS.1 = <fully qualified domain name>
DNS.2 = <next domain>
DNS.3 = <next domain>
EOF
))
```
###### Checking whether the private key and the certificate match
```bash
(openssl rsa -noout -modulus -in private.key | openssl md5 ; openssl x509 -noout -modulus -in certificate.crt | openssl md5) | uniq
```
___
##### Tool: [gnutls-cli](https://gnutls.org/manual/html_node/gnutls_002dcli-Invocation.html)
###### Testing connection to remote host (with sni)
```bash
gnutls-cli -p 443 google.com
```
###### Testing connection to remote host (without sni)
```bash
gnutls-cli --disable-sni -p 443 google.com
```
<a name="http-https"><b>HTTP/HTTPS</b></a>
##### Tool: [curl](https://curl.haxx.se)
@ -639,6 +758,12 @@ __EOF__
ssh host -l user $(<cmd.txt)
```
###### Get public key from private key
```bash
ssh-keygen -y -f ~/.ssh/id_rsa
```
___
##### Tool: [linux-dev](https://www.tldp.org/LDP/abs/html/devref1.html)
@ -717,6 +842,13 @@ ngrep -d eth0 -qt 'HTTP' 'tcp'
* `tcp|udp` - set protocol
* `[src|dst] host [ip|hostname]` - set direction for specific node
```bash
ngrep -l -q -d eth0 -i "User-Agent: curl*"
```
* `-l` - stdout line buffered
* `-i` - case-insensitive search
___
##### Tool: [hping3](http://www.hping.org/)