Skip to main content

Posts

Linux Systems Performance/Observability (BPF (bpfcc-tools), BCC Tools

  Linux System Performance/Observability Tools Linux Systems Performance/Observability (BPF (bpfcc-tools), BCC Tools Assuming you have Linux Server in place and have the required BPF aka BCC related packages installed on the system(s) for the required Linux distribution. BPF(eBPF) aka BCC Tools (bpfcc-tools) : BPF, which originally stood for Berkley Packet Filter is the dynamic tracing tools for Linux Systems.  BPF initially used for the speeding up for the tcpdump expressions and since then it has been know as the extended Berkley packet Filter (eBPF).  Its new uses are Tracing Tools where it provides programmability for the BPF Compiler Collection (BCC) and bpftrace front ends .   Example: execsnoop, biosnoop etc is a BCC Tool. When facing production performance crisis these such list of tools comes handy to trace and fix the issue. However, it requires certain KERNEL level config options to be enabled such as CONFIG_FTRACE, CONFIG_BPF. Profiling tools typically re...
Recent posts

EKS Cluster and Create CSI Driver to store credentials in AWS Secrets Manager via SecretProviderClass

EKS Cluster | CSI Driver | SecretProviderClass | AWS Secrets Manager Setup EKS Cluster and Manage Credentials at runtime using CSI driver using SecretProviderClass and Secrets Manager Assuming you have Configured/Installed AWS CLI, EKSCTL, KUBECTL, HELM. CSI Basic Information: CSI (Container Storage Interface) widely used as a Storage Technology. Created by Google | Mesosphere | Docker.  It has two two Plugins one runs on the Master Node (Centralized Controller Plugin) and another one on Worker Nodes (Decentralized headless Node Plugin).  CSI communication protocol is gRPC.   The communication between Container Orchestration to Controller Plugin (Master) and to Node Plugin (Worker Node) happens using gRPC .  CSI Drivers : vendor specific compiled into Kubernetes/openshift binaries. To use a CSI driver, a StorageClass needs to be assigned first.  The CSI driver is then set as the Provisioner for the Storage Class. CSI drivers provide three main service...

Few basic things about ECS and Kubernetes

Important things to note about ECS and Kubernetes Few basic things about ECS and Kubernetes Basic Information about the AWS ECS and Kubernetes and there Components. AWS ECS Basic Information: AWS ECS is the Docker-suitable container orchestration solution from Amazon. It allows us to run containerised applications on EC2 instances and scale both of them. The below architecture shows the high-level information about ECS. As shown above, ECS Clusters consist of Tasks which run in Docker containers, and container instances, among many other components.  Here are some AWS services commonly used with ECS: Elastic Load Balancer : This component can route traffic to containers. 3 kinds of load balancing are available: application, network and classic. Elastic Block Store : This service provides persistent block storage for ECS tasks (workloads running in containers). CloudWatch : This service collects metrics from ECS. Based on CloudWatch metrics, ECS services can be scal...

cPanel Script to Dump Data and RYSNC

cPanel Script to Migrate Data In One Shot cPanel Script to Migrate Data In One Shot What Does This Script Do : "cPanel Migration Script" This script is used to take the Input when you Initiate the Script and Prompts for the Directory to provide and to store the cPanel backup files under the same. Once the backup for the accounts has been done which are mentioned in the file name which is "/root/rohit/24.txt".This File contains the Usernames (cPanel accounts) which needs to be moved from the Source Server to the Target Server. Once the Backup is done then it uses the command known as "sshpass" to rsync the data from the source server to the target server. In "sshpass" we need to provide the destination server password as an argument to that command, so that it will simultaneously move the accounts without asking for the Password. Note : SSHPASS can be downloaded from the below mentioned link which is - http://www.nexts...

Defacing Sites via HTML Injections (XSS)

Defacing Sites via HTML Injections Defacing Sites via HTML Injections What Is HTML Injection: "HTML Injection" is called as the Virtual Defacement Technique and also known as the "XSS" Cross Site Scripting. It is a very common vulnerability found when searched for most of the domains. This kind of a Vulnerability allows an "Attacker" to Inject some code into the applications affected in order to bypass access to the "Website" or to Infect any particular Page in that "Website". HTML injections = Cross Site Scripting, It is a Security Vulnerability in most of the sites, that allows an Attacker to Inject HTML Code into the Web Pages that are viewed by other users. XSS Attacks are essentially code injection attacks into the various interpreters in the browser. These attacks can be carried out using HTML, JavaScript, VBScript, ActiveX, Flash and other clinet side Languages. Well crafted Malicious Code can even hep the ...

Hacking DNN Based Web Sites

Hacking DNN Based Web Sites Hacking DNN Based Web Sites Hacking DNN (Dot Net Nuke) CMS based websites is based on the Security Loop Hole in the CMS. For using that exploit we will see the few mentioned points which illustrates us on how to hack any live site based on Dot Net Nuke CMS. Vulnerability : This is the know Vulnerability in Dot Net Nuke (DNN) CMS. This allows aone user to Upload a File/Shell Remotely to hack that Site which is running on Dot Net Nuke CMS. The Link's for more Information regarding this Vulnerability is mentioned below -                                  http://www.exploit-db.com/exploits/12700/ Getting Started : Here we will use the Google Dork to trace the sites that are using DNN (Dot Net Nuke) CMS and are vulnerable to Remote File Upload. How To Do It : Here, I an mentioning the few points on how to Search for the existing Vulnerability in DNN. Let'...

PWNing A System via (MSF) Metasploit Framework

PWNing A System via (MSF) Metasploit Framework PWNing A System via (MSF) Metasploit Framework Lab Requirements : Both OS running under my Virtual Machine. 1, Back Track 5 R3 Machine 2, Windows XP Machine Vulnerability : This is the know Vulnerability In Windows XP and Server 2003, MS08-067 vulnerability that uses the netapi module in the Windows SMB Protocol that may be used for arbitrary code execution. The Link's for more Information regarding this Vulnerability is  - http://blogs.technet.com/b/srd/archive/2008/10/23/more-detail-about-ms08-067.aspx http://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=21702 http://www.rapid7.com/db/modules/exploit/windows/smb/ms08_067_netapi Effect Of MS08-067 NetAPI Vulnerability : This module exploits a parsing flaw in the path canonicalization code of NetAPI32.dll through the Server Service. This module is capable of bypassing NX on some operating systems and service packs. The correct target m...