shell{&}co – Page 16

Disable username enumeration on WordPress

I found a simple way to disable/prevent the username enumeration on a WordPress installation. Follow these steps edit the file .htaccess of your WordPress installation add the following lines : RewriteCond %{QUERY_STRING} author=\d RewriteRule ^ /? [L,R=301] You can check

Transform HTML textarea element into a VI editor

wasavi is an extension for Chrome, Opera and Firefox. wasavi transforms TEXTAREA element of any page into a VI editor, so you can edit the text in VI. wasavi supports almost all VI commands and some ex commands. A native

Wmic tool to check Active Directory replications

I have written a bash script based on the wmic tool (available here / procedure here) to check the status of the Active Directory replication between my domain controllers. The script performs these steps : list the domain controllers hostname+ip

Disable the SSL v3 Protocol on IIS and Apache

Disable the SSL v3 Protocol on IIS Open the Registry Editor and run it as administrator.For example, in Windows 2012: On the Start screen type regedit.exe. Right-click on regedit.exe and click Run as administrator. In the Registry Editor window, go

Automatic security update process with unattended-upgrades

If you use/administer a Debian/Ubuntu system, you can automate the security update process by using the program unattended-upgrades. This tool provides a simple way to manage this task. To install it : apt-get install unattended-upgrades dpkg-reconfigure unattended-upgrades After selecting “Yes”,

NTP: how to chroot

The following bash script will automate the configuration of ntp to run in a jail (chroot) for a debian/ubuntu. #!/bin/bash /etc/init.d/ntp stop rootfs=/var/chroot/ntp mkdir -p $rootfs/{etc,var/lib/ntp,var/log} mv /etc/ntp.conf $rootfs/etc ln -s $rootfs/etc/ntp.conf /etc/ntp.conf if [ -e /var/lib/ntp/ntp.drift ]; then mv

Encrypt a short message into spam

The author of SpamMimic describes a new way to encrypt and the most important and orginal the way to do it discreetly : There are terrific tools (like PGP and GPG) for encrypting your mail. If somebody along the way

Generates a full-memory minidump of a process

The original source of this function is available on Github here You can use this function to generate a process dump file using Powershell. function Out-Minidump { [CmdletBinding()] Param ( [Parameter(Position = 0, Mandatory = $True, ValueFromPipeline = $True)] [System.Diagnostics.Process]

Set PDC Emulator AnnounceFlag

With this script, you will be able to set the registry AnnounceFlag to “0x5” on each PDC emulator on your forest The script performs these steps : List all PDC emulator on all domains in the current forest Read the

Remove the SIDHistory information

With this script, you will be able to remove the SID History on all user account in a specific Active Directory organizational unit. The script performs the following steps : list the user account in a specific OU retrieve the