Code notes

Jan. 20, 2021

In my code note I try to put useful stuff, I have on my computer that I can share that will be useful for other people.

Cheap ass proxy

Found this cool one-liner in stackoverflow, really useful if I need to debug something really fast and can’t bother to open wireshark:

ncat -lkv localhost 10000 -c 'tee /dev/stderr | ncat -v localhost 8080 | tee /dev/stderr'

Simple script to automate creating databases

I use this thing at work, thought I’ll just paste it here, this will just create a database user and 3 databases for different development environments, supposes that it needs to do ssh tunneling because that’s what we do at work.

import click
import mysql.connector


def ssh_tunnel(ip, username, password, port, sshport):
    from sshtunnel import SSHTunnelForwarder

    server = SSHTunnelForwarder(
      ip,
      ssh_port=sshport,
      ssh_username=username,
      ssh_password=password,
      remote_bind_address=('127.0.0.1', port)
    )
    server.daemon_forward_servers = True
    server.start()

    return server

def create_mysql_databases(prefix, local_port, user, password):
    env = ["int", "qualif", "test"]
    mydb = mysql.connector.connect(
      host="127.0.0.1",
      user=user,
      password=password,
      port=local_port,
      auth_plugin='mysql_native_password'
    )
    mycursor = mydb.cursor()

    dbs = []
    for e in env:
      dbs.append("{}-{}_db".format(prefix, e))
      mycursor.execute("CREATE DATABASE IF NOT EXISTS  `{}-{}_db`".format(prefix, e))


    mydb.close()
    return dbs


def generate_password(length):

    import string, random

    myset = string.ascii_lowercase + string.ascii_uppercase + string.digits

    password = "".join([random.choice(myset) for i in range(length)])
    return password

def create_mysql_user(prefix, local_port, user, password, length, dbs):
    mydb = mysql.connector.connect(
      host="127.0.0.1",
      user=user,
      password=password,
      port=local_port,
      auth_plugin='mysql_native_password'
    )
    mycursor = mydb.cursor()

    mpassword = generate_password(length)
    muser = "{}".format(prefix)

    mycursor.execute("SELECT EXISTS(SELECT 1 FROM mysql.user WHERE user = '{}')".format(muser))

    result = mycursor.fetchall()[0]
    mycursor = mydb.cursor()
    if result[0] == 1:
      click.echo("User {} already exists bro".format(muser))
    else:
      mycursor.execute("CREATE USER '{}'@'%' IDENTIFIED BY '{}';".format(muser, mpassword))
    # give prevs
    for d in dbs:
      mycursor.execute("GRANT ALL PRIVILEGES ON `{}`.* TO '{}'@'%';".format(d, muser))
      mycursor.execute("FLUSH PRIVILEGES;")

    mydb.close()
    return mpassword, muser



@click.command()
@click.option('--sshuser', default="ubuntu", help='Username of root')
@click.option('--sshpassword', help='Password of root', prompt='Password of user')
@click.option('--sshport', help='SSh port', prompt='SSh port')
@click.option('--mysqluser', default="root", help='Username of root')
@click.option('--mysqlpassword', default="ubuntu", help='Username of root')
@click.option('--mysqlip', default="127.0.0.1", help='Username of root')
@click.option('--sship', prompt='Server to deploy databases to',
	    help='Enter IP address to create databases on')
@click.option('--project', prompt='Project name',
	    help='Enter project name')
@click.option('--mysqlport', prompt='Mysql port number',
	    help='Mysql port number', default=3306)
@click.option('--plen', prompt='Generated password length',
	    help='Enter password length', default=10)
def main(sshuser, sshpassword, sship, project, mysqlport, plen, mysqluser, mysqlpassword, mysqlip, sshport):

    server = ssh_tunnel(sship, sshuser, sshpassword, mysqlport, sshport)
    lb_port = server.local_bind_port

    dbs = create_mysql_databases(project, lb_port, mysqluser, mysqlpassword)
    try:
      mpassword, muser = create_mysql_user(project, lb_port, mysqluser, mysqlpassword, plen, dbs)
    except Exception as e:
      print(e)
      server.stop()
      exit(0)

    click.echo("{}:{}".format(muser, mpassword))
    server.stop()
    exit(0)

if __name__ == '__main__':
    main()

Using ansible to deploy filebeat and auditbeat agents

I manage a SIEM for work, and regularly my company adds new client servers, to automate deploying filebeat and auditbeat agents, I just use ansible playbooks for that, saves me tones of time.

It’s pretty simple really I just use geerlingguy roles:

---
- hosts: ansible
  become: yes
  become_user: root
  roles:
    - geerlingguy.filebeat
    - geerlingguy.auditbeat

I also just have another playbook to allow servers in the SIEM firewall (I use ufw, it just comes with debian)

---

- hosts: xxxxxxxx
  become: yes
  become_user: root
  tasks:
    - name: allow access to kibana
      ufw:
      rule: allow
      src: '{{ item }}'
      port: 5601
      loop:
      - xx.xxx.xxx.xxx
    - name: allow acces to elasticsearch
      ufw:
      rule: allow
      src: '{{ item }}'
      port: 9200
      loop:
      - xx.xxx.xxx.xxx