The Mac and most distributions of Linux come with netcat built in. The Mac distribution is known as nc. You can run a super-quick port scan of another host without installing any third party tools. I’ve been using stroke to run my port scans for a long time. I am a fool. Netcat’s better. Don’t be like me. Use nc: /usr/bin/nc -z 10.10.10.10 1-100000
-
-
Web Server Bash One Liner for Linux or Mac
The nc (or netcat) binary is useful for a variety of TCP or UDP operations. You can open a listener, proxy connections, open a connection to another device, and port scan a device. And you can do it all through TCP and/or UDP, define ports, and scripting with nc is pretty easy. So in the below code we’ll start a while loop and then execute an echo of a header so a browser knows how to interpret what we’re sharing, which is a cat of our file. Then we’ll pipe that into netcat with a -l option so we can define the port and end the loop. while TRUE; do…
-
Jamf After Dark Podcast: Conditionally Accessing All The Things
- Mac OS X, Mac OS X Server, Mac Security, MacAdmins Podcast, The History Of Computing, The History Of Computing Podcast
The Origin Of The Blue Meanies
-
Jamf Extension Attribute To Find ***Directories*** Named .DS_Store
I’ve written about .DS_Store files before (e.g. https://krypted.com/mac-os-x/no-more-ds_store-files/ to remove the files on file shares ). The .DS_Store is a ***file*** that has some custom attributes of the folder it’s in, such as a background image for the folder (e.g. in disk images with installers that get expanded and then show you a little arrow to copy the folder to the hard drive /Applications is a common use), spotlight comments, and then the .DS_Store also contains icon positions. This all goes back to Finder apps interpreting objects in a foreign file system kind of world. Turns out that that a number of vendors have built exceptions for .DS_Store files because…
-
Lambda to Sign Configuration Profiles
Recently needed the ability to sign .mobileconfig files and didn’t want to rely on a private key being on a client device. This java project is meant to sign .mobileconfig files for distribution to iOS, tvOS, iPadOS and macOS devices. Built to be hosted in a Lambda so you don’t need to have keys in a client-side app (wouldn’t be too challenging to move to a Google Cloud Function). Download it at https://github.com/krypted/mobileconfigsigner Lambda Input parameters, if you call if from a web or swift app: bucketName – this is the name of the S3 bucket that will hold the pem files + file to sign signerFile (e.g. ca.key in…
-
Find all files with a single character name
Other than typesetting and indexing tools, most apps shouldn’t be creating files that have single character file names. To find all the files with single character file names on a Mac, you could use find and then awk for the length of the file name: find / -type f -print| awk -F/ ' length($NF) == 1 ' You could also use mdfind or another tool to list all files and pipe that to the same awk -F/ ‘ length($NF) == 1 ‘ statement.
-
Find Running Binaries Masquerading as Files
Binaries should not be called salesreports.doc or timesheet.pdf. If a file with a document extension is executing then it’s most likely bad. Like rulllll bad. So on a Mac, you can check what’s running in that context by piping ps output to grep and using the \| as an OR statement to check for files that match a few known document types, as follows: ps aux | grep ‘.doc\|.pdf\|.png\|.docx\|.mpkg\|.pkg\|.xls\|.ods\|.xlsx\|.odt\|.key\|.htm\|.txt\|.csv\|.xml\|.json\|.pdf\|.ogg\|.rtf\|.dmp\|.aac\|.mp3\|.psg\|.mp4\|.m4a\|.gz\|.png\|.html\|.jpg\|.rss\|.jpeg\|.vb\|.wav\|.svg\|.bmp\|.pps\|.ppt\|.php\|.pptx\|.tiff\|.tif\|.gzip\|.wmv\|.zip\|.rar\|.bin\|.iso\|.sql\|.ico’
-
What Applications Invoke Persistent Processes On A Mac?
I’m increasingly concerned about applications that act as no applications should need to in the modern era of Apple device management. As such, a simple (albeit computationally expensive) way of performing this type of operation is to simply grep a directory with applications that contain those strings for further inspection: grep -r -l "LaunchDaemons" /Applications grep -r -l "LaunchAgents" /Applications grep -r -l ".kext" /Applications grep -r -l ".pkg" /Applications You can also use find: find /Applications -type f -exec grep -l 'LaunchDaemons' {} \; The nice part of using find here is that you can -exec a lot of options without the same type of piping. You can also…
-
Episode 136 of MacAdmins Podcast, Bare Metal with Chris Chapman