foralyse

xubuntu 20.04 - focal

virt-manager

host

<filesystem type="mount" accessmode="mapped" fmode="0660" dmode="0770">
  <source dir="/vms/share"/>
  <target dir="/hostshare"/>
  <address type="pci" domain="0x0000" bus="0x07" slot="0x00" function="0x0"/>
</filesystem>

#sudo usermod -G libvirtd -a $USER
sudo usermod -G libvirt-qemu -a $USER
hostpath=/vms/share
sudo chown -R libvirt-qemu:libvirt-qemu $hostpath
sudo setfacl -Rm g:libvirt-qemu:rwx $hostpath
sudo setfacl -d -Rm g:libvirt-qemu:rwx $hostpath

guest

sudo sh -c 'echo "9p
9pnet
9pnet_virtio" >> /etc/initramfs-tools/modules'
sudo update-initramfs -u

sudo sh -c 'echo "# qemu share
hostshare                                /share        9p     trans=virtio,version=9p2000.L,rw,umask=002    0 0" >> /etc/fstab'

global

install

update

sudo apt remove -y gimp* libreoffice-* thunderbird* transmission-gtk
sudo apt update
sudo apt list --upgradable
sudo apt -y dist-upgrade
sudo apt -y autoremove

system

sudo apt install -y binutils-common bsdmainutils curl debconf-utils exfat git gnupg2 gparted hfsprogs htop kpartx lnav most net-tools p7zip-full p7zip-rar pv rar sysstat testdisk tmux tree unrar vim xsysinfo # openssh-server

sudo apt install -y dconf-editor firefox-locale-fr galculator gpicview meld plank qt5ct qt5-gtk2-platformtheme thunar-media-tags-plugin tumbler-plugins-extra

conf

qt5-ct to fusion

global

sudo swapoff -av && sudo sh -c 'echo vm.swappiness=10 > /etc/sysctl.d/99-swappiness.conf' # limit swap

sudo rm /etc/localtime && sudo ln -sv /usr/share/zoneinfo/Etc/UTC /etc/localtime

software-properties-gtk # add canonical partners

export QT_QPA_PLATFORMTHEME=gtk2
echo "\n# QT\nexport QT_QPA_PLATFORMTHEME=gtk2" >> ~/.profile
echo -e "\n#JAVA\nexport _JAVA_OPTIONS=\"-Dawt.useSystemAAFontSettings=on -Dswing.aatext=true -Dswing.defaultlaf=com.sun.java.swing.plaf.gtk.GTKLookAndFeel -Dswing.crossplatformlaf=com.sun.java.swing.plaf.gtk.GTKLookAndFeel \${_JAVA_OPTIONS}\"" >> ~/.profile

menulibre # edit menu

path=~/.config/autostart
[ -d ${path} ] || mkdir ${path}
echo '[Desktop Entry]
Encoding=UTF-8
Version=0.9.4
Type=Application
Name=plank
Comment=plank
Exec=plank
OnlyShowIn=XFCE;
RunHook=0
StartupNotify=false
Terminal=false
Hidden=false' > ${path}/plank.desktop

plank --preferences &

trans

# HOST
path=/vms/share/trans; [ -d ${path} ] || mkdir -p ${path}
cp -r ~/dev/ /vms/share/trans/

# GUEST
path=~/.local/share/icons; [ -d ${path} ] || mkdir -p ${path}
path=~/.local/share/applications; [ -d ${path} ] || mkdir -p ${path}

path=/share/trans/dev
path_conf=${path}/install-desktop/conf

cp ${path_conf}/foralyse/.bashrc ~/
cp ${path_conf}/foralyse/.bash_alias ~/
sudo cp ${path_conf}/foralyse/.bashrc /root/
sudo cp ${path_conf}/foralyse/.bash_alias /root/
cp ${path}/install/conf/foralyse/.vimrc ~/
sudo cp ${path}/install/conf/vim/* /usr/share/vim/vim*/colors/
sudo cp ${path_conf}/soft/meld-dark.xml /usr/share/meld/styles/
sudo cp ${path_conf}/wp/* /usr/share/xfce4/backdrops/
sudo cp ${path_conf}/bash-completion/* /usr/share/bash-completion/completions/
sudo cp ${path_conf}/icons/tmux.svg /usr/share/icons/default/
sudo cp ${path_conf}/foralyse/xfce4-terminal-tmux.desktop ~/.local/share/applications/
cp ${path_conf}/foralyse/xfce4-terminal-tmux.desktop ~/.local/share/applications/
cp ${path_conf}/icons/* ~/.local/share/icons

sudo ln -sv /usr/share/bash-completion/completions/tmux.git /usr/share/bash-completion/completions/tmux

sudo chmod +r /usr/share/icons/default/tmux.svg
sudo chmod +r /usr/share/bash-completion/completions/tmux*
sudo chmod +r /usr/share/xfce4/backdrops/*

sublime text

file="/etc/hosts"
sudo sh -c "echo '\n# sublime-text hack\n127.0.0.1\tsublimetext.com\n127.0.0.1\twww.sublimetext.com\n127.0.0.1\tlicense.sublimehq.com' >> ${file}"

ips="45.55.255.55"
for ip in ${ips}; do sudo iptables -A OUTPUT -d ${ip} -j DROP; done
path=/etc/iptables
[ -d "${path}" ] || sudo mkdir "${path}"
sudo sh -c 'iptables-save > /etc/iptables/rules.v4'

cat ${S_PATH_INSTALL_CONF}/soft/sublime-text.license

forensic

global

# network
sudo apt install -y whois

# pwd & evtx & process
sudo apt install -y john libscca-utils pev radare2

# hive
sudo apt install -y libhivex-bin chntpw reglookup

# gui
sudo apt install -y bless geany ghex gpicview gtkhash wxhexeditor

conf

bless

cp /usr/share/bless/*.layout ~/.config/bless/layouts/

kali

#sudo sh -c "echo '# kali\ndeb http://http.kali.org/kali kali-rolling main non-free contrib' > /etc/apt/sources.list.d/kali.list
#wget -q -O - archive.kali.org/archive-key.asc | sudo apt-key add -
#sudo apt update

#sed -i '/^deb/ s|^|#|' /etc/apt/sources.list.d/kali.list
#sudo apt update

python

sudo apt-get install -y python3 python3-pip
. ~/.profile

sudo apt-get install -y python2 # python2-dev
cd /tmp && curl -sSL https://bootstrap.pypa.io/pip/2.7/get-pip.py -o get-pip.py
python2 get-pip.py

pip2

python2 -m pip install -U balbuzard

pip3

python3 -m pip install -U malcarve regrippy

binwalk

dependencies

sudo apt install mtd-utils gzip bzip2 tar arj lhasa p7zip p7zip-full cabextract cramfsswap squashfs-tools lzop srecord

python3 -m pip install -U nose coverage pycryptodome pyqtgraph capstone matplotlib
. ~/.profile

github

# Install sasquatch to extract non-standard SquashFS images
sudo apt install -y zlib1g-dev liblzma-dev liblzo2-dev
cd /tmp && git clone https://github.com/devttys0/sasquatch
cd sasquatch && ./build.sh

# Install jefferson to extract JFFS2 file systems
python3 -m pip install -U cstruct
cd /tmp && git clone https://github.com/sviehb/jefferson
cd jefferson && sudo python3 setup.py install

# Install ubi_reader to extract UBIFS file systems
sudo apt install -y liblzo2-dev
python3 -m pip install -U python-lzo
cd /tmp && git clone https://github.com/jrspruitt/ubi_reader
cd ubi_reader && sudo python3 setup.py install

# Install yaffshiv to extract YAFFS file systems
cd /tmp && git clone https://github.com/devttys0/yaffshiv
cd yaffshiv && sudo python3 setup.py install

# Install unstuff (closed source) to extract StuffIt archive files
cd /tmp && curl -sS http://downloads.tuxfamily.org/sdtraces/stuffit520.611linux-i386.tar.gz | tar -zxv
sudo cp bin/unstuff /usr/local/bin/

pandoc

# sudo apt install pandoc texlive-latex-base texlive-latex-recommended texlive-latex-extra

# pandoc -s -o $fileout $filein

binwalk

cd /tmp && git clone https://github.com/ReFirmLabs/binwalk
cd binwalk && sudo python3 setup.py install

regripper

sudo apt-get install -y libparse-win32registry-perl
path=$(find /usr/share -name Win32Registry)
cd /usr/share && sudo git clone https://github.com/keydet89/RegRipper3.0.git 
sudo mv RegRipper3.0 regripper
for file in WinNT/File.pm WinNT/Key.pm Base.pm; do sudo mv ${path}/${file} ${path}/${file}.$(date +%s); sudo ln -sv /usr/share/regripper/${file##*/} ${path}/${file}; done
cd regripper
sudo cp -a rip.pl rip.pl.$(date +%s)
sudo sed -i '/^my @alerts = ();/a my \$plugindir = "/usr/share/regripper/plugins/";' rip.pl
sudo sed -i "1c #! $(which perl)\nuse lib qw(/usr/lib/perl5/);" rip.pl
sudo chmod +x rip.pl
sudo ln -sv /usr/share/regripper/rip.pl /usr/bin/regripper
sudo ln -sv /usr/share/regripper/rip.pl /usr/bin/rip

volatility

volatility3

python3 -m pip install -U pefile yara-python capstone pycryptodome jsonschema leechcorepyc python-snappy

python3 -m pip install -U volatility3
cd ~/.local/bin && ln -sv vol vol3

volatility2

https://github.com/volatilityfoundation/volatility/wiki/Installation

sudo apt -y install pcregrep libpcre++-dev python-dev

python2 -m pip install distorm3 ipython openpyxl pycrypto pytz ujson yara-python

libforensic1394

sudo apt install -y cmake

cd /tmp
git clone https://github.com/FreddieWitherden/libforensic1394
cd libforensic1394
mkdir build && cd build
cmake -G"Unix Makefiles" ../
sudo make install
cd ../python
sudo python setup.py install
sudo ln -sv /usr/local/lib/libforensic1394.so.0.3.0 /usr/lib/libforensic1394.so.2

cd
sudo rm -fR /tmp/libforensic1394
sudo apt remove cmake
sudo apt autoremove

volatility

cd /opt
git clone https://github.com/volatilityfoundation/volatility.git
cd volatility
rm -fR .git
sudo python setup.py install

cd /usr/local/bin
sudo ln -sv vol.py vol2
vol2 -h

wireshark

sudo add-apt-repository -y ppa:wireshark-dev/stable
sudo apt update
sudo apt install -y tshark wireshark

autopsy

global

path_share=/share

sudo apt-get update

sudo apt install -y afflib-tools testdisk ewf-tools xmount fdupes java-common

sudo apt-get install -y imagemagick libde265-0 libheif1

java

java_file=$(ls ${path_share}/jdk-8*linux-x64.tar.gz)
file=/usr/local/bin/oracle-java-installer.sh
sudo curl -sS https://raw.githubusercontent.com/labcif/oracle-java-installer/master/oracle-java-installer.sh -o ${file}
#sudo sed -i s'/update-java-alternatives -a/update-alternatives --auto java/' /usr/local/bin/oracle-java-installer.sh
#sudo sed -i s'/update-java-alternatives -l/update-alternatives --list java/' /usr/local/bin/oracle-java-installer.sh
sudo sed -i 's|tar -xvzf|tar -xzf|' /usr/local/bin/oracle-java-installer.sh
sudo chmod +x ${file}
sudo ${file} --install ${java_file}
. /etc/profile.d/jdk.sh
${file} --status ${java_file}

base64sha

file=/usr/local/bin/b64sha
sudo curl -sS https://raw.githubusercontent.com/labcif/Base64SHA/master/b64sha -o ${file}
sudo chmod +x ${file}

sleuthkit

sleuthkit_file=$(ls ${path_share}/sleuthkit-java_*_amd64.deb)
read sleuthkit_version_major sleuthkit_version_minor <<<$(echo ${sleuthkit_file}|sed 's|^.*/sleuthkit-java_\([0-9_\.]\+\)-\([0-9]\)_amd64.deb|\1 \2|')

sudo apt install ${sleuthkit_file}

autopsy

file=$(ls ${path_share}/autopsy-*.zip)
path=${file%.zip} && path=/opt/${path##*/}
sudo unzip -q -d /opt/ ${file}

sudo chown -R ${USER}:${USER} ${path}
cd /opt && sudo ln -sv ${path##*/} autopsy
cd ${path}
sh unix_setup.sh

ln -sv ${path}/bin/autopsy ~/.local/bin/autopsy
autopsy --nosplash

launcher

echo "[Desktop Entry]
Version=1.0
Type=Application
Terminal=false
Icon=/opt/autopsy/icon.ico
Name=Autopsy
Exec=autopsy" > ~/.local/share/applications/autopsy.desktop

addons

disk · foralyse · forensic · memory · network · ubuntu

Fri Jun 3 08:41:58 2022 * · permalink

http://code.ambau.ovh/snippets/foralyse.html

cuckoo - conf

system

sudo sh -c "echo 'fs.file-max=3253172' > /etc/sysctl.d/90-cuckoo.conf"

file=/etc/security/limits.conf
sudo cp -a ${file} ${file}.$(date +%s)
sudo sh -c "echo '
# cuckoo
*    soft     nofile         4096
*    hard     nofile         16384' >> ${file}"

logout / login

mongodb

service

service=mongodb.service
systemctl is-enabled ${service} || sudo systemctl enable ${service}
systemctl is-active ${service} || sudo systemctl start ${service}
systemctl status ${service}
ss -ltn|grep 27017

users

mongo

db.createUser({ user: "admin", pwd: "7Yt_Gi-sYgCsr", roles:[{ role: "userAdminAnyDatabase", db: "admin" }] })
db.getUsers()

use cuckoo
db.createUser({ user: "cuckoo", pwd: "8hm6_FevpUA5od", roles:[{ role: "dbOwner", db: "cuckoo" }] })
db.getUsers()

show dbs
exit

conf

file=/etc/mongodb.conf
while read str val; do
sudo sed -i "s|#\?\(${str}\) *=.*$|\1 = ${val}|" ${file}
done <<< "port  27017
journal  true
auth  true
verbose  true"

sudo systemctl restart ${service}

postgresql

service=postgresql.service
systemctl is-enabled ${service} || sudo systemctl enable ${service}
systemctl is-active ${service} || sudo systemctl start ${service}
systemctl status ${service}
ss -ltn|grep 5432

sudo -u postgres psql

psql

\du
CREATE DATABASE cuckoo;
CREATE USER cuckoo WITH ENCRYPTED PASSWORD '8hm6_FevpUA5od';
GRANT ALL PRIVILEGES ON DATABASE cuckoo TO cuckoo;
\du
\q

guacd

service=guacd.service
systemctl is-enabled ${service} || sudo systemctl enable ${service}
systemctl is-active ${service} || sudo systemctl start ${service}
systemctl status ${service}
ss -ltn|grep 4822

cuckoo

create

[ -d ~/.cuckoo ] || cuckoo -d

cp -a ~/.cuckoo ~/.cuckoo.$(date +%s)

cuckoo

file=~/.cuckoo/conf/cuckoo.conf
while read str val; do
sed -i "/${str} =/ s|=.*$|= ${val}|" ${file}
done <<< "machinery  kvm
memory_dump yes
ip  192.168.122.1
connection  postgresql://cuckoo:8hm6_FevpUA5od@localhost:5432/cuckoo
guacd_host localhost
guacd_port 4822"

auxiliary

file=~/.cuckoo/conf/auxiliary.conf
while read str val; do
sed -i "/${str} =/ s|=.*$|= ${val}|" ${file}
done <<< "tcpdump  /usr/sbin/tcpdump
mitmdump  /usr/local/bin/mitmdump"

kvm

update VMs in ~/.cuckoo/conf/kvm.conf

memory

file=~/.cuckoo/conf/memory.conf
while read str val; do
sed -i "/${str} =/ s|=.*$|= ${val}|" ${file}
done <<< "guest_profile  Win7SP1x64
delete_memdump  no"

processing

file=~/.cuckoo/conf/processing.conf
sed -i "/^.memory.$/,/^$/ s|^enabled = .*$|enabled = yes|" ${file}

reporting

file=~/.cuckoo/conf/reporting.conf

# singlefile
sed -i "/^.singlefile.$/,/^$/ s|^enabled = .*$|enabled = yes|" ${file}
sed -i "/^.singlefile.$/,/^$/ s|^html = .*$|html = yes|" ${file}
sed -i "/^.singlefile.$/,/^$/ s|^pdf = .*$|pdf = yes|" ${file}

# mongodb
db_name=cuckoo
db_user=cuckoo
db_pwd=8hm6_FevpUA5od
sed -i "/^.mongodb.$/,/^$/ s|^enabled = .*$|enabled = yes|" ${file}
sed -i "/^.mongodb.$/,/^$/ s|^db = .*$|db = ${db_name}|" ${file}
sed -i "/^.mongodb.$/,/^$/ s|^username = .*$|username = ${db_user}|" ${file}
sed -i "/^.mongodb.$/,/^$/ s|^password = .*$|password = ${db_pwd}|" ${file}

interface

user=nikita
hostbr=virbr0
vms="win7 "
for vm in win7; do
  sudo tunctl -b -u ${user} -t tap_${vm}
  sudo ip link set tap_${vm} master ${hostbr}
  sudo ip link set dev tap_${vm} up
  sudo ip link set dev ${hostbr} up
done

cuckoo · forensic · sandbox · ubuntu

Sat May 21 10:10:22 2022 * · permalink

http://code.ambau.ovh/snippets/cuckoo-conf.html

cuckoo - guest

python

time

disable time settings from internet
set static IP address (disable DHCP)

address 192.168.122.101
gateway 192.168.122.1 / 255.255.255.0
DNS 208.67.222.222, 208.67.222.220

windows

add ;c:\python27;c:\python27\script;C:\Program Files (x86)\GnuWin32\bin to PATH

install python-2.7.10.amd64.msi
install wget-1.11.4-1-setup.exe

wget https://bootstrap.pypa.io/pip/2.7/get-pip.py

python.exe get-pip.py
pip install -U setuptools

pillow

pip install --U Pillow

agent

get from host: $CWD/agent.py
rename, put in guest: C:\ProgramData\Microsoft\Start Menu\programs\Startup\agent.pyw

cuckoo · forensic · sandbox · ubuntu

Thu May 19 10:01:50 2022 * · permalink

http://code.ambau.ovh/snippets/cuckoo-guest.html

cuckoo - host

https://cuckoo.sh/docs/installation/host/requirements.html
xubuntu 18.04 "bionic"

global

sudo apt update
sudo apt-get install -y git swig libjpeg-dev zlib1g-dev libffi-dev libssl-dev
sudo apt-get install -y  virt-win-reg libhivex-bin # registry

python

Requirement

local vs global

# pip for user installation
pip=pip

# pip for root installation
pip="sudo -H pip"

sudo apt install -y python python-pip python-dev
# sudo apt-get install -y python-virtualenv

$pip install -U pip setuptools

balbuzard

$pip install -U balbuzard

pydeep

# ssdeep
sudo apt install -y ssdeep libfuzzy-dev
sudo ldconfig

# pydeep
$pip install pydeep
# sudo apt install -y git
# cd /tmp && git clone https://github.com/kbandla/pydeep && cd pydeep
# python setup.py build && python setup.py test
# sudo python setup.py install

m2crypto

$pip install m2crypto # $pip install m2crypto==0.24.0

volatility

https://github.com/volatilityfoundation/volatility/wiki/Installation

libforensic1394.so.2

sudo apt install -y cmake

cd /tmp
git clone https://github.com/FreddieWitherden/libforensic1394
cd libforensic1394
mkdir build && cd build
cmake -G"Unix Makefiles" ../
sudo make install
cd ../python
sudo python setup.py install
cd
sudo rm -fR /tmp/libforensic1394

sudo ln -sv /usr/local/lib/libforensic1394.so.2 /usr/lib/libforensic1394.so.2

pip packages

sudo apt -y install pcregrep libpcre++-dev python-dev

$pip install pycrypto distorm3 yara-python ujson openpyxl pytz ipython

volatility

cd /opt
git clone https://github.com/volatilityfoundation/volatility.git
cd volatility
rm -fR .git
sudo python setup.py install

cd /usr/local/bin
sudo ln -sv vol.py vol2
vol2 -h

bash completion

sudo cp -a /home/shared/dev/install-desktop/conf/cuckoo/vol2 /usr/share/bash-completion/completions/
opts=$(vol2 --info|sed -n '/^Plugins/,/^$/ p'|tail -n+3|cut -f1 -d' '|xargs)
sudo sed -i "s|^\( *opts=\).*$|\1'${opts}'|" /usr/share/bash-completion/completions/vol2

exec bash # reload completions

DB

django

sudo apt-get install -y mongodb

postgresql

sudo apt-get install -y postgresql libpq-dev

$pip install psycopg2

packages

guacd

sudo apt install -y libguac-client-rdp0 libguac-client-vnc0 libguac-client-ssh0 guacd

tcpdump

sudo apt-get install -y tcpdump
# sudo apt-get install -y tcpdump apparmor-utils
# sudo aa-disable /usr/sbin/tcpdump

sudo groupadd pcap
sudo chgrp pcap /usr/sbin/tcpdump
sudo setcap cap_net_raw,cap_net_admin=eip /usr/sbin/tcpdump

# verification
getcap /usr/sbin/tcpdump # /usr/sbin/tcpdump = cap_net_admin,cap_net_raw+eip

mitmproxy

https://mitmproxy.org/downloads/

version=3.0.4
path=/opt/mitmproxy
[ -d ${path} ] || mkdir ${path}
cd ${path}
wget https://snapshots.mitmproxy.org/${version}/mitmproxy-v${version}-linux.tar.gz
wget https://snapshots.mitmproxy.org/${version}/pathod-v${version}-linux.tar.gz
tar xzf mitmproxy-v${version}-linux.tar.gz
tar xzf pathod-v${version}-linux.tar.gz
files="mitmdump mitmproxy mitmweb pathoc pathod"
for file in $files; do sudo ln -sv ${path}/${file} /usr/local/bin/${file}; done
for file in $files; do sudo ls -al /usr/bin/${file}; done

qemu/kvm

sudo apt-get install -y qemu-kvm libvirt-bin ubuntu-vm-builder bridge-utils python-libvirt virt-manager libguestfs-tools uml-utilities

sudo adduser ${USER} libvirt-qemu

for path in /vms/data /vms/iso; do sudo [ -d ${path} ] || sudo mkdir ${path}; done
sudo setfacl -R -m u:$USER:rw /vms/data /vms/iso
sudo setfacl -R -m d:$USER:rw /vms/data /vms/iso

thunar

$HOME/.config/Thunar/uca.xml

<action>
        <icon>edit-copy</icon>
        <name>Duplicate root</name>
        <unique-id>1635257948652123-2</unique-id>
        <command>pkexec cp -a %f %f.copy</command>
        <description>Duplicate root</description>
        <patterns>*</patterns>
        <directories/>
        <audio-files/>
        <image-files/>
        <other-files/>
        <text-files/>
        <video-files/>
</action>
<action>
        <icon>media-import-audio-cd</icon>
        <name>iso</name>
        <unique-id>1653055089123473-10</unique-id>
        <command>mkisofs -Jro /vms/iso/tmp.iso %F</command>
        <description>make iso in vms/iso/tmp.iso</description>
        <patterns>*</patterns>
        <startup-notify/>
        <directories/>
        <audio-files/>
        <image-files/>
        <other-files/>
        <text-files/>
        <video-files/>
</action>
<action>
        <icon>go-bottom</icon>
        <name>mount data</name>
        <unique-id>1653055065395840-9</unique-id>
        <command>guestmount --add %f --mount /dev/sda1 /vms/data</command>
        <description>guest mount in /vms/data</description>
        <patterns>*.qcow2;*.img;*.raw</patterns>
        <other-files/>
</action>
<action>
        <icon>go-top</icon>
        <name>unmount data</name>
        <unique-id>1653055105839871-11</unique-id>
        <command>guestunmount /vms/data</command>
        <description>guest unmount /vms/data</description>
        <patterns>*</patterns>
        <startup-notify/>
        <directories/>
        <audio-files/>
        <image-files/>
        <other-files/>
        <text-files/>
        <video-files/>
</action>

cuckoo

direct

$pip install -U cuckoo

virtualenv

cd /opt
virtualenv venv
. venv/bin/activate
$pip install -U cuckoo

cuckoo · forensic · sandbox · ubuntu

Tue May 17 11:31:31 2022 * · permalink

http://code.ambau.ovh/snippets/cuckoo-host.html

cuckoo - xubuntu

xubuntu 18.04 bionic

update

sudo apt update
sudo apt list --upgradable
sudo apt dist-upgrade
sudo apt autoremove
sudo apt autoclean
sudo apt clean

system

https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/rtl_nic/

cd /tmp
wget https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/plain/rtl_nic/rtl8168fp-3.fw
wget https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/plain/rtl_nic/rtl8125a-3.fw
sudo cp rtl81* /lib/firmware/rtl_nic/
sudo update-initramfs -u

prepare

. /server/server.conf
. /server/install.conf

sudo mount /btrfs/sys

sdate=$(date +%s)
btrfs_sys=focal
btrfs_user=user-focal

grub

# update /etc/grub/40_custom
sudo sed -i '/^GRUB_TIMEOUT=/ s|=.*|=2|' /etc/default/grub
sudo update-grub

init

path_install_conf=${S_PATH_INSTALL_CONF/install-desktop/install}
path_install_bash_completion=${S_PATH_INSTALL_CONF}/bash-completion
file_env=${S_PATH_SCRIPT_CONF}/env
file_bash_aliases=${S_PATH_SCRIPT_CONF}/.bash_aliases
file_bash_functions=${S_PATH_SCRIPT_CONF}/.bash_functions
file_vimrc="${S_PATH_SCRIPT_CONF}/.vimrc"

sudo software-properties-gtk

sudo adduser ${USER} users; sudo adduser ${USER} www-data
sudo adduser ${USER} audio; sudo adduser ${USER} video

file=~/.bash_aliases
[ -e ${file} ] && _eval rm ${file}
ln -s ${file_bash_aliases} ${file}

file=~/.bash_functions
[ -e ${file} ] && _eval rm ${file}
ln -s ${file_bash_functions} ${file}

sudo cp -a ${S_PATH_INSTALL_CONF}/bash-completion/* /usr/share/bash-completion/completions/

file=~/.bashrc
cp -a ${file} ${file}.${sdate}
sed -i 's|^\(HISTSIZE\)=.*$|\1=10000|' ${file}
sed -i 's|^\(HISTFILESIZE\)=.*$|\1=20000|' ${file}
sed -i '/^#force_color_prompt/ s|^#||' ${file}
color='\\[\\033[01;34m\\]'
sed -i 's|^\( *\)\(PS1.*033.*32m.*\)$|\1PS1="\${debian_chroot:+(\$debian_chroot)}\\['${color}'\\]\\u\\[\\e[1;37m\\]@\\['${color}'\\]\\h\\[\\e[1;37m\\]:\\W\\['${color}'\\]\$\\[\\e[0;0m\\]\"|' ${file}
sed -i 's|^#\?\(force_color_prompt\).*$|\1=yes|' ${file}
grep -q "${file_env}" ${file} || echo "
# source global variables
[ -f ${file_env} ] && . ${file_env}
[ -f ~/.bash_functions ] && . ~/.bash_functions
" >> ${file}
grep -q '. ~/.bash_aliases' ${file} || echo "[ -f ~/.bash_aliases ] && . ~/.bash_aliases
"  >> ${file}
. ${file}

sudo cp -a /btrfs/sys/${btrfs_sys}/etc/hosts /etc/hosts

/home/shared/dev/keep/share-link nikita

root

file="/root/.bashrc"
sudo cp -a /root/.bashrc /root/.bashrc$(date +%s)
color_root="\033[01;31m"
case "$S_SERVER_TYPE" in    home)   color='\\[\\033[01;34m\\]' ;;   ovh)    color='\\[\\033[01;32m\\]' ;;   vz)     color='\\[\\033[01;33m\\]' ;;   lxd)    color='\\[\\033[01;33m\\]' ;;   kvm)    color='"\\[\\033[01;38;5;172m\\]' ;;    *)      color='\\[\\033[01;34m\\]'; color_root=$color ;; esac
# force color
sudo sed -i '/^#force_color_prompt=/ s|#||' ${file}
# PS1
ps1='${debian_chroot:+($debian_chroot)}'${color}'\\h\\[\\033[00m\\]\\w\\[\\033[01;31m\\]\\$\\[\\033[00m\\]'
# no root
#ps1='${debian_chroot:+($debian_chroot)}\\[\\033[01;31m\\]\\u\\[\\033[00m\\]@\\[\\033[01;32m\\]\\h\\[\\033[00m\\]:\\w\\[\\033[01;31m\\]\\$\\[\\033[00m\\]'
sudo sed -i "\|if \[ \"\$color_prompt\" = yes \]|{n;s|=.*|='$ps1'|}" ${file}
! sudo grep -q "${S_PATH_SCRIPT_CONF}/env" ${file} && sudo sh -c "echo '
# source global variables
[ -f ${S_PATH_SCRIPT_CONF}/env ] && . ${S_PATH_SCRIPT_CONF}/env
# aliases
[ -f ~/.bash_aliases ] && . ~/.bash_aliases
# functions
[ -f ~/.bash_functions ] && . ~/.bash_functions
' >> ${file}"
file=/root/.bash_aliases
sudo [ -f ${file} ] && sudo rm ${file}
sudo ln -s "$file_bash_aliases" ${file}
file=/root/.bash_functions
sudo [ -f ${file} ] && sudo rm ${file}
sudo ln -s "$file_bash_functions" ${file}
file=/root/.vimrc
sudo [ -f ${file} ] && sudo rm ${file}
sudo ln -sv "${file_vimrc}" ${file}

snap

snap list --all

# sudo snap remove --revision ${rev} ${pck}

install

sudo apt install -y curl debconf-utils gnupg2 htop net-tools p7zip-full p7zip-rar pv rar testdisk tree unrar xsysinfo
sudo apt install -y meld most lnav dconf-editor galculator
sudo apt install -y binutils-common bsdmainutils pev wxhexeditor # binwalk
sudo apt install -y gpicview thunar-media-tags-plugin tumbler-plugins-extra

forensic

sudo apt install -y binutils-common bsdmainutils pev radare2 bless wxhexeditor # binwalk

vim

sudo apt install -y vim

cd
ln -sv "${file_vimrc}" .vimrc
sudo cp /home/shared/dev/install/conf/vim/* /usr/share/vim/vim*/colors/

tmux

sudo apt install -y tmux

ln -vs /usr/local/bs/conf/.tmux.conf .tmux.conf
ln -sv /home/shared/.tmux.tmux

cd /usr/share/bash-completion/completions/
sudo rm tmux
sudo ln -sv tmux.git tmux

tmux a

thunar

sudo cp -a /btrfs/sys/user-pahvo/.config/Thunar/uca.xml ~/.config/Thunar/

qt5

sudo apt install -y qt5ct qt5-gtk-platformtheme qt5-style-plugins

sudo sh -e 'echo "QT_QPA_PLATFORMTHEME=qt5ct" >> /etc/environment'
export QT_QPA_PLATFORMTHEME=qt5ct

plank

sudo apt install -y plank

path=~/.config/autostart
[ -d ${path} ] || mkdir ${path}
echo '[Desktop Entry]
Encoding=UTF-8
Version=0.9.4
Type=Application
Name=plank
Comment=plank
Exec=plank
OnlyShowIn=XFCE;
RunHook=0
StartupNotify=false
Terminal=false
Hidden=false' > ${path}/plank.desktop

plank --preferences &

sublimetext

file="/etc/hosts"
sudo sh -c "echo '\n# sublime-text hack\n127.0.0.1\tsublimetext.com\n127.0.0.1\twww.sublimetext.com\n127.0.0.1\tlicense.sublimehq.com' >> ${file}"

ips="45.55.255.55"
for ip in ${ips}; do sudo iptables -A OUTPUT -d ${ip} -j DROP; done
path=/etc/iptables
[ -d "${path}" ] || sudo mkdir "${path}"
sudo sh -c 'iptables-save > /etc/iptables/rules.v4'

cat ${S_PATH_INSTALL_CONF}/soft/sublime-text.license

path=~/.local/share/applications
[ -d "${path}" ] || sudo mkdir "${path}"
tar xzf /ext/shared/Soft/linux/backup/sublime_text_20220516-1652694297.tar.gz -C /tmp/
cd /tmp/
mv opt/sublime_text/ /opt/
mv home/nikita/.config/sublime-text-3/ ~/.config/
mv home/nikita/.sublime-project/ ~/
mv home/nikita/.local/share/applications/sublime-text.desktop ~/.local/share/applications/
[ -e ~/.local/share/applications ] || mkdir ~/.local/share/applications
mv home/nikita/.local/share/applications/sublime-text.desktop ~/.local/share/applications/

mozilla

sudo add-apt-repository -y ppa:ppa-mozillateam
sudo apt remove --purge firefox
sudo snap remove --purge firefox

sudo sh -c "echo 'Package: *
Pin: release o=LP-PPA-mozillateam
Pin-Priority: 1001' > /etc/apt/preferences.d/mozilla-firefox"
apt policy firefox

sudo apt install -y firefox

cd
cp -a /home/shared/.mozilla.ubu /home/shared/.mozilla.ubu.${sdate}
ln -sv /home/shared/.mozilla.ubu .mozilla

cp -a /home/shared/.thunderbird.ubu /home/shared/.thunderbird.ubu.${sdate}
ln -sv /home/shared/.thunderbird.ubu .thunderbird

mudita24

sudo apt install -y mudita24
echo "[Desktop Entry]
Encoding=UTF-8
Version=0.9.4
Type=Application
Name=mudita24
Comment=mudita24
Exec=mudita24
OnlyShowIn=XFCE;
StartupNotify=false
Terminal=false
Hidden=true" >  ~/.config/autostart/mudita24.desktop

gmusicbrowser

sudo add-apt-repository ppa:tomtomtom/gmusicbrowser
sudo apt update
sudo apt install -y gmusicbrowser

sudo cp -a /btrfs/sys/user-pahvo/.config/gmusicbrowser ~/.config/
gmusicbrowser &

background

# background desktop
sudo cp /home/shared/dev/install-desktop/conf/wp/xubuntu-development-dark.jpg /usr/share/xfce4/backdrops/

# shortcut keyboard
# xfce4-terminal / shift+ctrl+alt-t
# xfce4-terminal -e "tmux a" / ctrl+alt-t
# xfce4-popup-whiskermenu / Super L

meld

sudo cp /home/shared/dev/install-desktop/conf/soft/meld-dark.xml /usr/share/meld/styles/

end

sudo apt update
sudo apt autoremove
sudo apt autoclean
sudo apt clean

cuckoo · forensic · sandbox · ubuntu

Tue May 17 09:09:10 2022 * · permalink

http://code.ambau.ovh/snippets/cuckoo-xubuntu.html

wifi

USB

RTL8821CU

https://github.com/brektrou/rtl8821CU

RTL88x2BU / RTL8822BU

manjaro

https://github.com/cilynx/rtl88x2BU_WiFi_linux_v5.3.1_27678.20180430_COEX20180427-5959

ubuntu

https://github.com/cilynx/rtl88x2bu

bash · manjaro · network · ubuntu

Sun Dec 20 07:43:05 2020 * · permalink

http://code.ambau.ovh/snippets/wifi.html

bash - dpkg apt

PACKAGE

package states

not-installed # The package is not installed on your system
config-files # Only the configuration files of the package exist on the system
half-installed # The installation of the package has been started, but not completed for some reason
unpacked # The package is unpacked, but not configured
half-configured # The package is unpacked and configuration has been started, but not yet completed for some reason
triggers-awaited # The package awaits trigger processing by another package
triggers-pending # The package has been triggered
installed # The package is correctly unpacked and configured

package selection states

install # The package is selected for installation
hold # A package marked to be on hold is not handled by dpkg, unless forced to do that with option --force-hold
deinstall # The package is selected for deinstallation (i.e. we want to remove all files, except configuration files)
purge # The package is selected to be purged (i.e. we want to remove everything from system directories, even configuration files)

package flags

ok # A package marked ok is in a known state, but might need further processing
reinstreq # A package marked reinstreq is broken and requires reinstallation. These packages cannot be removed, unless forced with option --force-remove-reinstreq

ACTIONS

-i, --install package-file... # Install the package. If --recursive or -R option is specified, package-file must refer to a directory instead
--unpack package-file... # Unpack the package, but don't configure it. If --recursive or -R option is specified, package-file must refer to a directory instead
--configure package...|-a|--pending # Configure a package which has been unpacked but not yet configured.  If -a or --pending is given instead of package, all unpacked but unconfigured packages are configured
--triggers-only package...|-a|--pending # Processes only triggers
-r, --remove package...|-a|--pending # Remove  an  installed  package
-V, --verify [package-name...] # Verifies the integrity of package-name or all packages if omitted, by comparing information from the files installed by a package with the files metadata information stored in the dpkg database
-C, --audit [package-name...] # Performs  database  sanity  and consistency checks for package-name or all packages if omitted (per package checks
--update-avail [Packages-file] # Update dpkg's & old  information  is  replaced  with  the information  in  the  Packages-file
--merge-avail [Packages-file] # Update dpkg's & old information is combined with information from Packages-file
-A, --record-avail package-file... # Update dpkg and dselect's idea of which packages are available with information from the package package-file
--clear-avail # Erase the existing information about what packages are available
--get-selections [package-name-pattern...] # Get list of package selections, and write it to stdout
--set-selections # Set package selections using file read from stdin
--clear-selections # Set the requested state of every non-essential package to deinstall
--yet-to-unpack # Searches for packages selected for installation, but which for some reason still haven't been installed
--predep-package # Print a single package which is the target of one or more relevant pre-dependencies and has itself no unsatisfied pre-dependencies
--add-architecture architecture # Add  architecture  to  the  list of architectures for which packages can be installed without using --force-architecture
--remove-architecture architecture # Remove architecture from the list of architectures for which packages can be installed without using --force-architecture
--print-architecture # Print architecture of packages dpkg installs
--print-foreign-architectures # Print a newline-separated list of the extra architectures dpkg is configured to allow packages to be installed for
--assert-feature # Asserts  that  dpkg  supports  the  requested  feature.     assertable features is:
    support-predepends # Supports the Pre-Depends field
    working-epoch # Supports epochs in version strings
    long-filenames # Supports long filenames in deb(5) archives
    multi-conrep # Supports multiple Conflicts and Replaces
    multi-arch # Supports multi-arch fields and semantics
    versioned-provides # Supports versioned Provides
--validate-thing string # Validate that the thing string has a correct syntax. validatable things is:
    pkgname # Validates the given package name
    trigname # Validates the given trigger name
    archname # Validates the given architecture name
    version # Validates the given version
--compare-versions ver1 op ver2 # Compare  version  numbers,  where op is a binary operator. dpkg returns true (0) if the specified condition is satisfied, and false (1) otherwise
-?, --help # Display a brief help message
--force-help # Give help about the --force-thing options
-Dh, --debug=help # Give help about debugging options
--version # Display dpkg version information
dpkg-deb actions # See dpkg-deb(1) for more information about the following actions
    -b, --build directory [archive|directory] # Build a deb package
    -c, --contents archive # List contents of a deb package
    -e, --control archive [directory] # Extract control-information from a package
    -x, --extract archive directory # Extract the files contained by package
    -X, --vextract archive directory # Extract and display the filenames contained by a
      package
    -f, --field  archive [control-field...]Display control field(s) of a package
    --ctrl-tarfile archiveOutput the control tar-file contained in a Debian package
    --fsys-tarfile archiveOutput the filesystem tar-file contained by a Debian package
    -I, --info archive [control-file...]Show information about a package
dpkg-query actions # See dpkg-query(1) for more information about the following actions
    -l, --list package-name-pattern... # List packages matching given pattern
    -s, --status package-name... # Report status of specified package
    -L, --listfiles package-name... # List files installed to your system from package-name
    -S, --search filename-search-pattern... # Search for a filename from installed packages
    -p, --print-avail package-name... # Display details about package-name, as found in /var/lib/dpkg/available. Users of APT-based frontends should use apt-cache show package-name instead

OPTIONS

--abort-after=number # Change after how many errors dpkg will abort. The default is 50
-B, --auto-deconfigure # When a package is removed, there is a possibility that another installed package depended on the removed package
-Doctal, --debug=octal # Switch debugging on
--force-things
--no-force-things, --refuse-things # Force or refuse (no-force and refuse mean the same thing) to do some things
--ignore-depends=package,... # Ignore dependency-checking for specified packages
--no-act, --dry-run, --simulate # Do everything which is supposed to be done, but don't write any changes
-R, --recursive # Recursively handle all regular files matching pattern *.deb found at specified directories and all of its subdirectories
-G # Don't install a package if a newer version of the same package is already installed. This is an alias of --refuse-downgrade
--admindir=dir # Change default administrative directory, which contains many files that give information about status of installed or uninstalled packages, etc
--instdir=dir # Change default installation directory which refers to the directory where packages are to be installed
--root=dir # Changing root changes instdir to «dir» and admindir to «dir/var/lib/dpkg»
-O, --selected-only # Only process the packages that are selected for installation
-E, --skip-same-version # Don't install the package if the same version of the package is already installed
--pre-invoke=command
--post-invoke=command # Set an invoke hook command to be run via “sh -c” before or after the dpkg run for the unpack, configure,  install,  triggers-only,  remove,  purge,  add-architecture  and  remove-architecture  dpkg  actions
--path-exclude=glob-pattern
--path-include=glob-pattern # Set glob-pattern as a path filter, either by excluding or re-including previously excluded paths matching the specified patterns during install
--verify-format format-name # Sets the output format for the --verify command
--status-fd n # Send machine-readable package status and progress information to file descriptor n
--status-logger=command # Send machine-readable package status and progress information to the shell command s standard input, to be run via “sh -c”
--log=filename #  # Log status change updates and actions to filename, instead of the default /var/log/dpkg.log
--no-debsig # Do not try to verify package signatures
--no-triggers # Do  not  run  any  triggers  in  this run
--triggers # Cancels a previous --no-triggers

bash · debian · dpkg · ubuntu

Tue Feb 25 08:51:14 2020 · permalink

http://code.ambau.ovh/snippets/dpkg.html

grub

GRUB COMMAND

press 'c' while launching to interrupt grub launching and entre in grub command

CHANGE GRUB DISPLAY RESOLUTION

vbeinfo # list available resolutions

modify in /etc/default/grub (ex: 800x600)

GRUB_GFXMODE=$resolution

CLEAR SECTOR 32

dd if=/dev/zero of=/dev/sda bs=512 count=1 seek=32
grub-install $device

USB3 MSI GAMING

add in /etc/default/grub

GRUB_CMDLINE_LINUX="iommu=soft"

LXD

/etc/default/grub

GRUB_CMDLINE_LINUX="... systemd.unified_cgroup_hierarchy=0

GRUB_TIMEOUT

Modify set timeout for choosed value in /boot/grub/grub.cfg

if [ "$recordfail_broken" = 1 ]; then
    cat << EOF
    if [ \$grub_platform = efi ]; then
        set timeout=${GRUB_RECORDFAIL_TIMEOUT:-30}
        if [ x\$feature_timeout_style = xy ] ; then
            set timeout_style=menu
        fi
    fi
    EOF
fi

MANJARO

OS real name for btrfs

file="/etc/grub.d/30_os-prober"
file_keep="$file.keep$(date +%s)"
if ! grep -q 'LONGNAME="${LONGNAME} ${BTRFSsubvol/#subvol=/}"' "$file"; then
    sudo cp -a "$file" "$file.keep$(date +%s)" && sudo chmod -x "$file_keep"
    sudo sed -i "/LONGNAME=\"\${LABEL}\"/ a\  else\n    LONGNAME=\"\${LONGNAME} \${BTRFSsubvol/#subvol=/}\"" "$file"
    sudo update-grub
fi

UBUNTU 18.04

Remove error in startup log : systemd-backlight@backlight:acpi_video0.service, add in /etc/default/grub

acpi_osi='!Windows 2012' 
acpi_backlight=vendor in GRUB_CMDLINE_LINUX_DEFAULT  in /etc/default/grub

BOOT ENTRY

https://linux.die.net/man/8/efibootmgr

efibootmgr

efibootmgr # list all boot entries
-v # list all boot entries with details
-B -b XXXX # delete boot entry number XXXX

example for 970g

efibootmgr -c -g -d /dev/sda1 -p 1 -w -L 'Manjaro' -l '\EFI\Manjaro\grubx64.efi'
efibootmgr -c -g -d /dev/sda1 -p 1 -w -L 'ubuntu' -l '\EFI\ubuntu\shimx64.efi'
efibootmgr -c -g -d /dev/sda1 -p 1 -w -L 'Windows Boot Manager' -l '\EFI\Microsoft/Boot\bootmgfw.efi'

>>

Timeout: 1 seconds
BootOrder: 0000,0001,0002
Boot0000* Manjaro HD(1,GPT,8e91a305-046d-4e90-8548-efca286325a7,0x800,0x32000)/File(\EFI\Manjaro\grubx64.efi)
Boot0001* ubuntu  HD(1,GPT,8e91a305-046d-4e90-8548-efca286325a7,0x800,0x32000)/File(\EFI\ubuntu\shimx64.efi)
Boot0002* Windows Boot Manager  HD(1,GPT,8e91a305-046d-4e90-8548-efca286325a7,0x800,0x32000)/File(\EFI\Microsoft\Boot\bootmgfw.efi)

bash · boot · linux · manjaro · ubuntu

Thu Oct 31 21:00:25 2019 * · permalink

http://code.ambau.ovh/snippets/grub.html

ubuntu

256colors for nested tmux

20.04

export TERM=xterm-256color

turn off/disable bluetooth device startup

18.04

grep -n DEVICES_TO_DISABLE_ON_STARTUP /etc/default/tlp

auto login

sudo sh -c "echo '
# autologin
[Seat:*]
autologin-session=xubuntu
autologin-user=${USER}
autologin-user-timeout=0' >> /etc/lightdm/lightdm.conf

bash · linux · ubuntu

Sat Oct 5 19:57:03 2019 * · permalink

http://code.ambau.ovh/snippets/ubuntu.html

snap

lets you install, configure, refresh and remove snaps. Snaps are packages that work across many different Linux distributions, enabling secure delivery and operation of the latest apps and utilities

list

list installed package with last revision

snap list
  -all # list installed package with all resions

info

shows detailed information about snaps

snap info <snap>
  --color=[auto|never|always] # Use a little bit of color to highlight some things. (default: auto)
  --unicode=[auto|never|always] # Use a little bit of Unicode to improve legibility. (default: auto)
  --abs-time # Display absolute times (in RFC 3339 format). Otherwise, display relative times up to 60 days, then YYYY-MM-DD
  --verbose # Include more details on the snap (expanded notes, base, etc.)

find

find package with his name

snap find <snap>

remove

remove package with all revisions

sudo snap remove <snap>
 --revision $REV # remove package with for only a revision

purge disabled

snap list --all | grep disabled$ | awk '{ print $1" "$3 }' | xargs -l bash -c 'sudo snap remove $0 --revision $1'

bash · snap · ubuntu

Mon Oct 8 18:18:17 2018 * · permalink

http://code.ambau.ovh/snippets/snap.html

linux - general

GENERAL

user

modify user

mv /etc/lightdm/lightdm.conf /etc/lightdm/lightdm.conf.keep # xubuntu autologin
# reboot / alt+f1 -> root
old=virt
new=foralyse
usermod -l $new $old -d /home/$new -m
#usermod -d /home/$new -m $new
#mv /home/$old /home/$new
groupmod -n $new $old
sed -i "/^$new/ s|$old|$new|" /etc/passwd
sed -i "/^$old/ s|$old|$new|" /etc/subuid
sed -i "/^$old/ s|$old|$new|" /etc/subgid
sed -i "s|/$old/|/$new/|" /home/$new/.config/gtk*/bookmarks
mv /etc/lightdm/lightdm.conf.keep /etc/lightdm/lightdm.conf # xubuntu autologin
sed -i "s|$old|$new|" /etc/lightdm/lightdm.conf # xubuntu autologin
grep $old /etc -r
reboot

color

echo $LS_COLORS # ls colors
~/.dir_colors # file define ls colors

gnome-terminal

Gnome-terminal: unbind F1 & F10, edit preferences

prefertences tab : unselect F10
shorcut tab : in last unselect F1

Launch fews tabs with command

gnome-terminal --tab --tab -e 'ssh-connect ns398616' --tab -e 'ssh-connect ns398616'

autostart

~/.config/autostart # home path
/etc/xdg/autostart # system path
sudo sed -i 's|^\(X-GNOME-Autostart-enabled=\).*$|\1false|' $path.desktop # desactivate system autostart

UPDATE-ALTERNATIVES

update-alternatives creates, removes, maintains and displays information about the symbolic links comprising the Debian alternatives system

update-alternatives [<option> ...] <command>
 --get-selections # get all configuration
 --display $NAME # display information about $NAME group
 --install $LINK $NAME $PATH $PRIORITY  # add an altyernative for a group
 --config $NAME # define the alternative for a group by chosing defined alternatives
 --set $NAME $PATH # set alternative $NAME for a group $PATH

example for sublime:

update-alternatives --get-selections
update-alternatives --display gnome-text-editor
sudo update-alternatives --install /usr/bin/gnome-text-editor gnome-text-editor /usr/bin/sublime-text 100
update-alternatives --display gnome-text-editor
sudo update-alternatives --config gnome-text-editor

MIME type

https://help.ubuntu.com/community/AddingMimeTypes

player

aplay / arecord

sound player & recorder for alsa soundcard driver

paplay

play sound from pulseaudio-utils

bash · gnome · linux · ubuntu

Mon Oct 8 11:57:52 2018 * · permalink

http://code.ambau.ovh/snippets/linux.html

virt-manager

global

install

conf

sublime text

forensic

global

conf

python

binwalk

dependencies

binwalk

regripper

volatility

volatility3

volatility2

wireshark

autopsy

global

java

base64sha

sleuthkit

autopsy

launcher

addons

ReportModules / ForensicExpertWitnessReport

IngestModules / FileHistory

IngestModules / Volatility

system

mongodb

postgresql

guacd

cuckoo

create

cuckoo

auxiliary

kvm

memory

processing

reporting

interface

python

time

windows

pillow

agent

global

python

Requirement

balbuzard

pydeep

m2crypto

volatility

DB

django

postgresql

packages

guacd

tcpdump

mitmproxy

qemu/kvm

thunar

cuckoo

direct

virtualenv

update

system

prepare

grub

init

root

snap

install

forensic

vim

tmux

thunar

qt5

plank

sublimetext