I needed to get a listing of all staff available to email our Dynamic Distribution Group, but in the output it only included 16 records, but I knew there were a lot more. It appears that there is a limit of 16 and you can see the limit by entering in and then modify it…
Category: Technology
Technology related items
Counting AD Items
Many times I simply need the number of people in an AD group. There are two ways of doing this (and probably a lot more) that I have done this. One way is to define an object and then assign the output of getting the members from a group to the object, and then getting…
Finding AD Groups
Need to find an AD Group but not sure of the name. The -Filter options comes in handy. Thus to find a group that has the name VPN in it, simply do the following:
JQ Searching for X.509 Certs
When parsing through bro log files, the bro-cut command was simple. But now that files are being written in JSON format, it ain’t so easy. At least for me, as I can’t find any good resources yet on querying these files. But I have found a work around. So this is the example. I want…
IPMI Finding the IP
If you are ever in need of finding the management cards IP address on a Linux box and have access to the OS, you can simply get it by running Of course, you need to run this with elevated privledges.
Windows Hash Utility
Linux has some cool tools for getting file hashes like md5sum and sha1sum, but Windows 7 and 10 has “certutil”. It is easy to use with simply running So a simple example to run it on the file notepad.exe located in C:\Windows\System32, would be For the hash algorithms, you have your choice of MD2-4, SHA1,…
Accessing Admin Shares with Local Account
I was attempting to access some admin shares on a machine, using a local administrator account as I did not want to use a domain account. Seems I was getting access denied even though the user is in the local administrators group. It appears that there is an UAC enforcement to prevent local admins from…
Security Onion – Out of Space
Running an instance of Security Onion, that originally started as the 14.05 version, but has been getting updates throught “sudo soup”. After running several months, I started to only have PCAPs for a couple of days, then only for 2 days, then for only the current day, then only for a short period before current…
View Wireless Password Via Powershell
will list all the profiles and then run to get info, including the password stored in the “Key Content” section of security settings. It also has a number of other interesting items to be found here. However it will NOT show the password for an SSID using Radius. The following is an example output:
Batch Delete Files with Powershell
Had to delete a bunch of old files sitting in a directory, with files going back to 2013. Running returned there were 165,880 files in there. This many files makes it difficult to use explorer to sort and delete, so powershell is where I turned. Running showed me I had files going all the way…