Cloud DevOps Engineer ( Raj Gupta)

Thursday, 5 October 2023

How to prints out the environment variables within each pod of k8s

for pod in $(kubectl get po --all-namespaces --output=jsonpath={.items..metadata.name}); do namespace=$(kubectl get po --all-namespaces --field-selector=metadata.name=$pod --output=jsonpath={.items..metadata.namespace}); echo "Pod: $pod (Namespace: $namespace)"; kubectl exec -it -n $namespace $pod -- env; done

Wednesday, 4 October 2023

Count the occurrences of each unique image in k8s cluster

kubectl get pods --all-namespaces -o jsonpath="{..image}" |tr -s '[[:space:]]' '\n' |sort |uniq -c

Monday, 2 October 2023

Copying files to pod using kubectl

Copying files to pod using kubectl

-----

controlplane ~ ➜ kubectl get pods

NAME READY STATUS RESTARTS AGE

nginx 1/1 Running 0 39s

-----

controlplane ~ ➜ kubectl exec -it nginx /bin/bash

kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.

----

root@nginx:/# ls

bin dev docker-entrypoint.sh home lib32 libx32 mnt proc run srv tmp var

boot docker-entrypoint.d etc lib lib64 media opt root sbin sys usr

----

root@nginx:/# mkdir raj

root@nginx:/# ls

bin dev docker-entrypoint.sh home lib32 libx32 mnt proc root sbin sys usr

boot docker-entrypoint.d etc lib lib64 media opt raj run srv tmp var

----

root@nginx:/# cd raj/

root@nginx:/raj# pwd

/raj

root@nginx:/raj# exit

exit

----

controlplane ~ ➜ ls

sample.yaml

----

controlplane ~ ➜ kubectl cp sample.yaml nginx:/raj

----

controlplane ~ ➜ kubectl exec -it nginx /bin/bash

kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.

----

root@nginx:/# cd raj/

root@nginx:/raj# ls

sample.yaml

----

Resource types in Kubernetes

Below command will provide you resource type

kubectl api-resource

If namespaced column are:-
namespaced=true # All namespaced resources namespaced=false # All non-namespaced resources means cluster resources

kubectl api-resources --namespaced=true

kubectl api-resources --namespaced=false

Friday, 27 March 2020

What is API Gateway

API Gateway acts as a "front door" for applications to access data, business logic, or functionality from your backend services, such as workloads running on Amazon Elastic Compute Cloud (Amazon EC2), code running on AWS Lambda, any web application, or real-time communication applications.

1. Use API Gateway to Create HTTP APIs

HTTP APIs enable you to create RESTful APIs with lower latency and lower cost than REST APIs.You can use HTTP APIs to send requests to AWS Lambda functions or to any publicly routable HTTP endpoint.

For example, you can create an HTTP API that integrates with a Lambda function on the backend. When a client calls your API, API Gateway sends the request to the Lambda function and returns the function's response to the client

2. Use API Gateway to Create REST APIs

An API Gateway REST API is made up of resources and methods. A resource is a logical entity that an app can access through a resource path.A method corresponds to a REST API request that is submitted by the user of your API and the response returned to the user

3. Use API Gateway to Create WebSocket APIs

In a WebSocket API, the client and the server can both send messages to each other at any time. Backend servers can easily push data to connected users and devices, avoiding the need to implement complex polling mechanisms

Wednesday, 12 February 2020

How to avoid charged for customer master keys (CMKs) by Raj Gupta

Customer master keys (CMKs) are used with the AWS Key Management Service (AWS KMS).You are billed for all active or disabled CMKs on your account.

To see a list of the CMKs on your account, choose Customer managed keys in the AWS KMS console. To stop the charges for the CMK delete the CMK.

Note:- you need to schedule the deletion of CMKs once you schedule for deletion then you are not going to charge but if you cancel the deletion schedule before deletion of key then it will again charge you.

Any services that you configured that use the CMK as part of their function will be affected if you are going to delete the CMKs.

schedule period :- Min:- 7 days to Max:- 30 days, default period is 30 days

Friday, 24 January 2020

How do we troubleshoot SMTP connectivity or timeout issues with Amazon SES

My Amazon Simple Email Service (Amazon SES) Simple Mail Transfer Protocol (SMTP) is timing out. How do I resolve SMTP connectivity or timeout errors with Amazon SES?

Run telnet or netcat (nc) commands, similar to the following:

telnet email-smtp.us-east-1.amazonaws.com 587 telnet email-smtp.us-east-1.amazonaws.com 25 telnet email-smtp.us-east-1.amazonaws.com 465

nc -vz email-smtp.us-east-1.amazonaws.com 587 nc -vz email-smtp.us-east-1.amazonaws.com 25 nc -vz email-smtp.us-east-1.amazonaws.com 465

Note the output. For example, if the connection is successful, then the telnet command returns an output similar to the following:

Trying 35.170.126.22... Connected to email-smtp.us-east-1.amazonaws.com. Escape character is '^]'. 220 email-smtp.amazonaws.com ESMTP SimpleEmailService-d-A12BCD3EF example0mJncW410pSau

If the connection times out, then the telnet command returns an output similar to the following:

Trying 18.232.32.150... telnet: connect to address 18.232.32.150: Connection timed out

If the connection times out, confirm that your local firewall rules, routes, and access control lists (ACLs) allow traffic on the SMTP port that you're using. Additionally, confirm that your sending application has access to the internet.

For example, if you're using an Amazon Elastic Compute Cloud (Amazon EC2) instance to send emails and connect to the SMTP endpoint, then check the following:

Be sure that the security group outbound (egress) rules allow traffic to the SMTP server on TCP port 25, 587, or 465.
Be sure that the network ACL outbound (egress) rules allow traffic to the SMTP server on TCP port 25. Additionally, confirm that network ACL inbound (ingress) rules allow traffic from the SMTP server on TCP ports 1024-65535.
Be sure that the EC2 instance has internet connectivity.

Note: By default, Amazon EC2 throttles traffic on SMTP port 25 for all instances. If you continue to receive timeout errors using SMTP port 25, you can request that the throttle be removed. Or, you can change the port that's used for sending emails. For example, you can use port 587 instead.

Monday, 20 January 2020

How to configure SMTP IAM User Account by using AWS SES By Raj Gupta

This is highly scalable and cost-effective bulk and transactional email-sending service for businesses and developers.

Log into the AWS Management Console.
In the SES tab, select SMTP Settings and click on Create a New SMTP User.
Use the default User Name or edit this name and click Create.
Copy your credentials or click on Download Credentials.
Use these credentials with the settings in SMTP Settings to configure your program or system to send through the Amazon SES SMTP interface.

Wednesday, 13 November 2019

How to make graphical mode of Kali linux by Raj Gupta

[root@ip-172-31-18-8 ~]# apt-get install tightvncserver
[root@ip-172-31-18-8 ~]# apt-get install xrdp
[root@ip-172-31-18-8 ~]# systemctl start xrdp
[root@ip-172-31-18-8 ~]# netstat -antup | grep xrdp
tcp 0 0 127.0.0.1:3350 0.0.0.0:* LISTEN 6324/xrdp-sesman
tcp 0 0 0.0.0.0:3389 0.0.0.0:* LISTEN 6325/xrdp
[root@ip-172-31-18-8 ~]# systemctl enable xrdp
[root@ip-172-31-18-8 ~]# passwd ----set the password for root

Tuesday, 12 November 2019

Active information gathering and port scanning by Raj Gupta

Metasploitable :- Metasploitable is an intentionally vulnerable Linux virtual machine that can be used to conduct security training, test security tools, and practice common penetration testing techniques. The VM will run on any recent VMware products and other visualization technologies such as VirtualBox.

https://information.rapid7.com/metasploit-framework.html

username: msfadmin
password: msfadmin

--------------------------------------------------------------------------------------------------------------------------

Nmap: -

root@kali:~# nmap

nmap -v -A scanme.nmap.org
nmap -v -sn 192.168.0.0/16 10.0.0.0/8
nmap -v -iR 10000 -Pn -p 80

nmap -p 1-65535 192.168.8.2

nmap -Pn 192.168.1.9

nmap -sT 192.168.1.9

nmap -sS 192.168.1.9 By using this less chance to catch by other

nmap -sU 192.168.1.9 UDP scan

If request is blocked then to send the acknowledgement to scan the other machine use below

root@kali:~# nmap -sA 172.31.86.179
Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-12 08:21 UTC
Nmap scan report for ip-172-31-86-179.ec2.internal (172.31.86.179)
Host is up (0.0014s latency).
All 1000 scanned ports on ip-172-31-86-179.ec2.internal (172.31.86.179) are unfiltered
MAC Address: 12:74:AD:24:21:51 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 0.70 seconds

If only a particular port are open for to accept request then use below

root@kali:~# nmap --source-port 80 172.31.86.179
Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-12 08:25 UTC
Nmap scan report for ip-172-31-86-179.ec2.internal (172.31.86.179)
Host is up (0.0011s latency).
Not shown: 997 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
111/tcp open rpcbind
MAC Address: 12:74:AD:24:21:51 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 0.10 seconds
root@kali:~#

nmap --data-length 50 172.31.86.179 To set packet size

nmap --spoof-mac 22:33:44:55:66:77 172.31.86.179 To hide our mac address

-----------------------------------------------------------------------------------------------------------------------

Zenmap it is graphical interface of Nmap

we can do same thing in GUI mode

--------------------------------------------------------------------------------------------------------------------

Using Nmap scripts:-

root@kali:~# cd /usr/share/nmap/
root@kali:/usr/share/nmap# ls
nmap.dtd nmap-mac-prefixes nmap-os-db nmap-payloads nmap-protocols nmap-rpc nmap-service-probes nmap-services nmap.xsl nselib nse_main.lua scripts
root@kali:/usr/share/nmap# cd scripts/
root@kali:/usr/share/nmap/scripts# ls
root@kali:/usr/share/nmap/scripts# ls | grep ssh

root@kali:/usr/share/nmap/scripts# nmap --script=ssh-brute.nse 172.31.86.179

root@kali:/usr/share/nmap/scripts# nmap --script=ssh-hostkey.nse 172.31.86.179

-------------------------------------------------------------------------------------

https://github.com/scipag/vulscan

root@kali:~# git clone https://github.com/scipag/vulscan.git

https://github.com/vulnersCom/nmap-vulners

root@kali:~# git clone https://github.com/vulnersCom/nmap-vulners.git

root@kali:~# ls

Desktop Documents Downloads Music nmap-vulners Pictures Public Templates Videos vulscan

root@kali:~# mkdir nmapscripts

root@kali:~# ls

Desktop Documents Downloads Music nmapscripts nmap-vulners Pictures Public Templates Videos vulscan

root@kali:~# mv vulscan/ nmapscripts/

root@kali:~# mv nmap-vulners/ nmapscripts/

root@kali:~# ls

Desktop Documents Downloads Music nmapscripts Pictures Public Templates Videos

root@kali:~#

root@kali:~# ls

Desktop Documents Downloads Music nmapscripts Pictures Public Templates Videos

root@kali:~# cd nmapscripts/

root@kali:~/nmapscripts# ls

nmap-vulners vulscan

root@kali:~/nmapscripts# ls

nmap-vulners vulscan

root@kali:~/nmapscripts# nmap --script vulscan,nmap-vulners -sV 172.31.86.179

-------------------------------------------------------------------------------------------------------------------

amap:- This is same as nmap tool

Monday, 11 November 2019

Passive information gathering and footprinting by Raj

---------------------------------------------------------------------------------------------------------------------

Google Hacking Database :- In the GHDB, you will find search terms for files containing usernames, vulnerable servers, and even files containing passwords.

https://www.exploit-db.com/google-hacking-database

inurl: "index.php?id="

----------------------------------------------------------------------------------------------------------------
Nikto :- This will give information about server on which web application is running

This will give
nikto -e 1 -h 172.31.93.23
nikto -h 172.31.93.23 -p 80

root@kali:~# nikto -e 1 -h 52.23.205.52
- Nikto v2.1.6
---------------------------------------------------------------------------
+ Target IP: 52.23.205.52
+ Target Hostname: 52.23.205.52
+ Target Port: 80
+ Using Encoding: Random URI encoding (non-UTF8)
+ Start Time: 2019-11-11 08:47:00 (GMT0)
---------------------------------------------------------------------------
+ Server: Apache/2.2.34 (Amazon)
+ The anti-clickjacking X-Frame-Options header is not present.
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ Server may leak inodes via ETags, header found with file /, inode: 394812, size: 38, mtime: Mon Nov 11 07:57:20 2019
+ Apache/2.2.34 appears to be outdated (current is at least Apache/2.4.37). Apache 2.2.34 is the EOL for the 2.x branch.
+ Allowed HTTP Methods: POST, OPTIONS, GET, HEAD
+ OSVDB-3268: /icons/: Directory indexing found.
+ OSVDB-3268: /icons/: Directory indexing found.
+ 7888 requests: 0 error(s) and 8 item(s) reported on remote host
+ End Time: 2019-11-11 08:47:15 (GMT0) (15 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested

------------------------------------------------------------------------------------------------------------------

whois :-

whois cnn.com --- This give information about the domain

Domain Name: CNN.COM
Registry Domain ID: 3269879_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.corporatedomains.com
Registrar URL: http://www.cscglobal.com/global/web/csc/digital-brand-services.html
Updated Date: 2018-04-10T16:43:38Z
Creation Date: 1993-09-22T04:00:00Z
Registry Expiry Date: 2026-09-21T04:00:00Z
Registrar: CSC Corporate Domains, Inc.
Registrar IANA ID: 299
Registrar Abuse Contact Email: domainabuse@cscglobal.com
Registrar Abuse Contact Phone: 8887802723
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Domain Status: serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited
Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
Domain Status: serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited
Name Server: NS-1086.AWSDNS-07.ORG
Name Server: NS-1630.AWSDNS-11.CO.UK
Name Server: NS-47.AWSDNS-05.COM
Name Server: NS-576.AWSDNS-08.NET
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: h

and many more

----------------------------------------------------------------------------------------------------------------

Harvester :-

root@kali:/usr/share/theharvester# ./theHarvester.py -d microsoft.com -l 500 -b google ----This will give all the list of URL address with ip of application server

Like below

cloudblogs.microsoft.com:107.154.103.97
compass-ssl.microsoft.com:104.106.190.130
devblogs.microsoft.com:104.81.164.97
ds.microsoft.com:204.79.197.219
msdn.microsoft.com:104.108.116.12
msrc-blog.microsoft.com:40.122.65.162
news.microsoft.com:192.237.225.141
schemas.microsoft.com:104.108.119.185
support.microsoft.com:184.28.88.173
techcommunity.microsoft.com:208.74.205.202
www.microsoft.com:23.66.102.27

--------------------------------------------------------------------------------------------------------------

Shodan :- Shodan is a search engine that lets the user find specific types of computers connected to the internet using a variety of filters.

https://www.shodan.io/

To get router IP address

root@kali:~# netstat -nr

Kernel IP routing table

Destination Gateway Genmask Flags MSS Window irtt Iface

0.0.0.0 172.31.80.1 0.0.0.0 UG 0 0 0 eth0

172.31.80.0 0.0.0.0 255.255.240.0 U 0 0 0 eth0

root@kali:~#

-------------------------------------------------------------------------------------------------------------------------

DNS Zone transfers with Dig :-

root@kali:~# dig axfr facebook.com @A.NS.FACEBOOK.COM

; <<>> DiG 9.11.5-P4-5.1+b1-Debian <<>> axfr facebook.com @A.NS.FACEBOOK.COM

;; global options: +cmd

facebook.com. 3600 IN SOA a.ns.facebook.com. dns.facebook.com. 1573464454 14400 1800 604800 300

; Transfer failed.

root@kali:~#

root@kali:~# dig google.com

; <<>> DiG 9.11.5-P4-5.1+b1-Debian <<>> google.com

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34527

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 4096

;; QUESTION SECTION:

;google.com. IN A

;; ANSWER SECTION:

google.com. 60 IN A 172.217.15.78

;; Query time: 2 msec

;; SERVER: 172.31.0.2#53(172.31.0.2)

;; WHEN: Mon Nov 11 09:25:09 UTC 2019

;; MSG SIZE rcvd: 55

----------------------------------------------------------------------------------------------------------------------

dnsenum :- is same kind of dig tool but it will give more information

root@kali:~# dnsenum google.com

Smartmatch is experimental at /usr/bin/dnsenum line 698.

dnsenum VERSION:1.2.4

----- google.com -----

Host's addresses:

__________________

google.com. 60 IN A 172.217.12.238

Name Servers:

______________

ns4.google.com. 60 IN A 216.239.38.10

ns1.google.com. 60 IN A 216.239.32.10

ns2.google.com. 60 IN A 216.239.34.10

ns3.google.com. 60 IN A 216.239.36.10

Mail (MX) Servers:

___________________

alt2.aspmx.l.google.com. 60 IN A 209.85.202.26

alt3.aspmx.l.google.com. 45 IN A 172.253.120.26

alt4.aspmx.l.google.com. 60 IN A 172.217.218.27

aspmx.l.google.com. 60 IN A 172.217.197.26

alt1.aspmx.l.google.com. 60 IN A 64.233.186.27

Trying Zone Transfers and getting Bind Versions:

_________________________________________________

Trying Zone Transfer for google.com on ns4.google.com ...

AXFR record query failed: corrupt packet

Trying Zone Transfer for google.com on ns1.google.com ...

AXFR record query failed: corrupt packet

Trying Zone Transfer for google.com on ns2.google.com ...

AXFR record query failed: corrupt packet

Trying Zone Transfer for google.com on ns3.google.com ...

AXFR record query failed: corrupt packet

brute force file not specified, bay.

root@kali:~#

Wednesday, 25 September 2019

Cognito and API

exports.handler = (event, context, callback) => {
const token = event.authorizationToken;
//Use token
if (token == 'allow') {
const policy = genPolicy('allow', event.methodArn);
const principalId = 'aflaf78fd7afalnv';
const context = {
simpleAuth: true
};
const response = {
principalId: principalId,
policyDocument: policy,
context: context
};
callback(null, response);
} else if (token == 'deny') {
const policy = genPolicy('deny', event.methodArn);
const principalId = 'aflaf78fd7afalnv';
const context = {
simpleAuth: true
};
const response = {
principalId: principalId,
policyDocument: policy,
context: context
};
callback(null, response);
} else {
callback('Unauthorized');
}

};

function genPolicy(effect, resource) {
const policy = {};
policy.Version = '2012-10-17';
policy.Statement = [];
const stmt = {};
stmt.Action = 'execute-api:Invoke';
stmt.Effect = effect;
stmt.Resource = resource;
policy.Statement.push(stmt);
return policy;
}

------------------------------------------------------------------------------------

var xhr = new XMLHttpRequest();

xhr.open('DELETE', 'https://ktl8ycz4w8.execute-api.us-east-1.amazonaws.com/dev/compare-yourself');

xhr.onreadystatechange = function(event) {

console.log(JSON.parse(event.target.response));

}

xhr.setRequestHeader('Content-Type', 'application/json');

xhr.setRequestHeader('Authorization', 'allow');

xhr.send(JSON.stringify({age: 29, height: 73, income: 1900}));

-------------------------------------------------------------------------------------------------------

#set($inputRoot = $input.path('$'))

{

"age" : "$inputRoot.age",

"height": "$inputRoot.height",

"income": "$inputRoot.income",

"userId": "$context.authorizer.principalId"

}

----------------------------------------------------------------------------------------

const AWS = require('aws-sdk');

const dynamodb = new AWS.DynamoDB({region: 'us-east-1', apiVersion: '2012-08-10'});

exports.handler = (event, context, callback) => {

const params = {

Item: {

"UserId": {

S: event.userId

"Age": {

N: event.age

"Height": {

N: event.height

"Income": {

N: event.income

}

TableName: "compare-yourself"

};

dynamodb.putItem(params, function(err, data) {

if (err) {

console.log(err);

callback(err);

} else {

console.log(data);

callback(null, data);

}

});

};

---------------------------------------------------------------------------------------

Tuesday, 24 September 2019

AWS Serverless APIs & Apps

exports.handler = (event, context, callback) => {
// TODO implement
callback(null, {message: 'Hi, I\m Raj'});
};

-------------------------------------------------------------------------------------------------------------------

https://codepen.io/pen/?editors=0010

var xhr = new XMLHttpRequest();
xhr.open('POST', 'https://ktl8ycz4w8.execute-api.us-east-1.amazonaws.com/dev/compare-yourself');
xhr.onreadystatechange = function(event) {
console.log(event.target.response);
}
xhr.send();

---------------------------------------------------------------------------------------------------------------------

exports.handler = (event, context, callback) => {
// TODO implement
callback(null, event);
};

-----------------------------------------------------------------------------------------------------------

{

"name": "Raj Kumar Gupta",

"age": 28

}

------------------------------------------------------------------------------------------

exports.handler = (event, context, callback) => {

// TODO implement

callback(null, {headers: {'Control-Access-Allow-Origin': '*'}});

};

---------------------------------------------------------------------------------------------------------

exports.handler = (event, context, callback) => {

console.log(event);

callback(null, {headers: {'Control-Access-Allow-Origin': '*'}});

};

----------------------------------------------------------------------------------------------------

exports.handler = (event, context, callback) => {
console.log(event);
const age = event.personData.age;
callback(null, age * 2);
};

------------------------------------------------------------------------------------------------------------------

{
"personData": {
"name": "Raj Kumar Gupta",
"age": 28
}

}

-----------------------------------------------------------------------------------------------

{
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "CompareData",
"type": "object",
"properties": {
"age": {"type": "integer"},
"height": {"type": "integer"},
"income": {"type": "integer"}
},
"required": ["age", "height", "income"]
}

--------------------------------------------------------------------------------------

{
"age": 28,
"height": 72,
"income": 2500
}

-------------------------------------------------------------------------------------------------------

exports.handler = (event, context, callback) => {
// TODO implement
callback(null, 'Deleted!');
};

-----------------------------------------------------------------------------------------------------------------

exports.handler = (event, context, callback) => {
const type = event.type;
if (type == 'all') {
callback(null, 'All the data');
} else if (type == 'single') {
callback(null, 'Just my data');
} else {
callback(null, 'Hello from Lambda');
}
};

------------------------------------------------------------------------------------------------------

{
"type": "$input.params('type')"
}

-----------------------------------------------------------