Here’s a write-up for Task 10 and 12 in Room https://tryhackme.com/room/linprivesc The other tasks in the same room have intensive instructions which are relatively easy to follow. Task 10 was slightly more confusing. Task 12 is a challenge question with no instructions. Therefore I’ll only write for these tasks. Task…

Logging plays an essential part of software applications. With well-written logs, it’s easy to retrieve event history, and speed up troubleshooting. Most devs tend to keep logs in the source code directory, which is fine if they are set to rotate off eventually. …

I have been using Graylog (community edition) for many years. The backend of Graylog is Elasticsearch DB, which stores the logs. Here are some Prometheus alerts to monitor Elasticsearch clusters, and some useful troubleshooting commands. Monitor Elasticsearch with Prometheus This shall not be confused with ‘collecting Prometheus data with Elasticsearch’…

Most people who are familiar *nix systems use top to take a look at what’s going on in the system. Here are just some handy commands. Display each CPU’s usage top then press shift+i then press 1 If you have an application supporting multi-core but you see only 1 core…

In Python 2 with the python-ldap library, it worked fine over LDAPs installed with a self-signed certificate (by setting ldap.OPT_X_TLS_NEVER). When the application was upgraded to Python 3, the LDAPs integration ceased to work with the following error: ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []} To look…