diff --git a/_snippets/premix-cta.md b/_snippets/premix-cta.md index 76c43d2..afc231d 100644 --- a/_snippets/premix-cta.md +++ b/_snippets/premix-cta.md @@ -1,4 +1,4 @@ -!!! tip inline end +!!! tip I automatically and **instantly** share (_with my [sponsors](https://github.com/sponsors/funkypenguin)_) a private "[_premix_](https://geek-cookbook.funkypenguin.co.nz/premix/)" git repository, which includes necessary docker-compose and env files for all published recipes. This means that sponsors can launch any recipe with just a `git pull` and a `docker stack deploy` 👍. 🚀 **Update**: Premix now includes an ansible playbook, so that sponsors can deploy an entire stack + recipes, with a single ansible command! (*more [here](https://geek-cookbook.funkypenguin.co.nz/premix/ansible/operation/)*) \ No newline at end of file diff --git a/manuscript/CHANGELOG.md b/manuscript/CHANGELOG.md index 2f55a5a..49e05a5 100644 --- a/manuscript/CHANGELOG.md +++ b/manuscript/CHANGELOG.md @@ -8,6 +8,7 @@ hide: Recipe | Description | Date -----------------------------------|-------------------------------------------------------------------------------------|-------------- +[CyberChef](/recipes/cyberchef/) | A web-based collection of useful tools for INFOSEC work, by the [GCHQ](https://en.wikipedia.org/wiki/GCHQ) | _19 Jan 2021_ [Linx](/recipes/linx/) | Quickly and securely share media/files with optional password-protection and expiry | _13 Jan 2021_ [Komga](/recipes/komga/) | Beautiful interface to manage and enjoy your comics / graphic novels | _5 Jan 2021_ [Photoprism](/recipes/photoprism/) | Self-hosted photo-management app incorporating automated tagging using Tensorflow | _6 Aug 2020_ diff --git a/manuscript/images/common_observatory.png b/manuscript/images/common_observatory.png deleted file mode 100644 index cc466f8..0000000 Binary files a/manuscript/images/common_observatory.png and /dev/null differ diff --git a/manuscript/images/cryptominer.png b/manuscript/images/cryptominer.png deleted file mode 100644 index f2a7f75..0000000 Binary files a/manuscript/images/cryptominer.png and /dev/null differ diff --git a/manuscript/images/cryptominer_alarm.png b/manuscript/images/cryptominer_alarm.png deleted file mode 100644 index af71d1a..0000000 Binary files a/manuscript/images/cryptominer_alarm.png and /dev/null differ diff --git a/manuscript/images/cryptominer_grafana.png b/manuscript/images/cryptominer_grafana.png deleted file mode 100644 index e3c9b67..0000000 Binary files a/manuscript/images/cryptominer_grafana.png and /dev/null differ diff --git a/manuscript/images/cryptonote-mining-pool.png b/manuscript/images/cryptonote-mining-pool.png deleted file mode 100644 index 5836d9c..0000000 Binary files a/manuscript/images/cryptonote-mining-pool.png and /dev/null differ diff --git a/manuscript/images/cyberchef.png b/manuscript/images/cyberchef.png new file mode 100644 index 0000000..f71de1c Binary files /dev/null and b/manuscript/images/cyberchef.png differ diff --git a/manuscript/recipes/cyberchef.md b/manuscript/recipes/cyberchef.md new file mode 100644 index 0000000..448d71c --- /dev/null +++ b/manuscript/recipes/cyberchef.md @@ -0,0 +1,77 @@ +# CyberChef + +Are you a [l33t h@x0r](https://en.wikipedia.org/wiki/Hackers_(film))? Do you need the right tools at your fingertips to support your [#masterhacker](https://reddit.com/r/masterhacker) skillz? Look no further than CyberChef, lovingly baked for you by your friends at GHCQ[^1]! + +[^1]: [Government Communications Headquarters](https://en.wikipedia.org/wiki/GCHQ), commonly known as GCHQ, is an intelligence and security organisation responsible for providing signals intelligence and information assurance to the government and armed forces of the United Kingdom + +![CyberChef Screenshot](../images/cyberchef.png) + +[CyberChef](https://github.com/gchq/CyberChef) is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data, calculating hashes and checksums, IPv6 and X.509 parsing, changing character encodings, and much more. + +Here are some examples of fancy hax0r tricks you can do with CyberChef: + + - [Decode a Base64-encoded string][2] + - [Decrypt and disassemble shellcode][6] + - [Perform AES decryption, extracting the IV from the beginning of the cipher stream][10] + - [Automagically detect several layers of nested encoding][12] + +Here's a [live demo](https://gchq.github.io/CyberChef)! + +## Ingredients + +!!! summary "Ingredients" + Already deployed: + + * [X] [Docker swarm cluster](/ha-docker-swarm/design/) with [persistent shared storage](/ha-docker-swarm/shared-storage-ceph.md) + * [X] [Traefik](/ha-docker-swarm/traefik) configured per design + * [X] DNS entry for the hostname you intend to use (*or a wildcard*), pointed to your [keepalived](/ha-docker-swarm/keepalived/) IP + + +## Preparation + +### Setup Docker Swarm + +CyberChef doesn't require any persistent storage, or fancy configuration, so simply create a docker swarm config file in docker-compose syntax (v3), something like this: + +--8<-- "premix-cta.md" + +``` +version: "3.2" # https://docs.docker.com/compose/compose-file/compose-versioning/#version-3 + +services: + cyberchef: + image: mpepping/cyberchef + deploy: + labels: + # traefik + - traefik.enable=true + - traefik.docker.network=traefik_public + + # traefikv1 + - traefik.frontend.rule=Host:cyberchef.example.com + - traefik.port=8000 + + # traefikv2 + - "traefik.http.routers.cyberchef.rule=Host(`cyberchef.example.com`)" + - "traefik.http.routers.cyberchef.entrypoints=https" + - "traefik.http.services.cyberchef.loadbalancer.server.port=8000" + networks: + - traefik_public + +networks: + traefik_public: + external: true +``` + +## Serving + +### Cyber the Chef! + +Launch your CyberChef stack by running ```docker stack deploy cyberchef -c ```, and then visit the URL you chose to begin the hackery! + +--8<-- "recipe-footer.md" + + [2]: https://gchq.github.io/CyberChef/#recipe=From_Base64('A-Za-z0-9%2B/%3D',true)&input=VTI4Z2JHOXVaeUJoYm1RZ2RHaGhibXR6SUdadmNpQmhiR3dnZEdobElHWnBjMmd1 + [6]: https://gchq.github.io/CyberChef/#recipe=RC4(%7B'option':'UTF8','string':'secret'%7D,'Hex','Hex')Disassemble_x86('64','Full%20x86%20architecture',16,0,true,true)&input=MjFkZGQyNTQwMTYwZWU2NWZlMDc3NzEwM2YyYTM5ZmJlNWJjYjZhYTBhYWJkNDE0ZjkwYzZjYWY1MzEyNzU0YWY3NzRiNzZiM2JiY2QxOTNjYjNkZGZkYmM1YTI2NTMzYTY4NmI1OWI4ZmVkNGQzODBkNDc0NDIwMWFlYzIwNDA1MDcxMzhlMmZlMmIzOTUwNDQ2ZGIzMWQyYmM2MjliZTRkM2YyZWIwMDQzYzI5M2Q3YTVkMjk2MmMwMGZlNmRhMzAwNzJkOGM1YTZiNGZlN2Q4NTlhMDQwZWVhZjI5OTczMzYzMDJmNWEwZWMxOQ + [10]: https://gchq.github.io/CyberChef/#recipe=Register('(.%7B32%7D)',true,false)Drop_bytes(0,32,false)AES_Decrypt(%7B'option':'Hex','string':'1748e7179bd56570d51fa4ba287cc3e5'%7D,%7B'option':'Hex','string':'$R0'%7D,'CTR','Hex','Raw',%7B'option':'Hex','string':''%7D)&input=NTFlMjAxZDQ2MzY5OGVmNWY3MTdmNzFmNWI0NzEyYWYyMGJlNjc0YjNiZmY1M2QzODU0NjM5NmVlNjFkYWFjNDkwOGUzMTljYTNmY2Y3MDg5YmZiNmIzOGVhOTllNzgxZDI2ZTU3N2JhOWRkNmYzMTFhMzk0MjBiODk3OGU5MzAxNGIwNDJkNDQ3MjZjYWVkZjU0MzZlYWY2NTI0MjljMGRmOTRiNTIxNjc2YzdjMmNlODEyMDk3YzI3NzI3M2M3YzcyY2Q4OWFlYzhkOWZiNGEyNzU4NmNjZjZhYTBhZWUyMjRjMzRiYTNiZmRmN2FlYjFkZGQ0Nzc2MjJiOTFlNzJjOWU3MDlhYjYwZjhkYWY3MzFlYzBjYzg1Y2UwZjc0NmZmMTU1NGE1YTNlYzI5MWNhNDBmOWU2MjlhODcyNTkyZDk4OGZkZDgzNDUzNGFiYTc5YzFhZDE2NzY3NjlhN2MwMTBiZjA0NzM5ZWNkYjY1ZDk1MzAyMzcxZDYyOWQ5ZTM3ZTdiNGEzNjFkYTQ2OGYxZWQ1MzU4OTIyZDJlYTc1MmRkMTFjMzY2ZjMwMTdiMTRhYTAxMWQyYWYwM2M0NGY5NTU3OTA5OGExNWUzY2Y5YjQ0ODZmOGZmZTljMjM5ZjM0ZGU3MTUxZjZjYTY1MDBmZTRiODUwYzNmMWMwMmU4MDFjYWYzYTI0NDY0NjE0ZTQyODAxNjE1YjhmZmFhMDdhYzgyNTE0OTNmZmRhN2RlNWRkZjMzNjg4ODBjMmI5NWIwMzBmNDFmOGYxNTA2NmFkZDA3MWE2NmNmNjBlNWY0NmYzYTIzMGQzOTdiNjUyOTYzYTIxYTUzZg + [12]: https://gchq.github.io/CyberChef/#recipe=Magic(3,false,false)&input=V1VhZ3dzaWFlNm1QOGdOdENDTFVGcENwQ0IyNlJtQkRvREQ4UGFjZEFtekF6QlZqa0syUXN0RlhhS2hwQzZpVVM3UkhxWHJKdEZpc29SU2dvSjR3aGptMWFybTg2NHFhTnE0UmNmVW1MSHJjc0FhWmM1VFhDWWlmTmRnUzgzZ0RlZWpHWDQ2Z2FpTXl1QlY2RXNrSHQxc2NnSjg4eDJ0TlNvdFFEd2JHWTFtbUNvYjJBUkdGdkNLWU5xaU45aXBNcTFaVTFtZ2tkYk51R2NiNzZhUnRZV2hDR1VjOGc5M1VKdWRoYjhodHNoZVpud1RwZ3FoeDgzU1ZKU1pYTVhVakpUMnptcEM3dVhXdHVtcW9rYmRTaTg4WXRrV0RBYzFUb291aDJvSDRENGRkbU5LSldVRHBNd21uZ1VtSzE0eHdtb21jY1BRRTloTTE3MkFQblNxd3hkS1ExNzJSa2NBc3lzbm1qNWdHdFJtVk5OaDJzMzU5d3I2bVMyUVJQ \ No newline at end of file diff --git a/mkdocs.yml b/mkdocs.yml index d86794b..d966bcb 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -93,6 +93,7 @@ nav: - Bookstack: recipes/bookstack.md - Calibre-Web: recipes/calibre-web.md - Collabora Online: recipes/collabora-online.md + - CyberChef: recipes/cyberchef.md - Duplicati: recipes/duplicati.md - ElkarBackup: recipes/elkarbackup.md - Ghost: recipes/ghost.md