XSS and bypassing an Imperva WAF with JSFuck
Grumpy admin – has been very very lazy and hasn’t done any blogging in a few months, so I thought I would write a quick note to say that I am still alive and hope to return after the XMAS holidays with lots more energy and blog posts.
While I have been lazy on the blog posting, I been actually busy in the real world. With a lot of work time, spent learning Linux to an acceptable level as some bright spark decided they would introduce Linux in the company infrastructure. I was hired as a Windows Administrator, but as a professional got to adapt right!
From implementing Logstash and elasticsearch, to working with CMS and RHEL 7 repo’s and other exciting things. I have also been doing a lot of minor project for work of late. Enough to keep me busy and from blogging.
As well as fixing other people’s shit that they mess up, I had to spend a couple days doing some Word VBA macro scripting! Which was a nice trip down memory lane. In the end rather than work out the shit code, The other guy, just recorded macros, which produce unreadable vba code, after a day trying to fix and modify his code, I decided to just rewrite it with improved features. The boss was actually happy for once!!!! Also been doing some documentation, which is boring!!!! Mega boring but something we all need to do! This is all on top of being the human to google interface for customers. They ask a question, I google and read back the answer! (won’t tell them they could save a racket if they just learn to use google themself and sack half the department!).
I have yet to find a brilliant, work, auto populating and nice looking CMDB that is easy to implement and insert into an already established network! I have done a few installations of different products and nothing works for me or feels right! If you know of something let me know!
Again trying to show you that I have not been that lazy a lazy admin, I have also setup a online hosting company, I’m only a domain and webhosting reseller, nothing special nothing anyone else couldn’t do! I don’t have any customers, but it does give me an easy way of managing all my domain names and getting slightly cheaper domain names total easy of management and cheaper access to things like wildcard SSL certs!!!
So apart from dusting off my base HTML5 and PHP skills, I have been doing a lot of work with our VMware environment at work. I think someone, has spoken to my boss and introduced him to the concept of delegation! Which to be fair to better for me, as you only get better if you, do things! And grumpy admin likes to feel that he brings added value!
I haven’t been allowed to do anything useful with PowerCLI and the Veeam powershell modules yet. But as my boss’s confidence in me grows, I will have more authority to improve things and geek! Which I hope to be able to share with you guys!
There is so much new stuff to talk about and write about, Server 2016 and Server core and Containers, and great features like nested hyper-v servers. System Centre 2016 and did I mention Server CORE!!!! Server core has me so pumped up about Microsoft Technologies.
So till the new year, I will leave you in peace, and hopefully get back on the bandwagon and share some really cool stuff!
So in case I don’t get the chance, have a good XMAS and I hope to see you in the new year, with lots of exciting blog posts.