Windows

Event viewer

Audit Failures (Event 4625)

See https://learn.microsoft.com/en-us/windows/security/threat-protection/auditing/event-4625

General

MSI installers run in two processes, CLIENT and SERVER. Essentially, from my understanding, CLIENT is the user facing version, SERVER is when you see the progress bar on the screen.

When the MSI installer executes an action it will return a code 0-4;

Windows Log Utility viewer

Extract files from MSI

msiexec /a C:\absolute\path\to\msifile.msi /qb TARGETDIR=C:\output

Absolute means absolute, you need to have the entire file path from the drive letter to the file.

MSI Install Logs

Will create file in %temp%

Windows Event Viewer

Event ID: 11707 Will tell you the user and date/time the installer was run.

tail -f for Windows Powershell

Get-Content ./log.log -Wait -Tail 10

Get HASH of file

certutil -hashfile "filename"

By default it will return the SHA1 hash, if you want to use a different hash algorithm;

certutil -hashfile "filename" <hashalgo>

Where <hashalgo> can be one of;

• MD2
• MD5
• SHA1
• SHA256
• SHA384
• SHA512

Get HASH of every file in directory

for %F in (*) do @certutil -hashfile "%F"

Get password from app pool

cd C:\Windows\System32\inetsrv
.\appcmd.exe list apppool "SmartSearch4" /text:*

Get Server uptime

wmic path Win32_OperatingSystem get LastBootUpTime

Get Return code of last script/command

Powershell

$LastExitCode

CMD

echo %ErrorLevel%

Publishing as single file application

https://learn.microsoft.com/en-us/dotnet/core/deploying/single-file/overview?tabs=vs

Target Frameworks

https://learn.microsoft.com/en-us/dotnet/standard/frameworks

.NET Runtime identifier

https://learn.microsoft.com/en-us/dotnet/core/rid-catalog

https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/appendix-l--events-to-monitor

DCOM/COM/COM+

What is it and what is it used for?

TODO

Dump a list of DCOM Objects

$DCOM = Get-WmiObject Win32_DCOMApplication
$DCOM | Format-Table AppID, Caption -auto

Linux

Gitlab

Omnibus

Omnibus

Gitlab CE -> Gitlab Online Repo mirroring

Create or obtain PAT for user.

• Open gitlab CE and goto Settings/Repository
• Expand Mirroring repositiories
• Grab the URL of the REPO, be sure to include username@gitlab.com; https://sebastiansam55@gitlab.com/sebastiansam55/documentation.git Set the password to the Access token, mirror and test.

Backups

https://docs.gitlab.com/ee/raketasks/backup_gitlab.html#storing-configuration-files

Need to backup the files in /etc/gitlab

gitlab-backup create

Places the files in /var/opt/gitlab/backups

Cloning a specific branch:

git clone --branch <repo url>

Rebase forked repo:

git remote add upstream <original-repo>
git fetch upstream
<make sure you are in the appropriate branch!>
git rebase upstream/<branchname>
git push origin <branchname> --force

https://bugzilla.mozilla.org/show_bug.cgi?id=1598826

If getting errors in output of gtk program like;

(__main__.py:16414): Gtk-WARNING **: 14:38:54.184: Theme parsing error: colors.css:71:44: Invalid number for color value

Open ~/.config/gtk-3.0/colors.css

At the very end of the file there are a number of lines that include rgb() fill in with 3 values;

@define-color theme_titlebar_background rgb(71,80,87);

Keyboard

https://wiki.archlinux.org/index.php/X_keyboard_extension#Using_keymap

Has a lot of great info about modifying the keyboard layouts in Linux, mostly applicable to any Linux distribution.

Add ISO_Level3_Shift (alt_gr) to keyboard on Right Windows Key

setxkbmap -layout us,us -option "lv3:rwin_switch"

Keychron K8 Keyboard on Linux

Intro and first Config

First thing make sure the USB-C plug is pushed all of the way in, I had to push relatively hard for the keyboard to be connected correctly to my computer.

This is a pretty reliable source and the solutions appear to be more or less completely applicable to the K8 at the least.

Keychron K2 config on github

From the above link I used the alternative solution under udev;

Having the keyboard in the MacOS mode I executed: sudo touch /etc/modprobe.d/hid_apple.conf Open the file in your editor of choice (sudo nano) and add options hid_apple fnmode=2 and write the changes.

Execute sudo update-initramfs -u and reboot the computer.

Make sure to switch the selector switch on the side of the keyboard to Windows/Android and everything works as expected for me. F[1-12] activate as expected and pressing FN+F1 etc activate the functions related.

I would very much recommend that you upgrade to some thicker PBT key caps as the ones that ship with the K8 are exceptionally grating to listen to. To my ear they make a really high pitch sort of ringing that borders on unbearable. I also have o-rings on my new key caps which help but I don't think are as necessary as PBT/thicker key caps.

Keys

Being a TKL layout the K8 has most if not all of the keys that I regularly use with some notable, annoyingly unnecessary exceptions.

The Scroll Lock key

The scroll lock key does not send the scroll lock key. Instead it sends "<LEFT_META>+j" (KC:125+36) on the "Windows" layout or "SPACE+FN" (KC:57+464) on the MacOS layout which are supposedly the key combinations used to activate Cortana and Siri.

This seems like a complete waste of the key. Do I use scroll lock for scroll lock? Absolutely not. I use it as a toggle mute in voice chat application so I can look at my keyboard and see at a glance what the state of my microphone is (at least I could do this on keyboards that have a scroll lock indicator light). But now on my keyboard it is an unused and unloved key.

The pause/break key

Right (on the left) next to it is where the "Pause\Break" key usually resides. Not so on the K8 instead is the K8 lighting control. This key does not send any signals to the computer at all from my examination of the device.

Do I use the key as a pause/break key? Also no but it was a convenient key to bind as a shortcut for various other programs because it was essentially a "free" key.

The use of this key as the light key is particularly annoying as there is not a way to disable it. Meaning any time that it is bumped you will have to cycle through all 16 different lighting modes to arrive back at your desired one.

The Fn key.

The Fn key operates very differently between the two layouts.

• Windows layout
  • On this layout the key does not send any events at all. In the manual there is an option to switch to a more MacOS type functionality where pressing the F[1-12] keys sends the signals like keyboard backlight before the F[1-12] signals.
  • No matter what the Fn key functionality is it does not send any signals to the computer on the Windows layout. The F[1-12] switching takes place entirely within the keyboard firmware.
• MacOS layout
  • On this layout the Fn key sends the KEY_FN or 464 scan code.
  • It will not send anything if you press Fn+[1-3] because this is bound to switching bluetooth devices. This is despite the keyboard being connected via a wired connection (making the Fn+[1-3] hotkeys useless)
  • Note that any other key combinations as described in the K8 quick start will also not send key strokes when combined with the FN key
    • This list includes; S O X L 1 2 3
    • I find this list of caveats to the function of the FN key to be so arbitrary to make it useless as other wise I would have to remember all of these when adding the FN to a hotkey.

Devices added

Many keyboards add more than one device to /dev/input, the K8 adds two devices when connected via wired and adds three devices when connected via bluetooth.

It is unclear what the 3rd device added when the keyboard is connected via bluetooth does. I have not been able to see any events sent by it during regular usage. I suspect that it is related to the bluetooth sleep functions as the listed capabilities as reported by evtest are as follows;

Supported events:
  Event type 0 (EV_SYN)
  Event type 1 (EV_KEY)
    Event code 142 (KEY_SLEEP)
  Event type 4 (EV_MSC)
    Event code 4 (MSC_SCAN)

Device Names

The Keyboard input devices handle all of the regular key events, and the Function inputs handle the "Functions" like the screen brightness, media control, volume control etc.

Function Keys

On the Windows layout (pressing FN+F[1-12]): <<<<<<< Updated upstream

Stashed changes | Key | Key Signal | Scan Code | Device | Purpose | | :-: | :--------: | :-------: | :----: | :-----: | | FN+F1 | KEY_BRIGHTNESSDOWN | 224 | Function input | Screen brightness | | FN+F2 | KEY_BRIGHTNESSUP | 225 | Function input | Screen brightness | | FN+F3 | KEY_LEFTMETA+KEY_TAB | 125+15 | Keyboard input | Switch windows | | FN+F4 | KEY_LEFTMETA+KEY_DOT | 125+52 | Keyboard input | ? | | FN+F5 | None | None | None | Decrease keyboard brightness | | FN+F6 | None | None | None | Increase keyboard brightness | | FN+F7 | KEY_PREVIOUSSONG | 165 | Function input | Media key | | FN+F8 | KEY_PLAYPAUSE | 164 | Function input | Media key | | FN+F9 | KEY_NEXTSONG | 163 | Function input | Media key | | FN+F10 | KEY_MUTE | 113 | Function input | Volume control | | FN+F11 | KEY_VOLUMEDOWN | 114 | Function input | Volume control | | FN+F12 | KEY_VOLUMEUP | 115 | Function input | Volume control |

On the MacOS layout (pressing FN+F[1-12]): <<<<<<< Updated upstream

Stashed changes | Key | Key Signal | Scan Code | Device | Purpose | | :-: | :--------: | :-------: | :----: | :-----: | | FN+F1 | KEY_BRIGHTNESSDOWN | 224 | Keyboard input | Screen brightness | | FN+F2 | KEY_BRIGHTNESSUP | 225 | Keyboard input | Screen brightness | | FN+F3 | KEY_SCALE | 120 | Keyboard input | Switch windows | | FN+F4 | KEY_DASHBOARD | 204 | Keyboard input | ? | | FN+F5 | None | None | None | Decrease keyboard brightness | | FN+F6 | None | None | None | Increase keyboard brightness | | FN+F7 | KEY_PREVIOUSSONG | 165 | Keyboard input | Media key | | FN+F8 | KEY_PLAYPAUSE | 164 | Keyboard input | Media key | | FN+F9 | KEY_NEXTSONG | 163 | Keyboard input | Media key | | FN+F10 | KEY_MUTE | 113 | Keyboard input | Volume control | | FN+F11 | KEY_VOLUMEDOWN | 114 | Keyboard input | Volume control | | FN+F12 | KEY_VOLUMEUP | 115 | Keyboard input | Volume control |

LEDS

On the keyboard, not counting the RGB backlight. There are three LEDS above the arrow cluster on the right hand size.

• Power LED
• Bluetooth LED
• CAPS_LOCK LED

When these LEDs are activated is self evident.

However, according to evtest the keyboard has the following LED events.

  Event type 17 (EV_LED)
    Event code 0 (LED_NUML) state 0
    Event code 1 (LED_CAPSL) state 0
    Event code 2 (LED_SCROLLL) state 0
    Event code 3 (LED_COMPOSE) state 1
    Event code 4 (LED_KANA) state 0

<<<<<<< Updated upstream Out of these only LED_CAPSL appears to effect the physical LEDs on the keyboard.

Out of these only LED_CAPSL appears to effect the physical LEDs on the keyboard. >>>>>>> Stashed changes

Notes

All key/scan codes are those as reported by evtest, mostly on the wired connection unless otherwise specified.

Note that when a key is mentioned it is described by it's qwerty layout value. If you map your keyboard to a different layout the location of these hot keys does not move. IE: if you use dvorak which moves the location of many of the keys the shortcut for toggling Auto Sleep Mode FN+S+O will be FN+O+R on a dvorak keyboard, with the S->O and O->R.

Proxmox

Windows VM

QEMU Guest Agent

Mount virtio ISO, install arch version from guest-agent folder.

Sometimes you will have to manually update the drivers afterward;

• Attach the ISO to your windows VM (virtio-*.iso)
• Go to the windows Device Manager
• Look for "PCI Simple Communications Controller"
• Right Click -> Update Driver and select on the mounted iso in DRIVE:\vioserial<OSVERSION>\ where is your Windows Version (e.g. 2k12R2 for Windows 2012 R2)

CT

In order to enable ssh

• Start SSHD
• Enable root login
  • Or create new user

systemctl start sshd

add PermitRootLogin yes to the end of the file /etc/ssh/sshd_config

Commands

ffmpeg

Stream video to dummy web cam device

ffmpeg -re -i <INPUT> -f v4l2 /dev/video2

Concatenate audio files with ffmpeg

ffmpeg -f concat -safe 0 -i <INPUT FILE> -c copy output.wav INPUT FILE in form of file '/dir/to/file' file '/dir/to/file' etc.

Compress wave file ffmpeg

ffmpeg -i <input> <output>

PiHole

start the pihole docker

These have to be disabled because they are using the DNS ports (53 and 67)

sudo systemctl disable systemd-resolved
sudo systemctl stop systemd-resolved
sudo systemctl restart NetworkManager
docker container start pihole

Change pihole password

sudo pihole -a -p

Configure pihole to allow switch minecraft

pihole -a hostrecord mco.lbsg.net <SERVER IP> Or go to <IP>/admin Local DNS records Add new Domain: mco.lbsg.net Add new Ip Address: <SERVER IP>

Open bash in the docker container

docker exec -it <docker name> bash

• i = interactive
• t = Allocate a pseudo-tty

Renable DNS service

sudo systemctl enable systemd-resolved sudo systemctl restart NetworkManager

VirtualBox (vboxmanage)

VirtualBox make drive image from hard ware device

sudo VBoxManage internalcommands createrawvmdk -rawdisk <disk> -filename <output>

VirtualBox can't see USB devices

You will likely need to logout and back in if not then reboot. sudo adduser $USER vboxusers

Miscellaneous

set volume above 100%

pactl -- set-sink-volume 0 <percent>%

Wake-On-LAN for server

sudo etherwake -i <interface> <macaddress>

Link file Linux (symbolic link)

ln -s </full/path/to/source> <dest>

Add folder to $PATH on Linux

export PATH="/new/path:$PATH" to make permanent add line above to ~/.bashrc

Pipe terminal output to file

<COMMAND> > <OUTPUTFILE> Append <COMMAND> >> <OUTPUTFILE>

Set timezone Linux

sudo timedatectl set-timezone America/New_York

Change hostname Linux

hostnamectl set-hostname <hostname>

Edit /etc/hosts and replace old host name with new one

Login without password SSH

Generate SSH key ssh-keygen -t rsa -b 2048 Copy keys to target server ssh-copy-id <USERNAME>@<SERVERNAME>

CRONTAB

crontab -e https://crontab.guru/

Speedtest CLI

speedtest-cli --csv divide values by <DOWNLOAD>/1000/1000 to get mbps

Leave command running after logout

screen - opens bash terminal, leave by Ctrl+A + d screen -ls show open screens screen -r resume screen screen -r <PID> resume screen by PID

tmux version

tmux - opens bash terminal, leave by Ctrl+b + d tmux ls list open tmux tmux attach -t <number> attach to tmux instance

Add basic system startup

Add <servicename>.service file to /etc/systemd/system Basic .service file

[Unit]
Description=<description>
[Service]
ExecStart=<filepathtoscript>
[Install]
WantedBy=multi-user.target

sudo systemctl start <servicename> #starts the service sudo systemctl enable <servicename> #adds to startup

Start command at bootup in a screen instance, accessible by user

runuser -l <USER> -c 'screen -dm -S <sessionname> <command>'

CUPS info

lpstat -t

Save Ping output

use to roughly target time frame of unexpected system outages ping -D -i 10 192.168.0.20 >> pinghist

Pretty print uptime alias

alias uptime = 'uptime -p'

Ubuntu

Adding Shortcuts

Create a .desktop file like the following;

#!/usr/bin/env xdg-open

[Desktop Entry]
Version=1.0
Type=Application
Terminal=false
Icon[en_US]=preferences-desktop-keyboard
Exec=/home/sam/Applications/teensy/teensy
Name[en_US]=teensy
Name=Teensy
Icon=preferences-desktop-keyboard

You can get a list of the icons and their descriptions from a few places. List with Descriptions: https://github.com/GNOME/gtk/blob/main/demos/icon-browser/icon.list

Fish is an alternative Shell. I find that it has much better tab completion.

FAQs

https://fishshell.com/docs/current/faq.html

Setting an environment variable

set -x key value

• -x or --export
  • Make value an "Environment variable"
• -e or --erase
  • Erases the specified shell variable

Checking the value of an environment variable

echo $VARNAME

Dump all environment variables env

Packages

fontAwesome5

Nice PDF that shows how to create every icon http://mirrors.ibiblio.org/CTAN/fonts/fontawesome5/doc/fontawesome5.pdf

MacOS

MacOS Virtualbox

Extra commands that I had to run in order to get Mac OS 12 to work with VirtualBox

cd "C:\Program Files\Oracle\VirtualBox\"
VBoxManage modifyvm "macOS 12 Monterey" –cpuidset 00000001 000106e5 00100800 0098e3fd bfebfbff
VBoxManage setextradata "macOS 12 Monterey" "VBoxInternal/Devices/efi/0/Config/DmiSystemProduct" "iMac19,1";
VBoxManage setextradata "macOS 12 Monterey" "VBoxInternal/Devices/efi/0/Config/DmiSystemVersion" "1.0";
VBoxManage setextradata "macOS 12 Monterey" "VBoxInternal/Devices/efi/0/Config/DmiBoardProduct" "Mac-AA95B1DDAB278B95";
VBoxManage setextradata "macOS 12 Monterey" "VBoxInternal/Devices/smc/0/Config/DeviceKey" "ourhardworkbythesewordsguardedpleasedontsteal(c)AppleComputerInc";
VBoxManage setextradata "macOS 12 Monterey" "VBoxInternal/Devices/smc/0/Config/GetKeyFromRealSMC" 1;

VBoxManage modifyvm "macOS Monterey" --cpuidset 00000001 000106e5 00100800 0098e3fd bfebfbff
VBoxManage modifyvm "macOS Monterey" --cpu-profile "Intel Core i7-6700K"
VBoxManage setextradata "macOS Monterey" "VBoxInternal/Devices/efi/0/Config/DmiSystemProduct" "iMac19,1"
VBoxManage setextradata "macOS Monterey" "VBoxInternal/Devices/efi/0/Config/DmiSystemVersion" "1.0"
VBoxManage setextradata "macOS Monterey" "VBoxInternal/Devices/efi/0/Config/DmiBoardProduct" "Mac-AA95B1DDAB278B95"
VBoxManage setextradata "macOS Monterey" "VBoxInternal/Devices/smc/0/Config/DeviceKey" "ourhardworkbythesewordsguardedpleasedontsteal(c)AppleComputerInc"
VBoxManage setextradata "macOS Monterey" "VBoxInternal/Devices/smc/0/Config/GetKeyFromRealSMC" 1
VBoxManage setextradata "macOS 12 Monterey" "VBoxInternal/TM/TSCMode" "RealTSCOffset"

localStorage Export

See: https://stackoverflow.com/questions/13335967/export-data-in-localstorage-for-later-re-import

copy('var data = '+JSON.stringify(localStorage)+';Object.keys(data).forEach(function (k){localStorage.setItem(k, data[k]);});');

Paste the above into browser console, this will set your clipboard to the value needed to reimport localStorage to another browser.