CanuteTheGreat's BLOG

Author: canutethegreat

  • Customizing Windows Sandbox

    Customizing Windows Sandbox

    Windows 10 introduced a neat features called the Windows Sandbox. It creates a temporary (ephemeral) Windows VM (same version as host) that when closed is destroyed along with the contents. When you open Windows Sandbox it is pretty bare with no extras. However, it is possible to create it with a bit of customizations added. This is accomplished by creating a wsb (Windows SandBox) file.

    Example wsb that creates a shared folder (downloads/wsb_files) on the host in my user (canut) home directory.

    <Configuration>
<VGpu>Default</VGpu>
<Networking>Default</Networking>
<MappedFolders>
   <MappedFolder>
     <HostFolder>C:\Users\canut\Downloads\wsb_files</HostFolder>
     <ReadOnly>false</ReadOnly>
   </MappedFolder>
</MappedFolders>
<LogonCommand>
   <Command>C:\Users\WDAGUtilityAccount\desktop\wsb_files\startup.bat</Command>
</LogonCommand>
</Configuration>

    The startup.bat file is executed at “logon” to the VM after creation. The contents are:

    C:\Users\WDAGUtilityAccount\desktop\wsb_files\SurfsharkSetup.exe /exenoui /qn
C:\Users\WDAGUtilityAccount\desktop\wsb_files\qbittorrent_4.6.4_x64_setup.exe /S
explorer.exe C:\Users\WDAGUtilityAccount\desktop\wsb_files
"C:\Program Files\qBittorent\qbittorrent.exe"

    This .bat script will run the installer for surfshark’s VPN, then install qbittorrent, -both of which need to be downloaded first – and then it will open explorer to the wsb_files location and finally run qbittorrent application.

    There is a lot of potential customizations that can be done and you can review further examples to get a better idea of the possibilities.

  • Gentoo glsa-check

    Gentoo glsa-check

    Quick Primer on using Gentoo’s glsa-check tool.

     glsa-check --help
usage: glsa-check <option> [glsa-id | all | new | affected]

options:
  -h, --help        show this help message and exit
  -V, --version     Show information about glsa-check
  -q, --quiet       Be less verbose and do not send empty mail
  -v, --verbose     Print more messages
  -n, --nocolor     Removes color from output
  -e, --emergelike  Upgrade to latest version (not least-change)
  -c, --cve         Show CVE IDs in listing mode
  -r, --reverse     List GLSAs in reverse order

Modes:
  -l, --list        List a summary for the given GLSA(s) or set and whether they affect the system
  -d, --dump        Show all information about the GLSA(s) or set
  --print           Alias for --dump
  -t, --test        Test if this system is affected by the GLSA(s) or set and output the GLSA ID(s)
  -p, --pretend     Show the necessary steps to remediate the system
  -f, --fix         (experimental) Attempt to remediate the system based on the instructions given in the GLSA(s) or
                    set. This will only upgrade (when an upgrade path exists) or remove packages
  -i, --inject      Inject the given GLSA(s) into the glsa_injected file
  -m, --mail        Send a mail with the given GLSAs to the administrator

glsa-list can contain an arbitrary number of GLSA ids, filenames containing GLSAs or the special identifiers 'all'
and 'affected'

    Check for vulnerable packages with ‘-p’ (pretend) flag:

     glsa-check -p all
Checking GLSA 200409-10
>>> no vulnerable packages installed


Checking GLSA 200411-08
>>> no vulnerable packages installed
...

    Check AND fix vulnerable packages with ‘-f’ (fix) flag:

    glsa-check -f all
Fixing GLSA 200409-10
>>> no vulnerable packages installed

Fixing GLSA 200411-08
>>> no vulnerable packages installed
...

    And that’s a wrap!

  • Ducky Roll

    Ducky Roll

    This is the Ducky Script (Bad USB) version of the classic Rick Roll.

    Windows

    WINDOWS r
DELAY 500
STRING https://youtu.be/dQw4w9WgXcQ?si=DXj7ZN03EQAH3sOY
ENTER

    Enjoy! 😉