getcap is a program to get capabilities of others. The one which is a way in is cap_setuid

getcap -r / 2>/dev/null

If anything’s listed which lets you script, you can use that to get a shell. Here’s a Python example:

python3 -c 'import os; os.setuid(0); os.system("/bin/bash")'

Just over a year ago I decided to bite the bullet and try out colemak. I’ve been at it full time on my Corne, by still using qwerty on traditional keyboards.

My findings:

• makes me a vim noob
• wpm has increased but plateaued because I want to retain qwerty memory
• what has been a success is Corne
• reflection: embrace qwerty and touch type on corne

Meta search

• Kagi ↗️ premium (paid for and ad-free) search prioritising privacy and user experience. Reminiscent of the good-old-days
• SearXNG ↗️ self-hostable, open-source metasearch engine that aggregates results from 200+ engines. There are hosted versions but privacy or veracity is not guaranteed

Specialist

• Virus Total ↗️ meta engine for checking files and their hashes against virus databases
• Shodan ↗️ is an engine to find devices connected to the internet
• Censys ↗️ searches hosts, IPs, certificates

Exploits and CVE databases

• ExploitDB ↗️
• Rapid7 ↗️
• Vulnerability Lab ↗️
• NIST NVD ↗️
• GTFOBins ↗️
• Default password database ↗️

After writing my notes on revamping the site 🌲 I’ve stumbled across the new idea of digital gardening as an alternative to blogging. It’s not actually that new, but it is to me.

What I like about it is how close it is to a Zettelkasten and how it allows for notes to be written and published in an unfinished state completely guilt-free. It reminds me of my first website all that time ago where there were pages which had nothing other than an under construction banner.

I thought I’d share my github action which deploys this site whenever a push a new file to main. It compiles the site with hugo and the rsyncs across to the server.

This means that my workflow is:

1. fire up neovim and write
2. commit and push
3. sit back and wait for the site to update

The code for the action is below. It requires a couple of secrets to be set up:

This is yet another variation of a blog by me, Clinton. I am a software engineer working and living in Bath, UK. The goal (this time) is to be somewhere between a blog and a zettelkasten where I’ll ramble, write some articles, but also share short facts, notes, and resources.

The content here is written by me (by which I mean, not AI.) I may use AI to help to plan articles but words will be my own. In fact, as an act of transparency, I’ll add Claude (or whatever) as a co-author and expressly note the input if I do use AI for anything anywhere.

This website has been in a bit of a dilapidated state since, well, COVID really. Things have moved on a lot since then and I’d like to make a new start.

Rather than do what I’ve done before and try to recover the site as it was and create a new theme for wordpress and whatnot, I’m redoing everything and hoping that’ll help. This time it’s just going to be a load of articles, thoughts, nonsense, and loosely based on the idea of a Zettelkasten which is something which I have had a lot of success with over the last few years using Obsidian. Hopefully it’ll feel informal enough that I’ll not feel pressure and just, you know, write.

1. Generate SSH key with passphrase (ssh-keygen)
2. Get keychain to remember passphrase ssh-add --apple-use-keychain --apple-load-keychain ~/.ssh/id_ed25519
3. Tell git to use SSH for signing: git config --global gpg.format ssh
4. Tell git about the key git config --global user.signingkey ~/.ssh/id_ed25519.pub
5. Auto sign commits git config --global commit.gpgsign true

References

• How to get keychain to remember ssh passphrase 🌿