# 1번 
ldapsearch -H ldap://localhost -b dc=int,dc=worldskills,dc=org -x "(&(objectclass=organizationalunit)(ou=Employees))" -D cn=admin,dc=int,dc=worldskills,dc=org -w Skill39** | grep dn

ldapsearch -H ldap://localhost -b ou=Employees,dc=int,dc=worldskills,dc=org -x objectclass=person -D cn=admin,dc=int,dc=worldskills,dc=org -w Skill39** | egrep "dn|Number|mail"

# 2번 
openssl x509 -in /etc/ssl/ws-RootCA/cacert.pem -noout -text | egrep "Subject:|CA:TRUE"

openssl x509 -in /etc/ssl/ws-SubCA/cacert.pem -noout -text | egrep "Subject:|CA:TRUE"

openssl verify -CAfile /etc/ssl/ws-RootCA/cacert.pem /etc/ssl/ws-SubCA/cacert.pem

for cert in /etc/ssl/ws-SubCA/newcerts/*; do openssl x509 -in "$cert" -noout -issuer -subject | awk '/^issuer=/ {show = /CN = worldskills-SubCA/} /^subject=/ && show'; done

cat /etc/ssl/ws-SubCA/cacert.pem /etc/ssl/ws-RootCA/cacert.pem > /tmp/fullchain.crt; for cert in /etc/ssl/ws-SubCA/newcerts/*; do openssl verify -CAfile /tmp/fullchain.crt $cert; done

fpsshca=$(ssh-keygen -lf /etc/ssl/ssh-CA/ca.pub | awk '{print $2}'); fpsshcert=$(ssh-keygen -L -f /root/.ssh/id_ecdsa-cert.pub | grep "Signing CA:" | awk '{print $4}'); if [[ "$fpsshca" == "$fpsshcert" ]]; then echo "ok"; fi

ssh-keygen -L -f /root/.ssh/id_ecdsa-cert.pub | grep "Type:"

# 3번 
smbclient //localhost/public -I 127.0.0.1 -U "%" -c ls | grep "blocks available" | wc -l

touch /tmp/test; smbclient //localhost/public -I 127.0.0.1 -U "ws-user%Skill39**" -c "put /tmp/test test"

touch /tmp/test; smbclient //localhost/public -I 127.0.0.1 -U "%" -c "put /tmp/test test"

# 4번 
smbclient //localhost/internal -I 127.0.0.1 -U "%" -c "ls"

touch /tmp/test; smbclient //localhost/internal -I 127.0.0.1 -U "ws-user%Skill39**" -c "put /tmp/test test"

# 5번 
dig +short +time=2 +tries=1 @10.1.10.10 int-srv.int.worldskills.org A
dig +short +time=2 +tries=1 @10.1.10.10 -x 10.1.10.10
dig +short +time=2 +tries=1 @2001:db8:1001:10::10 int-srv.int.worldskills.org AAAA
dig +short +time=2 +tries=1 @2001:db8:1001:10::10 -x 2001:db8:1001:10::10
dig +recurse +time=2 +tries=1 @127.0.0.1 int.worldskills.org SOA | grep NOERROR

for zone in worldskills.org 20.1.10.in-addr.arpa. 0.2.0.0.1.0.0.1.8.b.d.0.1.0.0.2.ip6.arpa.; do rndc zonestatus $zone | grep secondary; done | wc -l

for zone in worldskills.org 20.1.10.in-addr.arpa. 0.2.0.0.1.0.0.1.8.b.d.0.1.0.0.2.ip6.arpa.; do dig +short +time=2 +tries=1 @127.0.0.1 $zone SOA | awk '{print $1}' | grep ns.worldskills.org; done | wc -l

# 6번 
for record in mail.worldskills.org ns.worldskills.org www.worldskills.org prx.worldskills.org prx01.worldskills.org prx02.worldskills.org web01.worldskills.org web02.worldskills.org; do dig +short +time=2 +tries=1 @10.1.20.20 $record A; done

for record in 10.1.20.10 10.1.20.21 10.1.20.22 10.1.20.31 10.1.20.32; do dig +short +time=2 +tries=1 @10.1.20.20 -x $record; done

for record in mail.worldskills.org ns.worldskills.org www.worldskills.org prx.worldskills.org prx01.worldskills.org prx02.worldskills.org web01.worldskills.org web02.worldskills.org; do dig +short +time=2 +tries=1 @2001:db8:1001:20::20 $record AAAA; done

for record in 2001:db8:1001:20::10 2001:db8:1001:20::21 2001:db8:1001:20::22 2001:db8:1001:20::31 2001:db8:1001:20::32; do dig +short +time=2 +tries=1 @2001:db8:1001:20::20 -x $record; done

dig +short +time=2 +tries=1 @127.0.0.1 worldskills.org MX

dig +recurse +time=2 +tries=1 @127.0.0.1 worldskills.org SOA | grep "recursion"

for zone in worldskills.org 20.1.10.in-addr.arpa. 0.2.0.0.1.0.0.1.8.b.d.0.1.0.0.2.ip6.arpa.; do rndc zonestatus $zone | grep secondary; done | wc -l

dig +recurse +time=2 +tries=1 @127.0.0.1 worldskills.org SOA | grep "recursion"

# 7번 
journalctl -f -u ssh | grep Accepted

for host in 10.1.20.10 10.1.20.31 10.1.20.32; do ssh root@$host true; done

# 8번 
curl -s --connect-timeout 2 http://127.0.0.1/ 2>&1
curl -s --connect-timeout 2 http://127.0.0.1/whoami 2>&1
curl -s --connect-timeout 2 http://127.0.0.1/test 2>&1

# 9번 
echo | openssl s_client -connect www.worldskills.org:443 2>&1 | grep "Verification: OK"

curl https://www.worldskills.org -v 2>&1 | egrep "subjectAltName|verify ok"

curl https://www.worldskills.org

curl -Lv http://www.worldskills.org 2>&1 | grep redirect

curl -I https://www.worldskills.org 2>&1 | grep via-proxy

# 10번 
ss -tulpn | awk '{print $5}' | egrep ":25|:465|:587|:143|:993" | sort

echo -e "ehlo mail.worldskills.org\nAUTH PLAIN AHdzLXVzZXIwMQBTa2lsbDM5Kio=\nMAIL FROM:<ws-user01@worldskills.org>\nRCPT TO:<ws-user02@worldskills.org>\nDATA\nFrom: ws-user01@worldskills.org\nTo: ws-user02@worldskills.org\nSubject: Test\n.\nQUIT" | openssl s_client -starttls smtp -connect mail.worldskills.org:587 -ign_eof

echo -e "a login ws-user02 Skill39**\na LIST \"\" \"*\"\na logout" | openssl s_client -connect mail.worldskills.org:993 -ign_eof

# 11번 
systemctl stop slapd

doveadm user ws-user01@worldskills.org

systemctl start slapd

doveadm user ws-user01@worldskills.org

# 12번 
/opt/backup.sh

diff -r /var/mail /backup/mailbox
diff -r /etc/postfix /backup/postfix
diff -r /etc/dovecot /backup/dovecot

journalctl -f -u cron.service

# 13번  
ping 10.1.10.10 -c 4
dig +recurse +time=2 +tries=1 int-srv.int.worldskills.org SOA | grep status

ping 10.1.10.10 -c 4
dig +recurse +time=2 +tries=1 int-srv.int.worldskills.org SOA | grep status

# 14번 
GUI 

# 15번 
GUI 

# 16번 
curl -I http://www.worldskills.org 2>&1 | grep x-secured-by

curl -I http://www.worldskills.org 2>&1 | grep x-secured-by

# 17번 
tcpdump -n icmp[icmptype] = icmp-echo

ping 1.1.1.20 -c 4

# 18번 
nmap -n -sT -p0-1023 10.1.10.10 -Pn --min-rate 1000
nmap -n -sU -p0-1023 10.1.10.10 -Pn --min-rate 1000

nmap -n -sT -p0-1023 10.1.10.10 -Pn --min-rate 1000
nmap -n -sU -p0-1023 10.1.10.10 -Pn --min-rate 1000

nmap -n -sT -p0-1023 1.1.1.10 -Pn --min-rate 1000
nmap -n -sU -p0-1023 1.1.1.10 -Pn --min-rate 1000

nmap -6 -n -sT -p0-1023 2001:db8:1001:10::10 -Pn --min-rate 1000

nmap -6 -n -sU -p0-1023 2001:db8:1001:10::10 -Pn --min-rate 1000

# 19번 
for i in {1..10}; do curl -m 3 -s https://www.worldskills.org/whoami; done | sort -u

halt -p

for i in {1..10}; do curl -m 3 -s https://www.worldskills.org/whoami; done | sort -u

# 20번 
echo | openssl s_client -connect www.worldskills.org:443 2>&1 | grep "Verification: OK"

curl https://www.worldskills.org -v 2>&1 | egrep "subjectAltName|verify ok"

curl https://www.worldskills.org

curl -Lv http://www.worldskills.org 2>&1 | grep redirect

curl -I https://www.worldskills.org 2>&1 | grep via-proxy

# 21번 
for i in {1..10}; do curl -s https://www.worldskills.org/whoami; done | sort -u

ansible-playbook /opt/rollback.yml -e "target=web02"

for i in {1..10}; do curl -s https://www.worldskills.org/whoami; done | sort -u

dpkg -l apache2 | grep apache2

ls /var/www

# 22번 
ansible-playbook /opt/deploy.yml -e "target=web02"

for i in {1..10}; do curl -s https://www.worldskills.org/whoami; done | sort -u

dpkg -l apache2 | grep apache2

curl -s --connect-timeout 2 http://127.0.0.1/ 2>&1
curl -s --connect-timeout 2 http://127.0.0.1/whoami 2>&1
curl -s --connect-timeout 2 http://127.0.0.1/test 2>&1

# 23번 
ss -tulnp | grep rsyslog

ss -tulnp | grep rsyslog

# 24번 
logger qwer

echo '' > /var/log/fw/system.log
tail -f /var/log/fw/system.log | grep TEST

logger TEST

logger qwer

echo '' > /var/log/mail/system.log
tail -f /var/log/mail/system.log | grep TEST

logger TEST

# 25번
logrotate -d /etc/logrotate.d/srv

logrotate -f /etc/logrotate.d/srv
ls –lh /var/log/mail/

# 26번
echo ‘’ > /var/log/suricata/fast.log

apt install hping3
hping3 -S -p 80 --flood 10.1.20.31

cat /var/log/suricata/fast.log | grep access

# 27번 
apt install tcpdump
tcpdump -nn -i any port 123 -vvv

systemctl restart chrony

# 28번 
chronyc sources

# 29번 
halt -p

systemctl restart chrony
chronyc sources

# 30번 
ss -lntp4 | grep stunnel

ss -lntp4 | grep stunnel

# 31번 
journalctl -u stunnel4.service | grep succeeded
journalctl -u stunnel4.service | grep CA

journalctl -u stunnel4.service | grep Certificate

# 32번 
mount | grep /mnt/shares

# 33번 
cat /proc/mdstat
mdadm --detail /dev/{ array path }
parted /dev/{ array path } print

# 34번 
reboot
mount | grep /mnt/raid