Sec, blogmal! - tidbits

Categories:

Everything

Dezember '14

DoDoDoDoDoDoDo
1234567
891011121314
15161718192021
22232425262728
2930311234

Archive:

Flattr me:

Flattr this

Fri, 01 Feb 2013

Presto now on github
A recent discussion on our IRC channel reminded me of my old tool %presto% which can modify the UID of any running process on [def|FreeBSD]:http://www.freebsd.org/ via write access to %/dev/kmem%. Yes, of course this not a security problem, but sometimes this comes in handy - E.g. if you need to promote a running editor to *really* write that file now. I dusted it off, converted the old [def|RCS]:https://en.wikipedia.org/wiki/Revision_Control_System to [def|git]:http://git-scm.com/, updated it for current FreeBSD versions and put it on [def|github]:https://github.com/ here: https://github.com/Sec42/presto - so if you want to play around with it - go ahead :-) -- Sec
posted at: 12:41 | Category: /tidbits | permanent link to this entry | 0 comments (trackback)

Fri, 11 Jan 2013

Youtube nologin the second
Youtube changed the way it deals with restricted videos, and thus my [previous]:youtube-nologin.story [def|bookmarklet]:https://en.wikipedia.org/wiki/Bookmarklet broke. Here is a fixed version: _
_ _ Youtube nologin _ As with all bookmarklets, drag that link to your toolbar, and click it later as you need it. And here is a new video to test it on: [Cyberpunk 2077 Teaser]:https://www.youtube.com/watch?v=P99qJGrPNLs -- Sec
posted at: 10:59 | Category: /tidbits | permanent link to this entry | 1 comment (trackback)

Mon, 12 Nov 2012

Youtube and verify_age
While watching some the awseome [def|Gearbox]:http://www.gearboxsoftware.com/ [Borderlands 2]:http://www.borderlands2.com/us/ videos (like [this]:https://www.youtube.com/watch?v=nicvyhrmTDs one), I kept getting these annoying "Sign in to view this video" gateway pages. If you want to view them anyway without logging in, you can use this [def|bookmarklet]:https://en.wikipedia.org/wiki/Bookmarklet I cobbled together: _
_ _ Youtube nologin _ As with all bookmarklets, drag that link to your toolbar, and click it later as you need it. -- Sec
posted at: 12:18 | Category: /tidbits | permanent link to this entry | 3 comments (trackback)

Wed, 09 May 2012

Er druckt nicht!
_

~

~ *Update*: Inzwischen gab es ein CUPS-update, und jetzt druckts auch wieder. Ich lass den Artikel trotzdem mal hier stehen als Anleitung wie man ein Paket festnagelt... [def|Ubuntu]:http://www.ubuntu.com/ 12.04 (auch [def|Precise Pangolin]:https://wiki.ubuntu.com/DevelopmentCodeNames genannt) hat derzeit ein kleines Druckproblem. Hintergrund ist das Upgrade von [def|cups]:http://www.cups.org/ 1.5.0 auf 1.5.2 das wohl bei verschiedenen Leuten Probleme auslöst: z.B. [hier]:https://bugs.launchpad.net/ubuntu/+source/cups/+bug/995111 und [hier]:https://bugs.launchpad.net/ubuntu/+source/cups/+bug/992468. Die kurzfristige Lösung ist ein downgrade auf die alte cups Version. Der Trick dabei ist, das man die aus dem Repository der vorherigen Ubuntu-Version (11.04, oneiric) holen muss. Also einmal das alte Repo hinzufügen. % !cmdx! % cat << EOF >>/etc/apt/sources.list.d/old-packages.list % deb http://de.archive.ubuntu.com/ubuntu/ oneiric main restricted % deb-src http://de.archive.ubuntu.com/ubuntu/ oneiric main restricted % EOF Und dann die cups-version festnageln. % !cmdx! % cat << EOF >/etc/apt/preferences.d/cups % Package: cups % Pin: version 1.5.0-8 % Pin-Priority: 1001 % EOF Ein schnelles: % !cmdx! % apt-get update; apt-get install cups bringt einem dann die alte cups-version und wieder funktionierendes Drucken ein. Wer das (später) wieder loswerden will, ein % !cmdx! % rm /etc/apt/sources.list.d/old-packages.list /etc/apt/preferences.d/cups % apt-get update; apt-get upgrade sollte alles wieder in den Ursprungszustand versetzen. -- Sec
posted at: 18:18 | Category: /tidbits | permanent link to this entry | 1 comment (trackback)

Tue, 29 Mar 2011

Arte Video download
[Fefe]:http://blog.fefe.de/ bloggt in letzter Zeit lauter Links in die Arte Mediathek. Leider gibt es den Kram dort nur gestreamt, und nicht zum runteladen. Dafür gibt es zwar das praktische [rtmpdump]:http://rtmpdump.mplayerhq.hu/, aber man muss immer noch die URL des Streams rausfummeln. Zusätzlich dazu gibt es noch eine pseudo-Security in der der Client einen passenden Hash mitschicken muss, sonst bricht der Stream nach kurzer Zeit ab. Weil mich das schon beim zweiten mal genervt hat, hab' ich ein kleines Script geschrieben, was sich für einen durch die .xmls wuselt, und die passende Kommandozeile für rtmpdump zusammenbastelt. Die komfortable Version ist ein [Greasemonkey(-Script]:https://addons.mozilla.org/en-US/firefox/addon/greasemonkey/ [arte_rtmpdump.user.js]:arte-video-download/arte_rtmpdump.user.js das beim betreten der Mediathek-Seiten einfach in einem kleinen Window den passenden Aufruf von rtmpdump anzeigt. Wer nicht so auf Browser-Integration steht kann mein kleines [def|perl(-script]:http://www.perl.org/ [arte_rtmpdump.pl]:arte-video-download/arte_rtmpdump.pl nehmen, das braucht allerdings noch [XML::LibXML]:http://search.cpan.org/dist/XML-LibXML/ und mein [GET.pm]:arte-video-download/GET.pm als Module. Happy downloading... -- Sec *Update:* I fixed arte_rtmpdump.pl to now only require the Mediathek URL on the commandline and work from there. So no more checking the source :-)
posted at: 11:14 | Category: /tidbits | permanent link to this entry | 10 comments (trackback)

Thu, 24 Mar 2011

The tale of a TCP bug
The following post is a bit longish, and details my foray into the [def|BSD]:https://secure.wikimedia.org/wikipedia/en/wiki/Bsd [TCP/)def|IP]:https://secure.wikimedia.org/wikipedia/en/wiki/Internet_Protocol_Suite stack debugging and finding what I think is a 15-year old bug. Read more ...
posted at: 14:43 | Category: /tidbits | permanent link to this entry | 5 comments (trackback)

Thu, 17 Mar 2011

Why I would never buy a Dell PowerConnect 2724
At work, we acquired the above mentioned 24Port switch from Dell. It supports a so called "managed mode" (needs to be enabled by poking into a hole on the switch with a paperclip). Enabling that sets the switch IP to 192.168.2.1/24 -- with no way to change that. So far so annoying. Ok, I can configure an alias on my Ethernet to connect to that. When you do that, don't be impatient, the IP needs ages to come up, but eventually you will be able to ping it. I was a bit surprised that it actually only supports http on port :80, no https, no ssh, no telnet and no snmp. -- But ok, lets log in via http. The login page is not only a (well, it came out 2005, but was that really necessary?), but only works with javascript: -- WTF? Trying to login with the default credentials (user admin, empty password) results in a Error message "User name or Password is missing". Gory details about this bug... *TL;DR*: Their TCP/HTTP code is *broken*, and their support doesn't know it. Have fun. -- Sec
posted at: 10:07 | Category: /tidbits | permanent link to this entry | 15 comments (trackback)

Mon, 14 Feb 2011

Math symbols
_ {:HEAD= _ _ :} Not very exciting news, but as a result of a recent discussion on Math symbols: _ _ _ _ _ _ _ _ _ In case you need to use them anywhere, these are the codes: _
OperCLogicOther
NOT !¬~
AND &⋅ / ·
OR |
XOR ^
NAND
NOR
IMP
_ _ _ _ _ _ _ _ More Math fun in the Unicode space can be found [here]:http://www.fileformat.info/info/unicode/block/mathematical_operators/list.htm Practice safer math, -- Sec
posted at: 17:08 | Category: /tidbits | permanent link to this entry | 5 comments (trackback)

Fri, 28 Jan 2011

Mplayer interesting options
I like mplayer as a very versatile video player, just the documentation is a bit lacking at times. This is my scratchpad of options I've found useful over the years: *-af scaletempo* > To keep the pitch on your video if you play it faster/slower - Very useful to speed up slow lectures/talks and still understand what's being said. > Use [ or ] to increase/decrease video playback speed. *-af volume=20* > Increase the volume a bit, useful to boost audio over the standard maximum. *-vm -adapter 2* > Play fullscreen on your "second" video output. *-ao null* > Play without audio. If you know any other interesting options, please share them below.. -- Sec
posted at: 16:10 | Category: /tidbits | permanent link to this entry | 0 comments (trackback)

Tue, 25 Jan 2011

Android remote input
As most of you already know, I own an android mobile. Recently I wanted to add an [def|RSS]:http://en.wikipedia.org/wiki/RSS feed [def|URL]:http://en.wikipedia.org/wiki/Url to my android [def|podcast]:http://en.wikipedia.org/wiki/Podcast client, but was annoyed by the fact that I had to copy this long URL by hand. I would rather copy&paste it. As I have rooted my phone, it had to be possible one way or another. Looking around, I found no usable solutions. The most general solution would be to simulate keyboard input. Digging around a bit in Linux internals I found a way to inject key-presses via %/dev/input/events*% so I wrote a little program: [btype.c]:android-remote-input/btype.c. For those not wanting to compile it themselves, you can download the binary [here]:android-remote-input/btype. It will accept text on the command-line, or read interactively from stdin. Writing it was actually more difficult than I expected - I didn't want to hardcode the keyboard scancodes, so I had to read&parse the keymap and keylayout files which is always onerous in C. Also I learned funny %ioctl%s to find the correct device in %/dev/input% and to switch a tty to single-character input. Last but not least I had to find out how to get an android property value in C. -- Hopefully all this made the program more portable to other android devices. I hope someone finds a good use for it, let me know if you like it, Sec
posted at: 20:04 | Category: /tidbits | permanent link to this entry | 0 comments (trackback)

Sun, 16 Jan 2011

Stylish for Firefox
As regular readers here will know, I'm a big fan of the [Greasemonkey]:https://addons.mozilla.org/en-US/firefox/addon/greasemonkey/ extension - It allows the hacker in you to play with pages to your hearts content. Visit [http://userscripts.org/]:http://userscripts.org/ to see what people have created with it. But today I wanted to tell you about [Stylish]:https://addons.mozilla.org/en-US/firefox/addon/stylish/. It presents a nice UI for adding custom URL-based stylesheets. Okay, granted, nothing you couldn't do with Greasemonkey if you wished, but it's really easy and quick to do. Case in point today: The [Android-Developers Blog]:http://android-developers.blogspot.com/ has an annoying problem. If you visit it while using [def|NoScript]:https://addons.mozilla.org/en-US/firefox/addon/noscript/, it disables scrolling so you can't read the whole article without enabling [def|JavaScript]:http://en.wikipedia.org/wiki/JavaScript. -- Stylish to the rescue: % !cmdx! @namespace url(http://www.w3.org/1999/xhtml); % % @-moz-document domain("android-developers.blogspot.com") { % html, body { % overflow: visible !important; % } % } On a related note: If you always wanted to know what exactly "!important" does in CSS, check [here]:http://htmlhelp.com/reference/css/structure.html#cascade -- Sec
posted at: 13:38 | Category: /tidbits | permanent link to this entry | 0 comments (trackback)

Thu, 18 Nov 2010

OLE Compound Format Extractor
Today, a colleague asked me to help him extract a logo as a file from an [openoffice]:http://www.openoffice.org/ document. This is a task which seems easy enough, given that [def|%.odt%]:http://en.wikipedia.org/wiki/OpenDocument documents are essentially [def|%zip%]:http://en.wikipedia.org/wiki/ZIP_%28file_format%29 files. Extracting the %.odt% revealed (among other files) two interesting files: "%Object 1%" and "%ObjectReplacements/Object 1%". Using [def|%file%]:http://linux.die.net/man/1/file to determine the file-types was quite unhelpful - on two different machines I got: % Object 1: Microsoft Office Document % Object 1: CDF V2 Document, corrupt: Cannot read summary info And the other file stays enigmatic: % ObjectReplacements/Object 1: data The ObjectReplacements file starts out with % 0000000: 5643 4c4d 5446 0100 3100 0000 0000 0000 VCLMTF..1....... which some [def|googling]:http://en.wikipedia.org/wiki/Google_%28verb%29 reveals to be a "%StarView Meta file%". - This is an openoffice internal format, supposed to have the extension %.svm% and can be opened by [OO Draw]:http://www.openoffice.org/product/draw.html. But I wanted to get at the original file. Both suggestions from %file(1)% are wrong, but the "%Microsoft Office Document%" actually points in the right direction... Checking in %META-INF/manifest.xml% gives us the supposed mime-type of "%application/vnd.sun.star.oleobject%" and further googling shows us that this is an so called "%OLE Compound File%". Now while I could easily find a Windows program to parse this file, I found no such thing for Unix. -- Which lead me to a quick hack using [def|perl]:http://www.perl.org/ and [OLE::Storage_Lite]:http://search.cpan.org/~jmcnamara/OLE-Storage_Lite-0.19/lib/OLE/Storage_Lite.pm to crate "[cfx]:ole-compound-file/cfx.pl" the compound file extractor. % !cmdx! % ice:~/ole>./cfx Object\ 1 % - Root Entry % x \x{01}Ole % x \x{03}PIC % x \x{03}META % x \x{01}CompObj % x \x{03}ObjInfo % x \x{01}Ole10Native % x \x{01}Ole10ItemName The ...Native file is the one we want. For reasons that I still don't understand you still have to delete the first four bytes from that file which in our case then reveals: % !cmdx! % ice:~/ole>file $'\001'Ole10Native % Ole% 0Native: data % ice:~/ole>dd if=$'\001'Ole10Native skip=4 bs=1 of=Fixed % 7648+0 records in % 7648+0 records out % 7648 bytes transferred in 0.025733 secs (297203 bytes/sec) % ice:~/ole>file Fixed % Fixed: PC bitmap, Windows 3.x format, % 97 x 75 x 4 the relevant [def|%.bmp%]:http://en.wikipedia.org/wiki/BMP_file_format file. Yay! -- Sec P.S.: If you have a stromg stomach, check the [file format specification]:http://download.microsoft.com/download/0/b/e/0be8bdd7-e5e8-422a-abfd-4342ed7ad886/windowscompoundbinaryfileformatspecification.pdf. P.P.S.: In the meatime I found out that [7-Zip]:http://www.7-zip.org/ can also extract OLE Compund Files. Would've been a bit easier %:-/%
posted at: 18:48 | Category: /tidbits | permanent link to this entry | 1 comment (trackback)

Fri, 12 Nov 2010

Android restore the hard way
Ich bin ja nun schon seit einiger Zeit zufriedener Besitzer eines [def|Android(-Handys]:http://en.wikipedia.org/wiki/Android_%28operating_system%29 (ein [G1]:http://www.htc.com/www/product/g1/overview.html). Durch einen bizarren Bug, und einen kleinen Fehler meinerseits habe ich meine Kontakt- und Kalender-Datenbanken verloren. [Ich synce meine Kontakte prinzipiell nicht mit Google]. Alle relevanten Datenbanken liegen bei Android alle unter %/data/data%. (Nur wer sich [def|root(-Rechte]:http://en.wikipedia.org/wiki/Root_user auf seinem Telefon gesichert hat kann ab hier fröhlich mitspielen). Die Kontakte sind unter %com.android.providers.contacts/databases/contacts.db%, die Termine unter %com.android.providers.calendar/databases/calendar.db% -- *Achtung:* immer auf den richtigen [def|Owner]:http://www.comptechdoc.org/os/linux/usersguide/linux_ugfilesp.html achten, ist ja ein Unixoides System. (Bei mir sind das momentan %app_1% für die Kontakte und %app_29% für den Kalender) -- Bei Unklarheiten einfach nachschauen wem das "%.../databases%" Directory gehört.) Mein letzte Backup dieser Files war ein [nandroid(-Backup]:http://forum.xda-developers.com/showthread.php?t=459830 - Die nandroid-Backups liegen alle auf der [def|SD-Card]:http://de.wikipedia.org/wiki/SD_Memory_Card unter %/sdcard/nandroid/% Dort pickt man sich das gewünschte Subdirectory (meistens wohl das neueste) heraus, und darin das %data.img%. Das ist jetzt ein [YAFFS2(-Image]:http://www.yaffs.net/ das man z.b. mit [unyaffs]:http://code.google.com/p/unyaffs/downloads/list (Windows-Binary [hier]:android-restore/unyaffs.exe) auspacken kann. Die passenden Files kann man nun aufs Handy verfrachten. Dabei empfiehlt es sich vorher nachzuschauen wer der richtige Owner ist, da %adb push% diesen leider überschreibt. % !cmdx! % adb shell ls -l /data/data/com.android.providers.contacts/databases/contacts.db % adb push contacts.db /data/data/com.android.providers.contacts/databases/contacts.db % adb shell chown app_1:app_1 /data/data/com.android.providers.contacts/databases/contacts.db % % adb shell ls -l /data/data/com.android.providers.calendar/databases/calendar.db % adb push calendar.db /data/data/com.android.providers.calendar/databases/calendar.db % adb shell chown app_29:app_29 /data/data/com.android.providers.calendar/databases/calendar.db Damit die Applikationen die Änderung hinter ihrem Rücken auch mitbekommen empfiehlt sich entweder ein reboot, oder ein (brutaler) restart der passenden Dienste: % !cmdx! adb shell killall android.process.acore % adb shell killall com.android.calendar Und schon sind die Daten wieder da. Yay! -- Sec
posted at: 11:37 | Category: /tidbits | permanent link to this entry | 8 comments (trackback)

Sat, 18 Sep 2010

Firefox-Addons und die Icons
Als Nachtrag zu dem [ersten Artikel]:http://blogmal.42.org/tidbits/ff-addons-order.story. Die Icons verschiedener Extensions im Statusbar wandern ja beim installieren neuer Extensions immer lustig hin und her. Im [ersten Artikel]:http://blogmal.42.org/tidbits/ff-addons-order.story hatte ich beschrieben wie man das von Hand reparieren kann. Inzwischen geht das auch deutlich einfacher. Wie? Mit der [Organise Status Bar]:http://yellow5.us/firefox/osb/ Extension. Yay, kein manuelles Gefummel mehr :-) Und wenn ich schon mal über Firefox schreibe -- meine aktuellen lieblings-Extensions: * [Adblock Plus]:https://addons.mozilla.org/en-US/firefox/addon/1865 * [Certificate Patrol]:https://addons.mozilla.org/en-US/firefox/addon/6415/ * [CookieSafe]:https://addons.mozilla.org/en-US/firefox/addon/5207 * [Echofon]:http://echofon.com/twitter/firefox/ * [Firebug]:https://addons.mozilla.org/en-US/firefox/addon/1843 * [FoxyProxy]:https://addons.mozilla.org/en-US/firefox/addon/2464 * [Ghostery]:https://addons.mozilla.org/en-US/firefox/addon/9609 * [Greasemonkey]:https://addons.mozilla.org/en-US/firefox/addon/748 * [HTML Validator]:https://addons.mozilla.org/en-US/firefox/addon/249 * [Lazarus]:https://addons.mozilla.org/en-US/firefox/addon/6984/ * [Mouse Gestures Redox]:https://addons.mozilla.org/en-US/firefox/addon/39/ * [NoScript]:https://addons.mozilla.org/en-US/firefox/addon/722 * [NoSquint]:https://addons.mozilla.org/en-US/firefox/addon/2592 * [Operator]:https://addons.mozilla.org/en-US/firefox/addon/4106 * [Organise Status Bar]:http://yellow5.us/firefox/osb/ * [RefControl]:https://addons.mozilla.org/en-US/firefox/addon/953 * [ScrapBook]:https://addons.mozilla.org/en-US/firefox/addon/427/ * [TabGroups Manager]:https://addons.mozilla.org/en-US/firefox/addon/10254/ * [TabMixPlus]:https://addons.mozilla.org/en-US/firefox/addon/1122/ * [Web Developer]:https://addons.mozilla.org/en-US/firefox/addon/60/ Welche fehlen eurer Meinung nach? -- Sec
posted at: 13:18 | Category: /tidbits | permanent link to this entry | 4 comments (trackback)

Wed, 15 Sep 2010

Fixing the alternate screen problem
Many of you probably know the annoying behaviour of console-based programs like less or vi restoring the screen after exiting so that the text you just had there vanishes. I never understood why you'd want that, and its commonly enabled by default on Linux machines. The underlying feature is called "alternate screen" and basically its a feature of your terminal (be it [def|xterm]:http://invisible-island.net/xterm/xterm.html, [gnome-term]:http://en.wikipedia.org/wiki/GNOME_Terminal or even your [def|console]:http://en.wikipedia.org/wiki/System_console). If you want to get rid of it, you have a few options: !4 Tell each and every program, not to use that feature. A prime example is the [def|less]:http://www.greenwoodsoftware.com/less/ option %"-X"%. This is useful as a quick ad-hoc solution, but not really feasible for everyday use - You don't really want to (re-)configure every program. !4 Tell your terminal not to enable this feature. %XTerm% has an option located in the /Ctrl+Middle mousebutton/ -Menu and is called "Enable Alternate Screen Switching". Turn if off and all programs within will behave nicely. If you want it for all your xterm windows, you can add something like this to your %~/.Xdefaults%: XTerm*titeInhibit: true UXTerm*titeInhibit: true If you're using gnome-terminal, this is not for you. Gnome-terminal simply provides no way to disable this feature. *Boo* !4 Lie to your programs and say your terminal doesn't support it. All (well-behaved) programs check if your terminal supports alternate screens before using them. This information is stored in the system [terminfo]:http://tldp.org/HOWTO/Text-Terminal-HOWTO-16.html or [termcap]:http://www.gnu.org/software/termutils/manual/termcap-1.3/html_mono/termcap.html database. Whether your system is using termcap or terminfo is an historical thing -- Linux/SysV based systems tend to use terminfo, BSDish systems termcap. This database has an entry for [every terminal type]:http://catb.org/esr/terminfo/ your system supports. Your terminal is stored in the %$TERM% environment variable. Go and check your %$TERM% value. It is most probably %xterm% or something similar. The capabilities for alternate screen are called %ti% and %te% in termcap and %smcup% / %rmcup% in terminfo. (*Yay!* for [gratuitous differences]:http://books.google.com/books?id=zyfk1301FBoC&lpg=PA18&ots=bXAScah3i4&dq=bsd%20sysv%20differences&pg=PA18#v=onepage&q&f=true). What we will be doing, is to override these by placing a suitably modified file in your %$HOME%. For terminfo it works like this: [def|infocmp]:http://linux.die.net/man/1/infocmp -l $TERM > $TERM.src [def|vi]:http://linux.die.net/man/1/vi $TERM.src # /remove the smcup= and rmcup= parts till the next ,/ mkdir ~/.terminfo [def|tic]:http://linux.die.net/man/1/tic $TERM.src This dumps the current entry to a file, and "compiles" it into a file in %~/.terminfo/ % after you modified it. Termcap just uses plaintext files, so go look into your system termcap file (%/usr/share/misc/termcap% or similar), and find the entry for your current %$TERM%. On my system it looks something like this: xterm|xterm-color|X11 terminal emulator:\ :ti@:te@:tc=xterm-xfree86: copy that into %~/.termcap%, and add "%:ti@:te@%" at the beginning of the second line to disable these two capabilities. As you can see from my example on FreeBSD this is done by default for %xterm% and %xterm-color%. That should fix it for you. !4 If you use [def|screen]:http://www.gnu.org/software/screen/ Lastly, if you are using screen, there is a simpler way to do it. Screen has a built-in feature to edit the termcap/terminfo for programs running inside. Simply add termcapinfo xterm* ti@:te@ to your %~/.screenrc% (of course replace %xterm% with your %$TERM% in use before you start screen) I hope this lengthy explanation did not bore you too much... -- Sec
posted at: 14:51 | Category: /tidbits | permanent link to this entry | 7 comments (trackback)
OperCLogicOther
NOT U+0021 U+00AC ¬U+007E ˜
AND U+0026 &amp;U+2227 ∧U+2022 U+00B7
OR U+007C U+2228 ∨
XOR U+22BBU+2295 ⊕
NAND U+22BCU+2191 ↑
NOR U+22BDU+2193 ↓
IMP U+2192 →
<< older

powered by blosxom
in 1.00 s