Wohoo got it. This level is a timing attack. After guessing the username, the error page will show you what the password was supposed to be. It changes way to fast to just resubmit the password, so you have to figure out what the password is supposed to be and submit that...
Think timezone, curl, and md5.
2007-02-25
2007-02-20
ngsec game #3 level 1
Finally got it. wohoo.
This a blind sql injection with a twist. Thanks to everybody at the dc303 meeting Friday. I learned a lot.
Upon first inspection, game 1 doesn't seem to be susceptible to any sort of issue.
Some odd things are being set:
After being stuck, and prone to cheeting ;) ... I finally broke down and looked in the forums. Thats where someone pointed out the call to game3/level1/ajax_auth_ver3.php. Version 3 huh? Wonder if there is a version 1.
(note some of the url has been remove for formating)
*2007-02-21 - fix typo.
This a blind sql injection with a twist. Thanks to everybody at the dc303 meeting Friday. I learned a lot.
Upon first inspection, game 1 doesn't seem to be susceptible to any sort of issue.
Some odd things are being set:
name="token" value="34bu5Un3zJ3S4AxXV52pmRMW7U5PUnv2"Finally we figured out the second value was an md5sum of the 'level' value, 1. Some more messing around and we figured out that we would get a "Query String Tampered!", must be some sort of weak field verification.
name="token2" value="c4ca4 238a0b923820dcc509a6f75849b"
name="level" value="1"
After being stuck, and prone to cheeting ;) ... I finally broke down and looked in the forums. Thats where someone pointed out the call to game3/level1/ajax_auth_ver3.php. Version 3 huh? Wonder if there is a version 1.
(note some of the url has been remove for formating)
$ curl http://quiz.ngsec.com/game3/level1/ajax_auth_ver1.php?login=hax0r\&password=reet123\&token=EhCsWGA7h67qSExYP2lDvaKZ2SlPx7j5\&=c4ca4238a0b923820dcc509a6f75849b\&level=1
Error: invalid credentials.
Looks like it, wonder if this one has issues.echo -n "1 ' or 1=1" | md5sum
8cf277be3b542e7abd5458bc2ba3a7a7
$ curl http://quiz.ngsec.com/game3/level1/ajax_auth_ver1.php?login=hax0r\&password=reet123\&token=EhCsWGA7h67qSExYP2lDvaKZ2SlPx7j5\&token2=8cf277be3b542e7abd5458bc2ba3a7a7\&level=1\'+or+1=1--
Query String Tampered!
Hrm... what is going on. Messing around some more, the entry must be getting stripped. This can also be verified looking at the file ajax.js. In particular this line:
qstr = 'login=' + escape(login) + '&password='+ (password) + '&token='+ escape(token) + '&token2='+ escape(token2) + '&level='+ escape(level);
Weak sauce. Some more playing around, and we finally find out this script is indeed injectable.$ echo -n a | md5sum
0cc175b9c0f1b6a831c399e269772661
$ curl http://quiz.ngsec.com/game3/level1/ajax_auth_ver1.php?login=hax0r\&password=reet123\&token=EhCsWGA7h67qSExYP2lDvaKZ2SlPx7j5\&token2=0cc175b9c0f1b6a831c399e269772661\&level=a
Error: SQL error.
Thats good.$ echo -n "1 or 1=1" | md5sum
77a63a557cb73fffdf2247ac79e6b8f2
$ curl http://quiz.ngsec.com/game3/level1/ajax_auth_ver1.php?login=hax0r\&password=reet123\&token=EhCsWGA7h67qSExYP2lDvaKZ2SlPx7j5\&token2=77a63a557cb73fffdf2247ac79e6b8f2\&level=1+or+1=1
Error: invalid credentials.
So we are able to inject sql.
Having blown past my knowledge of sql injection a while ago, I read the forum over and over and over, as well as just about every sql injection google hit.
I don't want to give the rest away, so here are some hints.
- The answer is a UNION injection in the level field.
- The md5sum of label must match token2.
- You need something in the login and password fields.
- You want the injection to return 1 result.
*2007-02-21 - fix typo.
user input in perl
#!/usr/bin/env perl
if ( $ARGV[0] eq "" ){
while ( $num eq "" ){
print "Please enter something: ";
$num = <STDIN>;
chomp $num;
}
}
else {
$num = $ARGV[0];
}
print "You entered: $num\n";
user input in python
#!/usr/bin/env python
import sys
min = 1
if len(sys.argv) - 1 < 1:
while 1:
num = raw_input("Please enter something: ")
if len(num) > 0:
break
else:
num = sys.argv[1]
print "You entered:", num
2007-02-13
kismet with ipw3945 on fc6
Setup kismet on ipw3945 chipset. The ipw3945 packages are from the freshrpms.net depot.
$ lspci | grep 3945
03:00.0 Network controller: Intel Corporation PRO/Wireless 3945ABG Network Connection (rev 02)
$ rpm -qa | egrep "ipw3945|kismet"
ipw3945-firmware-1.13-1
dkms-ipw3945-1.2.0-1
ipw3945d-1.7.22-4
kismet-0.0.2006.04.R1-4.fc6
$ cd /usr/src/ipw3945-1.2.0-1/
$ cat Makefile
...
CONFIG_IPW3945_MONITOR=y
...
$ make
$ sudo cp ipw3945.ko /lib/modules/$(uname -r)/kernel/drivers/net/wireless/
$ cat /etc/modprobe.conf
...
install ipw3945 /sbin/modprobe --ignore-install ipw3945 ;sleep 0.5 ; /sbin/ipw3945d --quiet
remove ipw3945 /sbin/ipw3945d --kill ;/sbin/modprobe -r --ignore-remove ipw3945
...
$ modprobe ipw3945
$ sudo iwconfig eth1
eth1 unassociated ESSID:off/any
Mode:Managed Frequency=nan kHz Access Point: Not-Associated
Bit Rate:0 kb/s Tx-Power:16 dBm
Retry limit:15 RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
Link Quality:0 Signal level:0 Noise level:0
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:2641 Missed beacon:0
$ sudo iwconfig eth1 mode Monitor
$ sudo iwconfig eth1
eth1 unassociated ESSID:off/any
Mode:Monitor Frequency=nan kHz Access Point: Not-Associated
Bit Rate:0 kb/s Tx-Power:16 dBm
Retry limit:15 RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
Link Quality:0 Signal level:0 Noise level:0
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:2690 Missed beacon:0
$ sudo cat /etc/kismet/kismet.conf
...
source=ipw3945,eth1,ipw3945
...
$ kimsmet
2007-02-12
xv6700 gentoo tether
This is how I was able to tether the verizon xv6700 (htc wizard) with gentoo. Use this information at your own risk.
Configure the kernel, you need ppp, ppp_async, ipaq, uhci_hcd
Configure the kernel, you need ppp, ppp_async, ipaq, uhci_hcd
Install and configure software and kernel.
Symbol: PPP [=m]
Prompt: PPP (point-to-point protocol) support
Defined at drivers/net/Kconfig:2467
Depends on: NET
Location:
-> Device Drivers
-> Network device support
Symbol: PPP_ASYNC [=m]
Prompt: PPP support for async serial ports
Defined at drivers/net/Kconfig:2523
Depends on: NET && PPP
Location:
-> Device Drivers
-> Network device support
-> PPP (point-to-point protocol) support (PPP [=m])
Symbol: USB_SERIAL_IPAQ [=m]
Prompt: USB PocketPC PDA Driver
Defined at drivers/usb/serial/Kconfig:192
Depends on: USB!=n && USB_SERIAL
Location:
-> Device Drivers
-> USB support
-> USB Serial Converter support
-> USB Serial Converter support (USB_SERIAL [=m])
Symbol: USB_UHCI_HCD [=m]
Prompt: UHCI HCD (most Intel and VIA) support
Defined at drivers/usb/host/Kconfig:111
Depends on: USB && PCI
Location:
-> Device Drivers
-> USB support
-> Support for Host-side USB (USB [=y])
$ emerge -s wvdial pppNow, configure the phone.
$ cat /etc/wvdial.conf
[Dialer Defaults]
Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
Modem Type = Analog Modem
Phone = #777
ISDN = 0
Username = xxxxxxxxxx@vzw3g.com # This should be phonenumber@
Init1 = ATZ
Password = vzw
Modem = /dev/ttyUSB0
Baud = 460800
$ cat /etc/ppp/peers/ver
noauth
name wvdial
connect "/usr/bin/wvdial --chat Defaults"
usepeerdns
ttyUSB0
460800
modem
crtscts
defaultroute
$cat /etc/modules.autoload.d/kernel-2.6
uhci_hcd
ppp
ppp_async
ipaq vendor=0x0bbf product=0x00cf # if OS wont recognize phone, reinsert ipaq *with* options
1. Hit Send.Back on the gentoo box.
2. Enter ##3328873 and press Send
3. Enter 000000 (six zeros) for the code
4. Now Enable both the BT DUN and Wmodem
5. Tap OK several times and OK to soft reset your device
6. copy wmodem to My Device -> Windows -> Start Menu -> Programs
7. Set connection type to USB
8. click start
9. connect device to system.
$ dmesg
...
ipaq 3-1:1.0: PocketPC PDA converter detected
usb 3-1: PocketPC PDA converter now attached to ttyUSB0
usb 3-1: USB disconnect, address 2
ipaq ttyUSB0: PocketPC PDA converter now disconnected from ttyUSB0
ipaq 3-1:1.0: device disconnected
usb 3-1: new full speed USB device using uhci_hcd and address 3
$ sudo pppd call ver
$ sudo tail -f /var/log/messages
Feb 12 22:33:16 gentoo wvdial[25122]: OK
Feb 12 22:33:16 gentoo wvdial[25122]: Sending: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
Feb 12 22:33:16 gentoo wvdial[25122]: OK
Feb 12 22:33:16 gentoo wvdial[25122]: Modem initialized.
Feb 12 22:33:16 gentoo wvdial[25122]: Sending: ATDT#777
Feb 12 22:33:16 gentoo wvdial[25122]: Waiting for carrier.
Feb 12 22:33:20 gentoo wvdial[25122]: CONNECT
Feb 12 22:33:20 gentoo wvdial[25122]: Carrier detected. Waiting for prompt.
Feb 12 22:33:49 gentoo wvdial[25122]: Don't know what to do! Starting pppd and hoping for the best.
Feb 12 22:33:49 gentoo pppd[25118]: Serial connection established.
Feb 12 22:33:49 gentoo pppd[25118]: Using interface ppp0
Feb 12 22:33:49 gentoo pppd[25118]: Connect: ppp0 <--> /dev/ttyUSB0
Feb 12 22:33:50 gentoo pppd[25118]: not replacing existing default route to eth0 [xx.xx.xx.xx]
Feb 12 22:33:50 gentoo pppd[25118]: local IP address xx.xx.xx.xx
Feb 12 22:33:50 gentoo pppd[25118]: remote IP address xx.xx.xx.xx
Feb 12 22:33:50 gentoo pppd[25118]: primary DNS address xx.xx.xx.xx
Feb 12 22:33:50 gentoo pppd[25118]: secondary DNS address xx.xx.xx.xx
$ ping www.google.com
PING www.l.google.com (66.102.7.99) 56(84) bytes of data.
64 bytes from www.google.com (66.102.7.99): icmp_seq=1 ttl=243 time=227 ms
64 bytes from www.google.com (66.102.7.99): icmp_seq=2 ttl=243 time=63.1 ms
vmware libpng12.so.0
I got tired of seeing the libping12.so.0 error when I launched vmware. Here is a simple fix.
$ vmware
/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libpng12.so.0/libpng12.so.0: no version information available (required by /usr/lib/libcairo.so.2)
$ /usr/lib/vmware/lib/libpng12.so.0
$ mv libpng12.so.0 libpng12.so.0.old
$ ln -s /usr/lib/libpng12.so.0 .
$ vmware
2007-02-11
vmware with unusual resolutions
Letting your virtual OS know about an odd resolution (1280x800, 1650x1080, etc) for you host OS.
$ grep svga Windows\ XP\ Professional.vmx
svga.maxWidth = "1280"
svga.maxHeight = "800"
changing xorg resolution
Simple script to change resolution.
#!/bin/bash
# change resolution to or from 1280x1024 (monitor to laptop LCD)
#set -x
RESOLUTION=`xdpyinfo | awk '$0 ~ /dimensions/ {print $2}'`
if [ "$RESOLUTION" = "1280x1024" ];then
xrandr -s 0
else
xrandr -s 1
fi
2007-02-10
vi text format
When in vim.
With your cursor on the text, enter visual mode with 'v' then 'gq' to wrap the text.
:set textwidth=105
With your cursor on the text, enter visual mode with 'v' then 'gq' to wrap the text.
dell 710m 1280x800 resolution
This is on my gentoo laptop.
* sys-apps/855resolution
Latest version available: 0.4
Latest version installed: 0.4
Size of files: 6 kB
Homepage: http://perso.wanadoo.fr/apoirier
Description: Utility to patch VBIOS of Intel 855 / 865 / 915 chipsets.
License: public-domain as-is
* x11-drivers/xf86-video-i810
Latest version available: 1.6.5
Latest version installed: 1.6.5
Size of files: 429 kB
Homepage: http://xorg.freedesktop.org/
Description: X.Org driver for Intel cards
License: xf86-video-i810
$ cat /etc/conf.d/855resolution
...
replace[0]="5c"
with[0]="1280 800"
...
$ rc-update -a 855resolution default
2007-02-09
fixing SELinux permissions
A simple look at fixing issues with SELinux.
restoring /etc/cups from a backup, caused cups to break.
Here is the error message.
restoring /etc/cups from a backup, caused cups to break.
Here is the error message.
Feb 9 09:28:13 hostname kernel: audit(1171038493.185:76): avc: denied { read } forLooks to be a SElinux issue. Luckily I kept the original files.
pid=6918 comm="cupsd" name="services" dev=sda1 ino=2586231 scontext=user_u:system_r:cupsd_t:s0-s0:c0.c1023
tcontext=user_u:object_r:rpm_script_tmp_t:s0 tclass=file
Feb 9 09:28:13 hostname cupsd: Unable to read configuration file '/etc/cups/cupsd.conf' - exiting!
$ ls -Z /etc/cups.orig/
-rw------- root lp system_u:object_r:cupsd_rw_etc_t classes.conf
-rw-r--r-- root lp system_u:object_r:etc_t client.conf
-rw-r----- root lp system_u:object_r:cupsd_rw_etc_t cupsd.conf
-rw-r----- root lp system_u:object_r:cupsd_rw_etc_t cupsd.conf.default
drwxr-xr-x root root system_u:object_r:cupsd_etc_t interfaces
-rw-r--r-- root root system_u:object_r:cupsd_rw_etc_t lpoptions
-rw-r--r-- root root system_u:object_r:cupsd_etc_t mime.convs
-rw-r--r-- root root system_u:object_r:cupsd_etc_t mime.types
-rw-r--r-- root lp system_u:object_r:cupsd_etc_t pdftops.conf
drwxr-xr-x root lp system_u:object_r:cupsd_etc_t ppd
-rw------- root lp system_u:object_r:cupsd_rw_etc_t printers.conf
-rw------- root lp system_u:object_r:cupsd_rw_etc_t printers.conf.O
-rw-r--r-- root root system_u:object_r:cupsd_etc_t pstoraster.convs
-rw-r--r-- root lp system_u:object_r:cupsd_etc_t snmp.conf
drwx------ root lp system_u:object_r:cupsd_etc_t ssl
$ ls -Z /etc/cups/
-rw-r--r-- root lp user_u:object_r:user_home_t client.conf
-rw-r----- root lp user_u:object_r:user_home_t cupsd.conf
-rw-r----- root lp user_u:object_r:user_home_t cupsd.conf.default
drwxr-xr-x root lp user_u:object_r:user_home_t interfaces
-rw-r--r-- root lp user_u:object_r:user_home_t mime.convs
-rw-r--r-- root lp user_u:object_r:user_home_t mime.types
-rw-r--r-- root lp user_u:object_r:user_home_t pdftops.conf
drwxr-xr-x root lp user_u:object_r:user_home_t ppd
-rw------- root lp user_u:object_r:user_home_t printers.conf
-rw------- root lp user_u:object_r:user_home_t printers.conf.O
-rw-r--r-- root lp user_u:object_r:user_home_t pstoraster.convs
-rw-r--r-- root lp user_u:object_r:user_home_t snmp.conf
drwx------ root lp user_u:object_r:user_home_t ssl
$ for i in *;do echo "sudo chcon --reference ../cups.orig/$i $i";done
chcon --reference ../cups.orig/client.conf client.conf
chcon --reference ../cups.orig/cupsd.conf cupsd.conf
chcon --reference ../cups.orig/cupsd.conf.default cupsd.conf.default
chcon --reference ../cups.orig/interfaces interfaces
chcon --reference ../cups.orig/mime.convs mime.convs
chcon --reference ../cups.orig/mime.types mime.types
chcon --reference ../cups.orig/pdftops.conf pdftops.conf
chcon --reference ../cups.orig/ppd ppd
chcon --reference ../cups.orig/printers.conf printers.conf
chcon --reference ../cups.orig/printers.conf.O printers.conf.O
chcon --reference ../cups.orig/pstoraster.convs pstoraster.convs
chcon --reference ../cups.orig/snmp.conf snmp.conf
chcon --reference ../cups.orig/ssl ssl
$ for i in *;do echo "sudo chcon --reference ../cups.orig/$i $i";done|sh
$ sudo chcon --reference=/etc/cups.orig /etc/cups
$ sudo /etc/init.d/cups start
Starting cups: [ OK ]
acroread expr: syntax error
The newest Adobe Reader gave me the above error.
418 #echo $mfile| sed 's/libgtk-x11-\([0-9]*\).0.so.0.\([0-9]\)00.\([0-9]*\)\|\(.*\)/\1\2\3/g'More information from here.
419 echo $mfile| sed 's/libgtk-x11-\([0-9]*\).0.so.0.\([0-9]*\)00.\([0-9]*\)\|\(.*\)/\1\2\3/g'
644 #MIN_GTK_VERSION="240"
645 MIN_GTK_VERSION="2040"
2007-02-08
lvm2 notes
One of my boxes crashed, and would kernel panic on boot. It turned out to be an issue with the upgraded kernel, but before I figured that out I did some playing with lvm in knoppix.
root@3[~]# lvscan
inactive '/dev/VolGroup00/LogVol01' [5.84 GB] inherit
inactive '/dev/VolGroup00/LogVol03' [219.91 GB] inherit
inactive '/dev/VolGroup00/LogVol02' [5.84 GB] inherit
inactive '/dev/VolGroup00/LogVol00' [1.00 GB] inherit
root@3[~]# pvdisplay
--- Physical volume ---
PV Name /dev/hda2
VG Name VolGroup00
PV Size 232.62 GB / not usable 0
Allocatable yes
PE Size (KByte) 32768
Total PE 7444
Free PE 1
Allocated PE 7443
PV UUID JnTR2m-XuJh-ddhr-Alr5-UCZz-3m9V-rausR0
root@3[~]# vgdisplay
--- Volume group ---
VG Name VolGroup00
System ID
Format lvm2
Metadata Areas 1
Metadata Sequence No 5
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 4
Open LV 0
Max PV 0
Cur PV 1
Act PV 1
VG Size 232.62 GB
PE Size 32.00 MB
Total PE 7444
Alloc PE / Size 7443 / 232.59 GB
Free PE / Size 1 / 32.00 MB
VG UUID ChwLAR-5vp4-WWYX-SYi5-1nFS-KqT8-M0ofxk
root@3[~]# vgchange -a y
4 logical volume(s) in volume group "VolGroup00" now active
root@3[~]# lvscan
ACTIVE '/dev/VolGroup00/LogVol01' [5.84 GB] inherit
ACTIVE '/dev/VolGroup00/LogVol03' [219.91 GB] inherit
ACTIVE '/dev/VolGroup00/LogVol02' [5.84 GB] inherit
ACTIVE '/dev/VolGroup00/LogVol00' [1.00 GB] inherit
vmware server on fc6
While installing the latest vmware server on a new Fedora Core 6 box, I ran into some trouble:
More details:
http://www.vmware.com/community/thread.jspa?messageID=501053
http://www.vmware.com/community/thread.jspa?messageID=511840
http://nerdbynature.de/bits/2.6.19-rc5/
make[1]: Entering directory `/usr/src/kernels/2.6.19-1.2895.fc6-i686'With some help from google I found some sites with further information (noted below). From these sites I pieced together this solution.
CC [M] /tmp/vmware-config0/vmnet-only/driver.o
CC [M] /tmp/vmware-config0/vmnet-only/hub.o
CC [M] /tmp/vmware-config0/vmnet-only/userif.o
/tmp/vmware-config0/vmnet-only/userif.c: In function #VNetCopyDatagramToUser#:
/tmp/vmware-config0/vmnet-only/userif.c:629: error: #CHECKSUM_HW# undeclared (first use in this function)
/tmp/vmware-config0/vmnet-only/userif.c:629: error: (Each undeclared identifier is reported only once
/tmp/vmware-config0/vmnet-only/userif.c:629: error: for each function it appears in.)
make[2]: *** [/tmp/vmware-config0/vmnet-only/userif.o] Error 1
make[1]: *** [_module_/tmp/vmware-config0/vmnet-only] Error 2
make[1]: Leaving directory `/usr/src/kernels/2.6.19-1.2895.fc6-i686'
make: *** [vmnet.ko] Error 2
make: Leaving directory `/tmp/vmware-config0/vmnet-only'
Unable to build the vmnet module.
$ cd /tmpvmware-config.pl now finishes as expected.
$ cp /usr/lib/vmware/modules/source/vmnet.tar .
$ tar xf vmnet.tar
$ cd vmnet-only/
$ wget http://nerdbynature.de/bits/2.6.19-rc5/vmnet_CHECKSUM_PARTIAL.diff
$ patch -p1
patching file Makefile.kernel
patching file bridge.c
patching file userif.c
$ cd ..
$ tar cf vmnet.tar vmnet-only
$ cd /usr/lib/vmware/modules/source/
$ sudo cp vmnet.tar vmnet.tar.orig
$ sudo mv /tmp/vmnet.tar .
$ sudo vmware-config.pl
More details:
http://www.vmware.com/community/thread.jspa?messageID=501053
http://www.vmware.com/community/thread.jspa?messageID=511840
http://nerdbynature.de/bits/2.6.19-rc5/
fix statusd_volume2.lua
Original script is here
Running this script with ion3 returned
I don't really know anything about lua, but figured I would check things out. Looking at the script, here is the relevant chunk:
After some searching with our trusty google, it seems that lua doesn't work this way anymore. From the lua tutorial page here, I figured out it should actually look more like this.
Here is the relevant chunk of the fixed script.
Running this script with ion3 returned
stdin:1: attempt to concatenate global 'master_level' (a nil value)
I don't really know anything about lua, but figured I would check things out. Looking at the script, here is the relevant chunk:
Lua has a cli, just like perl or python, so I tried running part of the script manually.
local function get_volume()
local f=io.popen('amixer','r')
local s=f:read('*all')
f:close()
local _, _, master_level, master_state = string.find(s, "%[(%d*%%)%] %[(%a*)%]")
local sound_state = ""
if master_state == "off" then
sound_state = "MUTE "
end
return master_level.."", sound_state..""
end
That isn't good.
$ lua
Lua 5.1.1 Copyright (C) 1994-2006 Lua.org, PUC-Rio
> f=io.popen('amixer','r')
> s=f:read('*all')
> f:close()
> master_level=string.find(s, "%[(%d*%%)%]")
> print(master_level)
171
After some searching with our trusty google, it seems that lua doesn't work this way anymore. From the lua tutorial page here, I figured out it should actually look more like this.
Which is what we need to see for this script to work. Wohoo!
> master_level = string.sub(s, string.find(s, "%[(%d*%%)%]"))
> print(master_level)
[87%]
Here is the relevant chunk of the fixed script.
Also, here is the diff from my version of the script and the original statuds_volume2.lua script.
local function get_volume()
local f=io.popen('amixer','r')
local s=f:read('*all')
f:close()
local master_level = string.sub(s, string.find(s, "%[(%d*%%)%]"))
local master_state = string.sub(s, string.find(s, "%[(%a*)%]"))
local sound_state = ""
if master_state == "[off]" then
sound_state = "MUTE "
end
return master_level.."", sound_state..""
end
$ diff statusd_volume2.lua statusd_volume.lua
31c31,32
< local _, _, master_level, master_state = string.find(s, "%[(%d*%%)%] %[(%a*)%]")
---
> local master_level = string.sub(s, string.find(s, "%[(%d*%%)%]"))
> local master_state = string.sub(s, string.find(s, "%[(%a*)%]"))
33c34
< if master_state == "off" then
---
> if master_state == "[off]" then
2007-02-07
ion3 configurations
Relatively simple ion3 customizations
2007-02-06
less
It is possible to configure less to view several file formats in the console. This makes things easier only having to use the one command. Recently I have setup less to view .rtf .doc and .iso.
Install less, antiword, unrtf and cdrtools.
Next make sure less is setup to use the lesspipe.sh script. From the shell type
You should see something like this:
Next, open /usr/bin/lesspipe.sh, find the *gif and add the following lines above, you file should wind up looking like this:
It should now be possible to 'less word.doc' 'less word.rtf' or 'less cd.iso'.
Install less, antiword, unrtf and cdrtools.
Next make sure less is setup to use the lesspipe.sh script. From the shell type
echo $LESSOPEN
You should see something like this:
$ echo $LESSOPEN
|/usr/bin/lesspipe.sh %s
Next, open /usr/bin/lesspipe.sh, find the *gif and add the following lines above, you file should wind up looking like this:
*.doc) antiword "$1";;
*.rtf) unrtf --nopict --text "$1" ;;
*.iso) isoinfo -d -i "$1" ; isoinfo -lJ -i "$1";;
*.gif|*.jpeg|*.jpg|*.pcd|*.png|*.tga|*.tiff|*.tif)
It should now be possible to 'less word.doc' 'less word.rtf' or 'less cd.iso'.
awk notes
$NF is the last field in an awk statement. $0 is a reference to all of the fields. Simple math can be done against the $NF variable.
$ ls -al /etc/ | awk '$NF ~ /bashrc/ {print $0}'
-rw-r--r-- 1 root root 1437 Jan 31 2006 bashrc
$ ls -al /etc/bashrc | awk '{print $(NF - 3), $(NF - 2)}'
Jan 31
2007-02-05
syntax highlighting goodness
From messing with my first post, I realized I want to see my code the same way I see it in vim. Luckily vim is awesome.
:help 2html
This is not a syntax file itself, but a script that converts the current
window into HTML. Vim opens a new window in which it builds the HTML file.
You are not supposed to set the 'filetype' or 'syntax' option to "2html"!
Source the script to convert the current file: >
:runtime! syntax/2html.vim
Save the file and simply copy the resulting html into a post.
:help 2html
This is not a syntax file itself, but a script that converts the current
window into HTML. Vim opens a new window in which it builds the HTML file.
You are not supposed to set the 'filetype' or 'syntax' option to "2html"!
Source the script to convert the current file: >
:runtime! syntax/2html.vim
Save the file and simply copy the resulting html into a post.
first post
well, this is my first post. weeee. This blog is really just a place for me to keep notes, documentation, links, etc.
Solution for: The Twelve Days of Christmas Packet Challenge
I wrote a perl script to decode (base64) tcp payloads from a pcap file.
$ cat bin/tcp_base64_decode.pl
Solution for: The Twelve Days of Christmas Packet Challenge
I wrote a perl script to decode (base64) tcp payloads from a pcap file.
$ cat bin/tcp_base64_decode.pl
#!/usr/bin/perl
# Reads pcap file, decodes base64 tcp payload.
# prints sequence number and decoded data.
# syndrowm 2007-02-05
require Net::Pcap;
require NetPacket::Ethernet;
require NetPacket::IP;
require NetPacket::TCP;
require MIME::Base64;
use Net::Pcap;
use NetPacket::Ethernet qw(:strip);
use NetPacket::IP qw(:strip);
use NetPacket::TCP;
use MIME::Base64;
sub usage {
die "usage: $0 filename\n"
}
sub process_packet {
my($user_data, $header, $packet) = @_;
my $tcp_obj = NetPacket::TCP->decode(ip_strip(eth_strip($packet)));
$data = MIME::Base64::decode($tcp_obj->{data});
chomp($data);
print "$tcp_obj->{seqnum} : $data\n";
}
if ($ARGV[0] eq ""){
usage();
}
$dump = $ARGV[0];
# Open file
$pcap = Net::Pcap::open_offline($dump, \$err)
or die "Can't read '$dump': $err\n";
# loop over the packets, calling proccess_packet function
Net::Pcap::loop($pcap, 0, \&process_packet, "12 packets for me");
# close the file
Net::Pcap::close($pcap);
Subscribe to:
Posts (Atom)