Gl.ib.ly (glibly); Just another techie blog. http://gl.ib.ly/templates/default/img/s9y_banner_small.png http://gl.ib.ly/ 2010-03-11T00:44:57Z Serendipity 1.3.1 - http://www.s9y.org/ en Tariq 2010-03-11T00:26:40Z 2010-03-11T00:44:57Z http://gl.ib.ly/wfwcomment.php?cid=41 0 http://gl.ib.ly/rss.php?version=atom1.0&type=comments&cid=41 http://gl.ib.ly/archives/41-guid.html Installing SNMPD (with remote access) on Debian 5/Lenny
Today we're installing snmpd so that we can query our debian server from another remote server that will use snmp in alert scripts and pretty graphing software.

Snmpd installation is a little obtuse so here is how to do the installation on Debian Lenny.


  • Install snmpd with: sudo apt-get install snmpd

  • You should be using RCS/git/etc when editing system files at work. So use the appropriate techniques for checking in and out all config files. If you're a home user don't worry about this step; or, maybe you should. Muhahahaha! Eh, *cough*.

  • Open /etc/snmp/snmpd.conf and change to the following:
    # sec.name source community
    #com2sec paranoid default public
    #com2sec local localhost public
    com2sec local localhost mysecretcommunity
    com2sec readonly 192.168.XXX.XXX mysecretcommunity
    #com2sec readwrite default private

    Here mysecretcommunity is the uber secret name of your community. Change this to something other than public or mycommunity -- let common sense prevail. 192.168.XXX.XXX is the IP address of your remote server that will query snmpd.

  • Change /etc/default/snmpd so that it contains the following line: 
    SNMPDOPTS=’-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid’

    Notice the lack of 127.0.0.1?

  • Save the file!

  • Restart snmpd with sudo /etc/init.d/snmpd restart.

  • Test snmpd locally: 
    snmpwalk -Os -c mysecretcommunity -v 1 localhost system

  • Test snmpd remotely from 192.168.XXX.XXX: 
    snmpwalk -Os -c mysecretcommunity -v 1 192.168.YYY.YYY system


    Here 192.168.YYY.YYY is the IP address of the debian server hosting snmpd.

  • Verify test outputs look like:
    ...
    sysObjectID.0 = OID: netSnmpAgentOIDs.10
    sysUpTimeInstance = Timeticks: (1201) 0:00:12.01
    sysContact.0 = STRING: root
    sysName.0 = STRING: irsplsemos01
    sysLocation.0 = STRING: Unknown
    sysORLastChange.0 = Timeticks: (0) 0:00:00.00
    sysORID.1 = OID: snmpFrameworkMIBCompliance
    sysORID.2 = OID: snmpMPDCompliance
    sysORID.3 = OID: usmMIBCompliance
    sysORID.4 = OID: snmpMIB
    sysORID.5 = OID: tcpMIB
    sysORID.6 = OID: ip
    sysORID.7 = OID: udpMIB
    sysORID.8 = OID: vacmBasicGroup
    ...


    • Thats all folks!
debian lenny snmp snmpd snmpwalk tidbits Tariq 2010-01-18T16:23:02Z 2010-01-18T16:25:39Z http://gl.ib.ly/wfwcomment.php?cid=40 0 http://gl.ib.ly/rss.php?version=atom1.0&type=comments&cid=40 http://gl.ib.ly/archives/40-guid.html iTunes could not connect to iPhone. An error occurred while reading from the device.
After implementing tethering on my jailbroken iPhone 3Gs on 3.0 I got the following error from iTunes when I connected the iPhone to my PC with USB cable:


iTunes could not connect to iPhone. An error occurred while reading from the device.


I restarted iTunes but the error persisted. Then I followed the golden rule, if it isn't working then reset. So that is what I did. Hold the power button and home button until the white Apple logo appears. Once your phone reboots (may take a while) you should be able to connect it to iTunes again.
connection error iphone itunes reset tethering tidbits Tariq 2009-11-27T18:20:00Z 2009-11-27T22:04:37Z http://gl.ib.ly/wfwcomment.php?cid=39 0 http://gl.ib.ly/rss.php?version=atom1.0&type=comments&cid=39 http://gl.ib.ly/archives/39-guid.html Ann skips bail. Cue forensics puzzle.
Found a website and a forensics contest yesterday quite by accident. I was waiting for somebody before going out for the night and I thought this might be a little fun while I waited. Now the contest had closed and the results where available, which I ignored until the end and went straight to Puzzle #2: Ann skips bail.

The puzzle revolves around a packet capture of Ann's network taken by wily investigators before she skipped bail. Police are confident that she communicated with a secret lover prior to her disappearance. And so follows a number of competition questions. It is important to note that the organizers are looking for the most elegant solutions, and you won't see that here. What you will see is how to solve the puzzle very quickly.

1. What is Ann’s email address?
2. What is Ann’s email password?
3. What is Ann’s secret lover’s email address?
4. What two items did Ann tell her secret lover to bring?
5. What is the NAME of the attachment Ann sent to her secret lover?
6. What is the MD5sum of the attachment Ann sent to her secret lover?
7. In what CITY and COUNTRY is their rendez-vous point?
8. What is the MD5sum of the image embedded in the document?

I downloaded the packet dump file from the organiser's site and verified the hash using md5 as I am on a Mac, otherwise md5sum does the job.

I fired up wireshark and opened the packet capture file. There appeared to be a good bit of SMTP traffic. So I did a quick

grep -an "To:.*\|From:*\|Subject:.*" evidence02.pcap


on the packet dump which revealed the following.


From: "Ann Dercover" <sneakyg33k@aol.com>
To: <sec558@gmail.com>
Subject: lunch next week
From: "Ann Dercover" <sneakyg33k@aol.com>
To: <mistersecretx@aol.com>
Subject: rendezvous


Its clear that Ann Dercover's email address is sneakyg33k@aol.com. This is the answer to question 1. We also see she sent two emails. One to mistersecretx@aol.com, could this be Ann's secret lover? I expanded the grep to 

grep -aA50 "mistersecretx@aol.com" evidence02.pcap


This gives me 50 lines after and including lines matching mistersecretx@aol.com.


To: <mistersecretx@aol.com>
Subject: rendezvous
Date: Sat, 10 Oct 2009 07:38:10 -0600
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_000D_01CA497C.9DEC1E70"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2180
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180

This is a multi-part message in MIME format.

------=_NextPart_000_000D_01CA497C.9DEC1E70
Content-Type: multipart/alternative;
boundary="----=_NextPart_001_000E_01CA497C.9DEC1E70"


------=_NextPart_001_000E_01CA497C.9DEC1E70
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Hi sweetheart! Bring your fake passport and a bathing suit. Address =
attached. love, Ann
------=_NextPart_001_000E_01CA497C.9DEC1E70
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

...SNIP...

Hi sweetheart! Bring your fake passport =
and a=20
bathing suit. Address attached. love, Ann

...SNIP...

------=_NextPart_000_000D_01CA497C.9DEC1E70
Content-Type: application/octet-stream;
name="secretrendezvous.docx"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="secretrendezvous.docx"

Wow. So mistersecretx@aol.com IS the email address of Ann's lover. This is the answer to question 3. We also see in her message she instructs them to "bring your fake passport and bathing suit", this is the answer to question 4. Towards the bottom we see an attachment that probably appears later than the lines we grep'd called secretrendezvous.docx which will appear base64 encoding. This is the answer to question 5.

I then returned to wireshark, looking down through the packets I quickly see SMTP traffic with C: DATA fragment which tells us this traffic was broken up into smaller pieces. This is likely to be an email with a large attachment. I right clicked on one of these packets as shown below and clicked on Follow TCP Stream as shown below.



This gives me the following.

220 cia-mc07.mx.aol.com ESMTP mail_cia-mc07.1; Sat, 10 Oct 2009 15:37:56 -0400
EHLO annlaptop
250-cia-mc07.mx.aol.com host-69-140-19-190.static.comcast.net
250-AUTH=LOGIN PLAIN XAOL-UAS-MB
250-AUTH LOGIN PLAIN XAOL-UAS-MB
250-STARTTLS
250-CHUNKING
250-BINARYMIME
250-X-AOL-FWD-BY-REF
250-X-AOL-DIV_TAG
250-X-AOL-OUTBOX-COPY
250 HELP
AUTH LOGIN
334 VXNlcm5hbWU6
c25lYWt5ZzMza0Bhb2wuY29t
334 UGFzc3dvcmQ6
NTU4cjAwbHo=
235 AUTHENTICATION SUCCESSFUL
MAIL FROM: <sneakyg33k@aol.com>
250 OK
RCPT TO: <mistersecretx@aol.com>
250 OK
DATA
354 START MAIL INPUT, END WITH "." ON A LINE BY ITSELF
Message-ID: <001101ca49ae$e93e45b0$9f01a8c0@annlaptop>
From: "Ann Dercover" <sneakyg33k@aol.com>
To: <mistersecretx@aol.com>
Subject: rendezvous
Date: Sat, 10 Oct 2009 07:38:10 -0600
MIME-Version: 1.0
Content-Type: multipart/mixed;
.boundary="----=_NextPart_000_000D_01CA497C.9DEC1E70"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2180
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180

This is a multi-part message in MIME format.

------=_NextPart_000_000D_01CA497C.9DEC1E70
Content-Type: multipart/alternative;
.boundary="----=_NextPart_001_000E_01CA497C.9DEC1E70"


------=_NextPart_001_000E_01CA497C.9DEC1E70
Content-Type: text/plain;
.charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Hi sweetheart! Bring your fake passport and a bathing suit. Address =
attached. love, Ann
------=_NextPart_001_000E_01CA497C.9DEC1E70
Content-Type: text/html;
.charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2900.2853" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>Hi sweetheart! Bring your fake passport =
and a=20
bathing suit. Address attached. love, Ann</FONT></DIV></BODY></HTML>

------=_NextPart_001_000E_01CA497C.9DEC1E70--

------=_NextPart_000_000D_01CA497C.9DEC1E70
Content-Type: application/octet-stream;
.name="secretrendezvous.docx"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
.filename="secretrendezvous.docx"

UEsDBBQABgAIAAAAIQDleUAGfwEAANcFAAATAAgCW0NvbnRlbnRfVHlwZXNdLnhtbCCiBAIooAAC
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC0
VMluwjAQvVfqP0S+VsTQQ1VVBA5dji1S6QcYexKsepNttr/vOEBEKQSpwCVSPH7LPI/dHy61yubg
g7SmIL28SzIw3AppqoJ8jd86jyQLkRnBlDVQkBUEMhzc3vTHKwchQ7QJBZnG6J4oDXwKmoXcOjBY
Ka3XLOKvr6hj/JtVQO+73QfKrYlgYicmDjLov0DJZipmr0tcXjtxpiLZ83pfkiqI1Amf1ulBhAcV
9iDMOSU5i9gbnRux56uz8ZQjst4TptKFOzR+RCFVfnvaFdjgPjBMLwVkI+bjO9PonC6sF1RYPtPY
dd5Oc8CnLUvJocEnNucthxDwlLTKm4pm0mz9H/VhZnoCHpGXN9JQnzQR4kpBuLyDNW+bPIY18tYF
imd3tj6kgRUgOngeDnyU0MzP0fwDxIjpX6P5DXNb+/UoRrymQOtv7+wMapqTkiVe5TGbKDhb78/4
N9QnTSxg8nm19HfI24w088et/0cY2zcroQ9MHa2f5cEPAAAA//8DAFBLAwQUAAYACAAAACEAHpEa
t/MAAABOAgAACwAIAl9yZWxzLy5yZWxzIKIEAiigAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIyS20oDQQyG7wXfYch9N9sKItLZ3kihdyLr
A4SZ7AF3Dsyk2r69oyC6UNte5vTny0/Wm4Ob1DunPAavYVnVoNibYEffa3htt4sHUFnIW5qCZw1H
zrBpbm/WLzyRlKE8jDGrouKzhkEkPiJmM7CjXIXIvlS6kBxJCVOPkcwb9Yyrur7H9FcDmpmm2lkN
aWfvQLXHWDZf1g5dNxp+Cmbv2MuJFcgHYW/ZLmIqbEnGco1qKfUsGmwwzyWdkWKsCjbgaaLV9UT/
X4uOhSwJoQmJz/N8dZwDWl4PdNmiecevOx8hWSwWfXv7Q4OzL2g+AQAA//8DAFBLAwQUAAYACAAA
ACEApOAquCABAAA6BAAAHAAIAXdvcmQvX3JlbHMvZG9jdW1lbnQueG1sLnJlbHMgogQBKKAAAQAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACsk01OwzAQhfdI3MHynjgpUBCq0w1C6hbCAdxkkljE
P7KnQG7PKFKbVJSwycbSvCjvfZ7xbLbfpmOfEKJ2VvIsSTkDW7pK20by9+Ll5pGziMpWqnMWJO8h
8m1+fbV5hU4h/RRb7SMjFxslbxH9kxCxbMGomDgPlr7ULhiFVIZGeFV+qAbEKk3XIkw9eH7myXaV
5GFX3XJW9J6S//d2da1LeHblwYDFCxEiAiLdLJKnCg2g5EclIU4uLiM8LImA1BoY84dSDGc2x7Ba
kiFi39EcxyYM9Vx8tmS8PZg9BJrDSHCS5iDWS0LUzmKh9t1kFidpDuJ+SQhtaBfGLhiotBKDmCWe

...SNIP: not publishing the whole thing, its a bit long. See the whole thing?

JZ2ekPwNAAD//wMAUEsBAi0AFAAGAAgAAAAhAOV5QAZ/AQAA1wUAABMAAAAAAAAAAAAAAAAAAAAA
AFtDb250ZW50X1R5cGVzXS54bWxQSwECLQAUAAYACAAAACEAHpEat/MAAABOAgAACwAAAAAAAAAA
AAAAAAC4AwAAX3JlbHMvLnJlbHNQSwECLQAUAAYACAAAACEApOAquCABAAA6BAAAHAAAAAAAAAAA
AAAAAADcBgAAd29yZC9fcmVscy9kb2N1bWVudC54bWwucmVsc1BLAQItABQABgAIAAAAIQA6Q0kI
FQQAAFgKAAARAAAAAAAAAAAAAAAAAD4JAAB3b3JkL2RvY3VtZW50LnhtbFBLAQItAAoAAAAAAAAA
IQBg7VaATPYCAEz2AgAVAAAAAAAAAAAAAAAAAIINAAB3b3JkL21lZGlhL2ltYWdlMS5wbmdQSwEC
LQAUAAYACAAAACEAlrWt4pYGAABQGwAAFQAAAAAAAAAAAAAAAAABBAMAd29yZC90aGVtZS90aGVt
ZTEueG1sUEsBAi0AFAAGAAgAAAAhAIkUT0qVAwAAcQgAABEAAAAAAAAAAAAAAAAAygoDAHdvcmQv
c2V0dGluZ3MueG1sUEsBAi0AFAAGAAgAAAAhAErYipK7AAAABAEAABQAAAAAAAAAAAAAAAAAjg4D
AHdvcmQvd2ViU2V0dGluZ3MueG1sUEsBAi0AFAAGAAgAAAAhADVKHsm+CgAALFoAAA8AAAAAAAAA
AAAAAAAAew8DAHdvcmQvc3R5bGVzLnhtbFBLAQItABQABgAIAAAAIQCQUuGobwEAANcCAAARAAAA
AAAAAAAAAAAAAGYaAwBkb2NQcm9wcy9jb3JlLnhtbFBLAQItABQABgAIAAAAIQAXVdHWCQQAAMsZ
AAASAAAAAAAAAAAAAAAAAAwdAwB3b3JkL251bWJlcmluZy54bWxQSwECLQAUAAYACAAAACEAu6G5
NXECAACGCAAAEgAAAAAAAAAAAAAAAABFIQMAd29yZC9mb250VGFibGUueG1sUEsBAi0AFAAGAAgA
AAAhAKVR8wbYAQAA2QMAABAAAAAAAAAAAAAAAAAA5iMDAGRvY1Byb3BzL2FwcC54bWxQSwUGAAAA
AA0ADQBEAwAA9CYDAAAA

------=_NextPart_000_000D_01CA497C.9DEC1E70--

.
250 OK
QUIT
221 SERVICE CLOSING CHANNEL


You may or may not realise that parts of the communication are base64 encoded. Lets take a look at some information encoded at the beginning of this communication again.


AUTH LOGIN
334 VXNlcm5hbWU6
c25lYWt5ZzMza0Bhb2wuY29t
334 UGFzc3dvcmQ6
NTU4cjAwbHo=
235 AUTHENTICATION SUCCESSFUL


Here Ann is authenticating with the service. Her responses are shown in red, and as you can see they're a bit cryptic; however, they look like they are encoded in base64. So we run the following two commands.


$ echo "c25lYWt5ZzMza0Bhb2wuY29t" | openssl base64 -d
sneakyg33k@aol.com
$ echo "NTU4cjAwbHo=" | openssl base64 -d
558r00lz

Note: $ is the command prompt, what follows it is the command with output in green.

So we find Ann's email password is 558r00lz. This the answer to question 2.

Next we have a look at the attachment which is base64 encoded. We copy all the blue text above and paste into a file called attachment.b64 and issue the following commands.


$ openssl base64 -d < attachment.b64 > secretrendezvous.docx
$ md5 secretrendezvous.docx
MD5 (secretrendezvous.docx) = 9e423e11db88f01bbff81172839e1923


This decodes the data and outputs to secretrendezvous.docx. We can open the file, verifying it is good and thus the md5 sum of 9e423e11db88f01bbff81172839e1923 is the answer to question 6. When we open the file we see an image like the one below.



This tells us that Ann was off to Playa del Carmen in Mexico. This is the answer to question 7. We only now need to get the md5 sum of the image in the document. This is easy enough as we can just do the following:


$ unzip secretrendezvous.docx -d attachment
Archive: out-1.docx
inflating: attachment/[Content_Types].xml
inflating: attachment/_rels/.rels
inflating: attachment/word/_rels/document.xml.rels
inflating: attachment/word/document.xml
extracting: attachment/word/media/image1.png
inflating: attachment/word/theme/theme1.xml
inflating: attachment/word/settings.xml
inflating: attachment/word/webSettings.xml
inflating: attachment/word/styles.xml
inflating: attachment/docProps/core.xml
inflating: attachment/word/numbering.xml
inflating: attachment/word/fontTable.xml
inflating: attachment/docProps/app.xml


The only image file in there is attachment/word/media/image1.png. Open it up to verify it is the business and then just do


$ md5 attachment/word/media/image1.png
MD5 (attachment/word/media/image1.png) = aadeace50997b1ba24b09ac2ef1940b7


This is the answer to question 8, and we're finished. That was quick! The answers have been published so you can verify. Now that person has turned up and is dragging me away from my computer so that's all for now.
forensics grep puzzle security tcpdump wireshark Tariq 2009-09-11T19:27:31Z 2009-09-11T19:27:31Z http://gl.ib.ly/wfwcomment.php?cid=38 0 http://gl.ib.ly/rss.php?version=atom1.0&type=comments&cid=38 http://gl.ib.ly/archives/38-guid.html Skype mute and unmute keyboard shortcuts in Mac OSX 10.5
Ever do phone conferences? Ever put your microphone on mute only to be asked a question and then scramble your mouse to unmute your microphone? Well I do all of the above, well, until I came across a forum post at the Skype forums. I gave the guy's suggestion a go using ⌘M as the mute/unmute button but that only minimized the window. So, instead, I chose ⌘Z and it worked a charm; note, you will need to wait a little after call starts ringing before you can hit the keyboard shortcut. Plus, the keys are nice and close on the keyboard.

 keyboard mac osx shortcut skype tidbits Tariq 2009-09-03T21:22:34Z 2009-09-04T18:29:59Z http://gl.ib.ly/wfwcomment.php?cid=37 0 http://gl.ib.ly/rss.php?version=atom1.0&type=comments&cid=37 http://gl.ib.ly/archives/37-guid.html Fixing binary merge conflicts in git
Git is an awesome tool for managing your code. However, it does take a while to get used to doing things in git. One question I get asked a bit too often is "how do I resolve binary merge conflicts"? Thankfully this is is pretty easy. I usually run the git mergetool command to allow me to resolve merge conflicts using a graphical interface and then manipulate the resultant files on the command line.

You can specify which editor to use in your ~/.gitconfig file. Favourites are kdiff3, vimdiff, xxdiff, and opendiff. If your on Mac OSX then you may be used to FileMerge, in which case you should be using opendiff in your .gitconfig; see below.

...
[merge]
tool = opendiff
...



So, when you are using mergetool option you will something like:
Normal merge conflict for 'lib/yui/assets/skins/sam/editor-sprite.gif':
{local}: created
{remote}: created
Hit return to start merge resolution tool (opendiff):


I just hit return so the editor opens, it will probably warn you the file is binary. In a separate terminal window navigate to the directory where the file is in and do an ls; you'll see something like what is below:
editor-sprite.gif
editor-sprite.gif.BACKUP.41930.gif
editor-sprite.gif.LOCAL.41930.gif
editor-sprite.gif.REMOTE.41930.gif


In this case editor-sprite.gif.REMOTE.41930.gif is the new file and editor-sprite.gif is the original file. To resolve the conflict just copy the REMOTE file over the original file. In my case it would be cp editor-sprite.gif.REMOTE.41930.gif editor-sprite.gif. However, I use the following one liner to resolve these conflicts more generically.


ls *.REMOTE.* | sed "s/\(\(.*\).REMOTE.*\)/cp \1 \2/g" | sh
 


I have it in shell script in my path so I just run it when I need to resolve these types of conflicts. It just finds files with REMOTE in them and then issues a cp command to copy that file over the original.

Hope this helps!

Outside of git mergetool you can just add the binary files using git add file1 file2 ....
 binary git howto merge mergetool one liners opendiff sed tidbits Tariq 2009-07-29T17:16:52Z 2009-07-29T19:01:55Z http://gl.ib.ly/wfwcomment.php?cid=36 3 http://gl.ib.ly/rss.php?version=atom1.0&type=comments&cid=36 http://gl.ib.ly/archives/36-guid.html Setting Google search language in Firefox 3.5 on the Mac
While traveling around the place I have been highly annoyed at the Firefox search box's default behavior for Google search. While in the Middle East it shows me RTL pages in Arabic. Well you can easily fix this on the Mac!

Just open the file /Applications/Firefox.app/Contents/MacOS/searchplugins/google.xml in an editor. I normally use vim, so: vim /Applications/Firefox.app/Contents/MacOS/searchplugins/google.xml or you could let your OS decide open /Applications/Firefox.app/Contents/MacOS/searchplugins/google.xml at the terminal.

You should see something like:

...
<Url type="text/html" method="GET" template="http://www.google.com/search">
  <Param name="q" value="{searchTerms}"/>
  <Param name="ie" value="utf-8"/>
  <Param name="oe" value="utf-8"/>
  <Param name="aq" value="t"/>
  <!-- Dynamic parameters -->
  <Param name="rls" value="{moz:distributionID}:{moz:locale}:{moz:official}"/>
  <MozParam name="client" condition="defaultEngine" trueValue="firefox-a" falseValue="firefox"/>
</Url>
...


We change this to:

...
<Url type="text/html" method="GET" template="http://www.google.com/search">
  <Param name="q" value="{searchTerms}"/>
  <Param name="ie" value="utf-8"/>
  <Param name="oe" value="utf-8"/>
  <Param name="aq" value="t"/>
  <!-- Stop Google from thinking we read anything but English -->
  <Param name="hl" value="en"/>
  <!-- Dynamic parameters -->
  <Param name="rls" value="{moz:distributionID}:{moz:locale}:{moz:official}"/>
  <MozParam name="client" condition="defaultEngine" trueValue="firefox-a" falseValue="firefox"/>
</Url>
...


You can change this to any language (just change hl's value) or even country specific languages, like en_GB. When you finish editing save the file and restart Firefox (⌘Q). When using the search box you should now only see results in English.
 firefox google language plugin rant search searchplugin tidbits Tariq 2009-07-27T18:03:45Z 2009-07-27T20:05:08Z http://gl.ib.ly/wfwcomment.php?cid=35 0 http://gl.ib.ly/rss.php?version=atom1.0&type=comments&cid=35 http://gl.ib.ly/archives/35-guid.html Doing OCR on linux/Mac
Yesterday somebody gave me a USB key with ~1000 JPEGs on it. Each JPEG was a scanned page, ugh, and the task was to find some useful information about topic X. Now each JPEG was about 1-2mb and I needed to do something useful with these images quickly. So what follows is quick walk through of how to do Optical Character Recognition (OCR, that means taking silly image files and ripping out any text identified in them) on Linux or in my case a Mac.

Continue reading "Doing OCR on linux/Mac"
bash computer forensics dictionary forensics imagemagick linux mac ocr password programming scanned script strings tesseract tidbits unpaper Tariq 2009-07-24T15:51:59Z 2009-07-24T17:43:24Z http://gl.ib.ly/wfwcomment.php?cid=34 0 http://gl.ib.ly/rss.php?version=atom1.0&type=comments&cid=34 http://gl.ib.ly/archives/34-guid.html Encoding audio and removing file extensions from files
Earlier today I got a massive SCORM object that contained lots of mp3 files. They were all high quality files, so I wanted to cut them down in size for web use. For this purpose I am using ffmpeg which you can easily get for Windows, Linux or Mac. I tried the following on a Mac, but it should also work on Linux (paths permitting) and on Windows if you are using something like cygwin.

I highly recommend you get familiar with ffmpeg as it is amazingly useful. Just check out the man pages; swf to avi, avi to something that works on ipods, all a breeze!

Continue reading "Encoding audio and removing file extensions from files"
ffmpeg find moving one liners optimisation renaming sed sh tidbits Tariq 2009-07-16T15:43:53Z 2009-07-16T15:43:53Z http://gl.ib.ly/wfwcomment.php?cid=33 1 http://gl.ib.ly/rss.php?version=atom1.0&type=comments&cid=33 http://gl.ib.ly/archives/33-guid.html Forwarding multiple mails in Google Mail
One gripe I have had for years is the inability in Google mail to forward more than one message at a time. I am not sure why it hasn't been implemented after all these years; scared of extra traffic, spam? Anyhows, this rant brings me to some new functionality Tasks. Now I could rant on about this a bit because IMHO it sucks ass right now, but hey, a move in the right direction. If it works well in six months I'd be happy.

But I'd be mucho mucho happier with the ability to forward multiple mails.

P.s. Anyone else notice the ultra crap quality of attached images when you click 'view' instead of 'download' lately?

P.s.s. This all doesn't negate the fact that Google Mail, overall, is awesome.
email forwarding google rant rants tidbits Tariq 2009-07-01T16:13:47Z 2009-07-01T16:51:21Z http://gl.ib.ly/wfwcomment.php?cid=30 0 http://gl.ib.ly/rss.php?version=atom1.0&type=comments&cid=30 http://gl.ib.ly/archives/30-guid.html Authentication usability gripes
For the longest time I have been unhappy with password masking in GUIs. I never really saw the point and a whole host of functionality has been developed to help users out when dealing with passwords; browsers remember and auto-populate password fields for users. I use many passwords, even have my own encrypted password lists, however, I only use a handful of sites everyday and I know those passwords pretty well. This doesn't stop me from making errors while typing complicated 10-16 character passwords -- three in a row is not unheard of and then you have to deal with unreadable CAPTHAs. Seeing the password reinforces the context in which the password is used and helps users learn them off more quickly.

A much better option is to use a screen privacy filter to stop a wide audience from snooping over your shoulder.

This is just one of those gripes that was rekindled when I read The Problem with Password Masking.
computers gui password rant security tidbits Tariq 2009-06-30T23:59:17Z 2009-07-24T17:46:52Z http://gl.ib.ly/wfwcomment.php?cid=29 0 http://gl.ib.ly/rss.php?version=atom1.0&type=comments&cid=29 http://gl.ib.ly/archives/29-guid.html Auto corrupting your PDF files
A few weeks ago I came across a blog post which showed you how to corrupt your own pdf files. That post was in response to the interweb ate my homework post from Bruce Schneier.

Anyhows, Didier's method is fairly simple -- there are many other ways todo this like truncating the file or inserting some randomness using dd and /dev/urandom. So lets automate it.


Continue reading "Auto corrupting your PDF files"
corruption pdf security sed tidbits Tariq 2009-06-24T20:44:00Z 2009-07-02T18:34:35Z http://gl.ib.ly/wfwcomment.php?cid=28 1 http://gl.ib.ly/rss.php?version=atom1.0&type=comments&cid=28 http://gl.ib.ly/archives/28-guid.html All configuration variables in Moodle code - Part two?
Earlier we looked at how you can extract a list of all the $CFG variables in your Moodle code. Now that's not of much use! We need to know where in the code all these variables hide. I feel some spooky awk a coming on.
Continue reading "All configuration variables in Moodle code - Part two?"
awk cfg computers configuration variables grep moodle one liners Tariq 2009-06-23T21:50:46Z 2009-07-25T16:57:54Z http://gl.ib.ly/wfwcomment.php?cid=27 0 http://gl.ib.ly/rss.php?version=atom1.0&type=comments&cid=27 http://gl.ib.ly/archives/27-guid.html Searching compressed Apache logs
From time to time things tend to go wrong and systems tend to go crazy. Sometimes these errors are more of nuisance than anything else, an intermittent annoyance you'd prefer not to investigate -- trawling through logs is a pain in the backside. Now you need to take a peak at those compressed Apache error log files, ugh! Well before you look for suitable places to hang some rope try running some expressions across a certain number of files. Normally you'd only want to look at logs for the last 7 days, so lets give that a go.
Continue reading "Searching compressed Apache logs"
apache bunzip2 compressed find grep gzip logs one liners tidbits xargs Tariq 2009-02-26T17:51:30Z 2009-02-26T22:24:09Z http://gl.ib.ly/wfwcomment.php?cid=26 0 http://gl.ib.ly/rss.php?version=atom1.0&type=comments&cid=26 http://gl.ib.ly/archives/26-guid.html Downsides of using Tor
Shows Google being used over the Tor network, but Google thinks I no speaky the English.
Shows Google being used over the Tor network, but Google thinks I no speaky the English.

A small inconvenience I am sure! Well that and speed, which is horrendous.

Some interesting links: Nice overview of Onion and Garlic routing, Low-Cost Traffic Analysis of Tor, Low-Resource Routing Attacks Against Anonymous Systems, Shining Light in Dark Places:
Understanding the Tor Network (are the authors in jail for wire tapping?) and Tor hack proposed to catch criminals (or anyone, don't expect all the kids to play fair). For some background check out Privacy on the Line: The Politics of Wiretapping and Encryption.

Edit: The researchers did not go to jail.
anonymity google onion router security tidbits tor Tariq 2009-02-07T20:43:07Z 2009-02-07T20:59:59Z http://gl.ib.ly/wfwcomment.php?cid=25 0 http://gl.ib.ly/rss.php?version=atom1.0&type=comments&cid=25 http://gl.ib.ly/archives/25-guid.html Rubber hose attacks!


Awesome! Hot linked from xkcd. Also, checkout wikipedia for more details on what the Russians do and how public key crypto could get you killed or landed in jail (if you live in the uk).

 comic crypto deniable encryption rip rubber hose security tidbits xkcd