survietamine's microblog

iptables conntrack contexts

Thu, 04 Oct 2012 11:04:54 +0200

On a high load iptables gateway, for fine tunings (with sysctl) the ip_conntrack_max value, it might be useful to know how much contexts are used.

Here a way :

awk 'FNR==2 { print "ibase=16;"toupper($1) }' /proc/net/stat/ip_conntrack | bc

smtp-source

Fri, 07 Sep 2012 09:34:33 +0200

For testing or benchmarking purpose of your postfix server, you can send e-mail with the package included program : smtp-source.

It is easier than writing a script using tools like the mail command.

A brief example :

smtp-source \
-s10 -l1024 -m20 -c -M “anti.solit.ude” \
-S “You are not alone” -f ican@help.you -t local_part@domain.tld \
-4 127.0.0.1:25

-s 10 : 10 sessions at a time
-l 1024 : 1024 bytes length
-m 20 : 20 messages count
-M : followed by the hostname
-S : followed by the subject
-f : followed by the From: header
-t : followed by the To: header
-4 : using IPv4
127.0.0.1:25 : are the host:port here

Galaxy S wifi 5.0

Tue, 10 Apr 2012 04:35:00 +0200

hello in there, was a long time that I did not write something.

And this time, it’ll be kind of “special”, not unix related.
Just a memo about my fresh experience with my new Android toy.
I should have done that even for the previous ones :
Nokia N800 & Nokia N810 (ok these are not running Android, but were precursors with some better way in mind called Maemo)
HTC Magic, HTC Hero, HTC Legend, HTC Desire : now I’m no more an HTC’s fan.
Archos 5 IT, Archos 70 IT : french pride, ok their products are cheap
ZTE Blade : chinese prid, ok their products are cheap
Motorola Defy : I like its form factor and I wanted an TI OMAP soc (with Imagination SGX graphics like iPhone) instead of the Qualcomm that equiped HTC and other brands but I missed somehow amoled screen, sometimes (shiny times) it’s a pain to read on this LCD.

Of course, everytime i buy (second hand) an Android toy, the main purpose is to get rid of the software package (locked firmware) provided.
The main steps people are trying to achieve are : rooting and bootloader unlocking.

Why on earth do we need to root Android (yes, it’s potentially dangerous) ?
Like with Apple’s idevices jailbreak, you will be able to get more features.
A few examples : Titanium backup (backup apps and their settings included system apps) and overclock/downclock (setcpu, setvsel…) require to be root.

Why do we need a new bootloader ?
ClockWorkMod the most popular one will give you the ability to (not exhaustive) : save everything (rom + all data) in an archive onto the SD card and restore it later.
You can also do somes specials tricks like : wipe all, wipe cache partition, wipe dalvik cache, wipe battery stats…

So, that is, I needed (or like to spend my times fighting with new toys) root and ClockWorkMod on my new Samsung Galaxy S wifi 5.0 (aka Samsung Galaxy S Player 5 in the USA).

I bought it refurbished from Pixmania and at 1st run (Android initialisation), it proposes me only US, UK and some weird languages.
I think because it came from another part of the world.
Samsung distribute differents firmwares depending on the regional sells.

An Over-The-Air (OTA) update or via Kies didn’t provide me French language.
It’s not a real problem for the UI but I prefer to get French because contents of the Market (renamed to Play Store now) differs and it’s not handy to write French with the english keyboard and you won’t have suggestions because of the dictionary.
OK, I know I can install some 3rd party keyboards, actually I’ve used some (SmartKeyboard, PerfectKeyboard, Adaptxt, GO keyboard…)… but I WANTED to play with my new toy ! :)

Some steps/requirements :

Samsung Kies and the drivers : the adb drivers are required for acting on the dark side. Kies is just crappy, worth the iTunes, I just installed it to have my own jugement…
read pages on XDA and some others dedicated forums/web pages.
after reading these users/developpers contributions some tools seem to be useful :
Odin : this Windows software will help you to push software to your Samsung devices. You may do same tricks with adb commands (provided by Android SDK)
I used version 1.85 for my tests
some exploits to get root : zergRush and SuperOneClick (it uses zergRush for this device, just provides an UI for novices)
some kernels and custom roms (like the well known CyanogenMod of course and MIUI)

For now, this is the state of these hacking :

zergRush v4 (latest one) will be able to root (install superuser apk) to this device (YP-G70CW) only with some firmwares.
I successfully used it when I downgraded to official FroYo (2.2.2) ROM : G70XXKD6-REV00-PDA-low-CL1001984
and with chinese/korean Gingerbread (2.3.6) official rom : G70ZCKP9
but it wasn’t able to root the latest (march 2012) INTL Gingerbread (2.3.6) version : YP-G70_XET_G70XXKPH_G70XXKPH_G70XXKPH
Odin is very useful, I had bricked my new toy and it saved my life
boot time buttons shortcuts :
hold VolumeUP+power and then release Power when Samsung logo appears will brings the official recovery (Android System Recovery 3e). You will be able to wipe all/factory reset with that tool
hold VolumeDOWN+home+power to get into “Downloading” mode. This mode will allow you to push some software (firmware, kernels, addons…) with Odin or others methods.
patching Rumirand’s kernel r14 (well known as rj’s kernel) will provide you ClockWorkMod in place of ASR 3e. I patched it over official INTL 2.3.6 rom
CyanogenMod 7 (CM7) is not final (RC1) and have some bugs : no backlit on the buttons (you’ll have to change screen’s backlight to get it to work), camcorder (video recorder) doesn’t work and icons of the apps launcher are really crappy (no antialiasing)…
CM7 is Gingerbread (2.3.7) based.
CyanogenMod 9 (CM9) is at beta stage : I had to apply a patch (noisyfox’s one) to get my buttons working. It is very cute and smooth compared to CM7 but I cannot keep it at this time on my device.
CM9 is Ice Cream Sandwich (ICS) based the latest Android provided only with the latest devices (starting with Google Galaxy Nexus).
Why ? Because hardware video decoders are not yet supported.
I tried to play some 720p videos dumped from YouTube (with TubeMate) and MX player wasn’t able to switch to HW mode (software mode is ready bad).

So, waiting for CyanogenMod (all my others Android toys, except Archos ones run
CyanogenMod) enhancements, I use this device with Official 2.3.6 and rumirand’s kernel.

There is a bug : while plugged to the computer with USB cable, if I shut it down (the PMP, not the computer), it will boot loop, have to disconnect it.

cisco mac to unix mac with Vim

Fri, 03 Feb 2012 16:33:00 +0100

suppose you have cisco MAC addresses like that :

0011.432A.E9EB
000D.5684.8F8A
000B.DB73.5681
000B.DB73.535C
000D.567E.D2A5
000D.567E.F8A6
000B.DB73.5490
000D.567E.C7B8
000D.567F.304A
0011.432A.F0A5
000F.1FE6.D90F
000B.DB73.49FA
000D.567F.30AD
000D.567E.D173
000D.567F.2E5B

and would like to convert it :

:%s/\.//g
:%s/$[0-9A-E]\{2\}$$[0-9A-E]\{2\}$$[0-9A-E]\{2\}$$[0-9A-E]\{2\}$$[0-9A-E]\{2\}$$[0-9A-E]\{2\}$/\1:\2:\3:\4:\5:\6/g

then obtain :

00:11:43:2A:E9:EB
00:0D:56:84:8F:8A
00:0B:DB:73:56:81
00:0B:DB:73:53:5C
00:0D:56:7E:D2:A5
00:0D:56:7E:F8:A6
00:0B:DB:73:54:90
00:0D:56:7E:C7:B8
00:0D:56:7F:30:4A
00:11:43:2A:F0:A5
00:0F:1F:E6:D9:0F
00:0B:DB:73:49:FA
00:0D:56:7F:30:AD
00:0D:56:7E:D1:73
00:0D:56:7F:2E:5B

claws-mail reply model

Thu, 26 Jan 2012 16:04:26 +0100

tired of Mozilla Thunderbird, I’m testing (more deeply this time) claws-mail.

One funny feature is the Model writing script (see settings).
Here follows my reply-model script :

%cursor %account_sig (i) en réponse au message de %fullname (%email), (i) du %date_fmt{%d/%m/%Y} à %date_fmt{%H:%M}, ?s{intitulé "%subject", } !s{sans sujet (!)} (i) adressé à : %to ?c{(i) en copie à : %cc \n}?i{(i) message id : %messageid } %quoted_msg_no_sig

[find] using -regextype

Fri, 24 Jun 2011 10:51:00 +0200

I don’t know about you.

But for me it’s a pain to escape special chars like that :

[survietamine@desktop omsa-live]$ find -iregex '.*$contact\|dset$.*' ./DSET_Report_for_Centrapel[localhost.localdomain-SvcTag-16H3F4J-PER710].zip ./data/tmpreport/dsetinfo.xml ./data/xml/oma/docs/dset.css ./data/linux/dsetmemory ./data/linux/dsetboot ./data/linux/xml/dsetboot.xml ./data/linux/xml/dsetmemory.xml ./data/linux/xml/dsetnetwork.xml ./data/linux/xml/dsetmodules.xml ./data/linux/xml/dsetstorage.xml ./data/linux/dsetnetwork ./data/linux/dsetstorage ./data/linux/dsetmodules ./data/dell/DSET ./data/dell/DSET/dsetinfo.log ./data/dell/DSET/omsaliteinstall.log ./data/dell/DSET/omsaload.log ./data/dell/DSET/CDDVDDeviceEnumerator.log ./data/dell/DSET/IdeDevDiagEnumeration.log ./data/dell/DSET/SysReader.log ./data/dell/DSET/ScsiDevDiagEnumeration.log ./gui/contactinfo.htm ./gui/dset.css ./gui/images/productname-dset.gif ./gui/dsetreport.hta ./dsetreport.hta

So, I think it’s better to set an aliases that add ‘-regextype posix-extended’ (or whatever extended regexp you prefer), to be able to write like this :

[survietamine@desktop omsa-live]$ find -regextype posix-extended -iregex '.*(contact|dset).*' ./DSET_Report_for_Centrapel[localhost.localdomain-SvcTag-16H3F4J-PER710].zip ./data/tmpreport/dsetinfo.xml ./data/xml/oma/docs/dset.css ./data/linux/dsetmemory ./data/linux/dsetboot ./data/linux/xml/dsetboot.xml ./data/linux/xml/dsetmemory.xml ./data/linux/xml/dsetnetwork.xml ./data/linux/xml/dsetmodules.xml ./data/linux/xml/dsetstorage.xml ./data/linux/dsetnetwork ./data/linux/dsetstorage ./data/linux/dsetmodules ./data/dell/DSET ./data/dell/DSET/dsetinfo.log ./data/dell/DSET/omsaliteinstall.log ./data/dell/DSET/omsaload.log ./data/dell/DSET/CDDVDDeviceEnumerator.log ./data/dell/DSET/IdeDevDiagEnumeration.log ./data/dell/DSET/SysReader.log ./data/dell/DSET/ScsiDevDiagEnumeration.log ./gui/contactinfo.htm ./gui/dset.css ./gui/images/productname-dset.gif ./gui/dsetreport.hta ./dsetreport.hta

[imageMagick] easy resize of images with ratio keeping

Wed, 22 Jun 2011 09:58:00 +0200

ImageMagick is a real swiss knife for people that want to manipulate pictures.
In this post, I’ll only give an easy way to resize an image and keep its proportions.

Suppose you have an nice wallpaper (eg, downloaded from Vlad Studio site) on your “full HD” (ok, now i’m supposed to say “hd 1080p”…), and your girlfriend wants it on her laptop which resolution is 1440x900.

Consider these assertions :
1980x1080 is the TV/cinema (16/9) format (now imported to most computer monitors)
1440x900 is an computer format (16/10)

Their ratios are :
16/9 (or 1920/1080) : 1.77777777777777777777
16/10 (or 1440/900, 1280/800, 1920/1200) : 1.6

In this example, i’ll only use 2 ImageMagick commands (see documentation for more) :

syntax : convert image_src -resize geometry image_dst

example :
[survietamine@desktop Downloads]$ identify vladstudio_atlantis_docking_1920x1080.jpg vladstudio_atlantis_docking_1920x1080.jpg JPEG 1920x1080 1920x1080+0+0 8-bit DirectClass 529KB 0.000u 0:00.000 [survietamine@desktop Downloads]$ echo '1920/1080' | bc -l 1.77777777777777777777 [survietamine@desktop Downloads]$ convert vladstudio_atlantis_docking_1920x1080.jpg -resize 1440 vladstudio_atlantis_docking_1440.jpg [survietamine@desktop Downloads]$ identify vladstudio_atlantis_docking_1440.jpg vladstudio_atlantis_docking_1440.jpg JPEG 1440x810 1440x810+0+0 8-bit DirectClass 351KB 0.000u 0:00.000 [survietamine@desktop Downloads]$ echo '1440/810' | bc -l 1.77777777777777777777

For more information about the ‘geometry’ section of ImageMagick :
http://www.imagemagick.org/script/command-line-processing.php?#geometry

chmod +X

Fri, 31 Dec 2010 12:38:00 +0100

For those that already know well how to change permissions, this memo won’t be usefull.
Maybe, it can be usefull to some others.

umask is generally fixed to 022.
This mask will be applied every times you create files and directories.

For directories, umask will be combinated with max permissions 0777 :
0777 - 022 = 755 (rwxr-xr-x)
For files, umask will be combinated with 0666 :
0666 - 022 = 644 (rw-r—r—)

You can change umask() value for 1 user or the whole system.

But, sometimes, you don’t want to do that and need to set permissions for only 1 directory.

example :
Suppose you (leader of a project) have 1 directory with normal 755.
Now, you want to share it with your team, you want to put it in some share.
On the share, now you want 750 for directories and 640 for files.

So you start with something like this :
drwxr-xr-x leader team 15 oct. 2009 /some/common/directory

You want : group (team) to be able to read files and directories above /some/common/directory

By doing : chmod -R g+r /some/common/directory
All files will be readable by group (team).
But the bad is that directories need ‘x’ bit to be accessed.
If you do : chmod -R g+x /some/common/directory
You’ll set ‘x’ for files and directories.

Before starting to write a script based on `find -type d`, have a look at `chmod +X` (X in capital) will ask chmod to set ‘x’ only where needed.
It will set ‘x’ only for directories.
So, for our case, something like this :
chmod -R go-rx /some/common/directory
chmod -R g+rX /some/common/directory

[proxy] SSL interception using squid

Thu, 30 Dec 2010 09:54:00 +0100

In this article, I’ll show you how to configure Squid to act like an ‘man-in-the-middle’ with HTTPS connections.
If you’re not doing that for yourself (eg : your company/association, you MUST tell people about that, it is ILLEGAL).

credits : to achieve this, I mainly have read this documentation (but I did not yet implement dynamic certificates generation) :
http://wiki.squid-cache.org/Features/DynamicSslCert

Normal behavior of proxies while serving HTTPS sites is to “not acting as mandatoring”.
The connection between the web site and the client is direct.

The only thing you can see in logs (access.log) is ip/fqdn address with method CONNECT (instead of GET/POST) :
1293606062.453 188 192.168.0.1 TCP_MISS/200 5595 CONNECT secured.site.org:443 - DIRECT/12.34.56.78 -

As Squid don’t know about URL, you will only be able to write an ACL that focus on the domain (eg : dstdomain) or ip address.

If for some reasons, you need to allow an HTTPS site (domain/ip), but want to forbid an URL on it, this can be done with usage of ssl-bump feature of Squid.

installation :
As this is not normal behaviour and you break the trust on SSL by doing this, many distros won’t provide this feature in their binary packages.
If you are running on Debian based distro, you’ll need to get the sources of Squid and to compile it with ‘—enable-ssl’ option.
For now, I personnaly gave up with Debian/Ubuntu for this Squid mitm install and did it with ArchiLinux and it works like a charm.
self-signed certificate (pem format) generation :
openssl req -new -newkey rsa:1024 -days 3650 -nodes -x509 -keyout your.company.com.pem -out your.company.com
if needed, you can generate the certificate to import on browsers (to avoid the warnings about the security breach) :
openssl x509 -in www.yourcompany.com.pem -outform DER -out www.yourcompany.com.der
Squid configuration (squid.conf) :
I post here only important parts.

acl …
acl …
# you must have CONNECT acl
acl CONNECT method CONNECT

acl clientsboxes dstdomain www.secure.clientsboxes.com
acl nationalbank dstdomain www.nationalbank.biz

# write some ACL to test URL filter on HTTPS (interception)
acl rebootbox url_regex ^https://www.secure.clientsboxes.com/path/*to/*reboot/*servers

acl dropaccount url_regex ^https://www.nationalbank.biz/*showmethemoney/*dropthisaccount

# maybe not in the future, but we need this :
always_direct allow all

# permissions sections (allow / deny)
http_access allow…
http_access allow…
http_access allow…
http_access deny …
http_access deny …
http_access deny …

# some sites need this :
sslproxy_cert_error allow nationalbank
#sslproxy_flags DONT_VERIFY_PEER

# ssl_bump means that you want to intercept (MITM) this SSL connection
ssl_bump allow clientsboxes
ssl_bump allow nationalbank

# and we don’t want to intercept others SSL sites :
ssl_bump deny all

# now, you can tell Squid you want to forbid theses HTTPS url :
http_access deny rebootbox
http_access deny dropaccount
…
http_access allow localnet
http_access allow localhost
http_access deny all

# tell Squid you want to intercept SSL
# /!\ SSL interception is not compatible with transparent proxy
# so DON’T write here ‘intercept’ (new name for ‘transparent’)
http_port 3128 ssl-bump cert=/path/to/your/self-signed/cert/www.yourcompany.com.pem

Now, you’ll see full URL in logs and url based ACL will be operationnal.

web coding basics : REST

Wed, 29 Dec 2010 15:25:00 +0100

I see so much dirty apps and ERP with their own ways to write/exchange data ;
so if I can advice coders to re-read this article about REST regularly before writing their crappy codes [hope… ]

http://tomayko.com/writings/rest-to-my-wife

Several translations are available, below the-one for French people :
http://www.pompage.net/pompe/comment-j-ai-explique-rest-a-ma-femme/

hard disk data recovery

Mon, 27 Dec 2010 16:54:00 +0100

Recently, I had to recover data on a defective hard drive.

Informations on this page helped me : https://help.ubuntu.com/community/DataRecovery

So, this is a memo (in case the source page disappear) :

if your partition table is broken, try to fix it with tools like : testdisk, ntfsfix (ntfsprogs package)

install ddrescue (on Debian based) :
apt-get install gddrescue
ddrescue is able to build an image file of your disk/partition
try to recover maximum data, the fastest way possible :
ddrescue —no-split /dev/hda1 imagefile logfile
you can ask ddrescue to retry (3 times here) :
ddrescue —direct —max-retries=3 /dev/hda1 imagefile logfile
you want more (retrim = reread full sector) ?
ddrescue —direct —retrim —max-retries=3 /dev/hda1 imagefile logfile
now, you can install foremost
This tool will be able to read your image file to recover files and store them by mime-types (extensions) : pdf, xls, xlsx, doc, docx…
foremost can do partition to partition recovery, partition to directory
Equivalent to foremost : magicrescue, photorec, scalpel…
ask foremost to rebuild files :
mkdir -p /mnt/recovery/foremost
foremost -i image -o /mnt/recovery/foremost

of course, the destination of recovered files must not be on the junk drive !

[ssh] remove hash for an host

Mon, 23 Aug 2010 10:11:00 +0200

When connecting to a new host, the corresponding RSA fingerprint is showing up and you are prompted to add it

This hash is checked every time you connect to the host.
If this hash has changed (OS reinstall, servers upgrade/switching…), a warning is displayed and you are not able to connect to the host.

OK, you can delete the line by editing ~/.ssh/known_hosts file.
But the proper way is the following via ssh-keygen command :

[survietamine@mybox ]$ ssh-keygen -R remoteHost
/home/survietamine/.ssh/known_hosts updated.
Original contents retained as /home/survietamine/.ssh/known_hosts.old

[archlinux] VirtualBox post-installation steps

Tue, 17 Aug 2010 12:03:00 +0200

This is printed after installation of virtualbox-sun package.
So, if you prefer virtualbox-ose (Open Source Edition) since Sun is now a part of Oracle, check these points :

»> NOTE:
»> - Run “sudo /etc/rc.d/vboxdrv setup”, every time your kernel is upgraded,
»>    to compile virtualbox driver modules for a new kernel version.
»> - Add your users to the vboxusers group:
»>      gpasswd -a USERNAME vboxusers
»> - Customize your “/etc/conf.d/vboxdrv”; usually, defaults are OK.
»> - Add “vboxdrv” to DAEMONS array in your “/etc/rc.conf”, if needed.
»> - If USB does not work for you out-of-the-box, add the following line
»>    to your “/etc/fstab”:
none /proc/bus/usb usbfs auto,busgid=108,busmode=0775,devgid=108,devmode=0664 0 0
Dépendances optionnelles pour virtualbox-sun
    dkms: for building and loading VirtualBox modules
    qt: for Oracle VirtualBox QT4 GUI on X-Window System
    sdl: for Oracle VBoxSDL and VirtualBox GUI on console
    vfuse: for mounting VBox (VDI/VMDK/VHD) disk images

clonezilla-live config

Tue, 08 Jun 2010 17:45:00 +0200

unlike Microsoft Windows, unix-like systems installation like BSD or GNU/Linux need only a few GB
usb sticks with 8 GB and more are now really cheap
yes, clonezilla is fine
yes, clonezilla server version is very fine
but sometimes, it’s pretty fine too to be able to backup and restore system disks/partitions images from only 1 usb stick.
so let’s go

As I spent some time on this project, I wrote here a memo about “clonezilla live” on USB stick config

Here are the few importants highlights, in near future, i’ll post an complete version with all commands :

create the clonezilla like described on their page
boot on the USB stick and choose “clonezilla-live in RAM” mode under “Other clonezilla-live modes” menu.
if you booted the “in RAM” version, you could select your usb stick in the “user_local” window
select the root (/) directory from the usb stick to store the image
give it a explicit name, my choose is “YYYYMMDD-model-osversion”
when image is created, mount the stick and move the image directory (for me : /YYYYMMDD-model-osversion) to /home/partimage directory of the usb stick
for automated restoration modify the file /syslinux/syslinux.cfg with a section like this (under MENU) :
label restore mybox
MENU DEFAULT
# MENU HIDE
MENU restore mybox
# MENU PASSWD
kernel /live/vmlinuz
append initrd=/live/initrd.img boot=live union=aufs hostname=lucid quiet noswap edd=on noprompt ocs_live_run=”ocs-live-restore” ocs_live_extra_param=”-g auto -p reboot restoredisk 20100608-dell-vostro320 sda” ocs_live_keymap=”/usr/share/keymaps/i386/azerty/fr-latin9.kmap.gz” ocs_live_batch=”no” ocs_lang=”fr_FR.UTF-8” video=uvesafb:mode_option=1024x768-32 ip=frommedia nosplash
TEXT HELP
image restoration of my lovely linux box
ENDTEXT
comment out the other MENU DEFAULT entry from MENU section.

[archlinux] apt-file equivalent

Tue, 08 Jun 2010 11:37:00 +0200

pacman and yaourt are great but…
…

Q: Is there an equivalent to apt-file (GNU/Debian) that allows to search for a file within packages not installed (on repositories) ?

A: pacfile

eg :
pacfile mkfs.vfat
extra/dosfstools-3.0.9-1 sbin/mkfs.vfat
extra/dosfstools-3.0.9-1 usr/share/man/man8/mkfs.vfat.8.gz

update : it’s now pkgfile instead

parallel ssh

Wed, 28 Apr 2010 09:55:00 +0200

pssh and consors are usefull if you administrate a huge number of *nix boxes.

But adding hundred of fingerprints on your ~/.ssh/known_hosts file may take some time.

On a trusted network, here how to bypass this, by using SSH option :

add SSH option (-O) “StrictHostKeyCheckin=no” to the pssh, pscp, pslurp… command

e.g :
pssh -P -h machines.list -O=StrictHostKeyChecking=no uptime

transparent xlock

Fri, 09 Apr 2010 08:57:26 +0200

@work, when i leave my desk, i have to lock the screen because of open spaces conditions.

But, one of my monitors displays is used for servers monitoring purpose.
To enable my coworker to watch it i don’t want animation when screen is locked.

This does work with the xlockmore package :

xlock -mode blank -geometry 1x1

[wii] wbfs management

Mon, 30 Nov 2009 13:40:00 +0100

Xmas and a lot of gifts “duty” are coming…

My son wish for Xmas is a Wii.

As I prefer him not to switch Optical media, i browse the web for infos about the scene.

Yes, even if the DVD media backups copies can work with some loaders, I prefer to prevent alteration, then reburn (slow burning is required for Wii, I use 1x speed)…
And avoiding optical medias will save : switching time, loading time, life of the optical drive lens…

Conclusion : it’s possible to store backups directly to WBFS partition instead of ISO format. USB Loader GX was easy to install, even after last system update (4.2e) through Home Brew Channel.

The great part about that is the ability to convert back to ISO if you want to burn it.

Under GNU/Linux, getting wbfs tool to work was real kiddy :

get tarball here : http://github.com/kwiirk/wbfs
untar it with : tar xzfv kwiirk-wbfs-b607c30.tar.gz
doing ‘make’ on the untared folder
then wbfs binary is available

pre-requisites :

an empty (not formatted) partition : they recommend Gparted on the readme but, of course, you may (as I did) use others tools (fdisk…).
wbfs 1st commands (replace /dev/sdb1 with your right path) :
- wbfs -p /dev/sdb1 init : initializes your partition (be careful : 1st time only, because it will empty your partition ! )
- wbfs -p /dev/sdb1 add /path/to/your/iso : adds the game to this partition
- wbfs -p /dev/sdb1 ls : lists games on your partition
- wbfs -p /dev/sdb1 df : shows free disk space

P.S. : the ‘-p /dev/sdb1’ is optional for commands after the init

This installation works like a charm of the Wii with 2.5in USB hard drive or USB stick (even cheap ones).

about history command

Mon, 16 Nov 2009 10:03:00 +0100

history is a usefull command for many purposes like “recall a command”, investigation…

This memo is about ‘history tips’ i find useful :

add date and time :
export HISTTIMEFORMAT=”%F %T “ (or any strftime format, I prefer : %Y%m%d %F)

hide some commands, this may be usefull if you wanna type passwords (like FTP, mysql…) :
- export HISTCONTROL=ignorespace
- prefix commands you want to hide with a space
ignore some commands that are not important (for you) :
export HISTIGNORE=”pwd:ls:cd:”
re-use a previous command argument :
Suppose that, before deleting a file, i prefer to check it with ls first…
- ls -lh /path/to/the/file/i/want/to/check/myfile
- rm -f !ls:2
  :2 refers to 2nd argument i passed to command ls found in history

credits go mainly to this site : http://www.thegeekstuff.com/2008/08/15-examples-to-master-linux-command-line-history/

ettercap mitm gateway attack

Tue, 10 Nov 2009 15:45:00 +0100

Long time i didn’t sniff with ettercap, so i typed here an example command :

ettercap -T -m myVictim.log -M arp:remote /172.20.1.1/ /172.20.1.10/

# -T switch tells ettercap to use Text user interface
# -m selects and simple log file (output in the gui interface, not the ECI version)
# -M selects Man-in-the-middle attack
# arp:remote are option for MITM method
# 172.20.1.10 is the victim
# 172.20.1.1 is the gateway