Archive

Author Archive

Bitwise operations with Python

September 14, 2015 Leave a comment

http://blog.didierstevens.com/programs/translate/

Translate.py is a Python script to perform bitwise operations on files (like XOR, ROL/ROR, …). You

specify the bitwise operation to perform as a Python expression, and pass it as a command-line argument.

translate.py malware malware.decoded ‘byte ^ 0x10’


Direct download: https://didierstevens.com/files/software/translate_v2_0_0.zip
Categories: Python

Removing old, unused Linux kernel headers/modules from Ubuntu

July 14, 2015 Leave a comment

Taken from here: https://ubuntugenius.wordpress.com/2011/01/08/ubuntu-cleanup-how-to-remove-all-unused-linux-kernel-headers-images-and-modules/

When I’m cleaning up disk space on Ubuntu, I like to start here. This command will clean up old Linux kernels/headers:

dpkg -l 'linux-*' | sed '/^ii/!d;/'"$(uname -r | sed "s/\(.*\)-\([^0-9]\+\)/\1/")"'/d;s/^[^ ]* [^ ]* \([^ ]*\).*/\1/;/[0-9]/!d' | xargs sudo apt-get -y purge
Categories: Uncategorized

Fix PuTTY Colors

April 14, 2015 1 comment

Do you find the default colors within PuTTY to be often too dark to read?

image source: http://www.darkrune.org/blog/?p=213

With a couple snippets of PowerShell you can update all your existing saved PuTTY sessions to use a more readable shade of blue.

Get-ItemProperty -Path HKCU:\Software\SimonTatham\PuTTY\Sessions\* | foreach-object {set-itemproperty -path $_.pspath -name Colour14 -value "38,139,210"}
Get-ItemProperty -Path HKCU:\Software\SimonTatham\PuTTY\Sessions\* | foreach-object {set-itemproperty -path $_.pspath -name Colour15 -value "38,139,210"}

And now it’s much easier to read:
after

If you prefer the very nice ZenBurn theme, run these PowerShell commands and all your saved PuTTY session (including the Default) will be updated to use it:

$Theme_ZenBurn=@{
	"Colour0"="220,220,204";
	"Colour1"="220,220,204";
	"Colour2"="58,58,58";
	"Colour3"="58,58,58";
	"Colour4"="0,13,24";
	"Colour5"="143,175,159";
	"Colour6"="0,0,0";
	"Colour7"="85,85,85";
	"Colour8"="215,135,135";
	"Colour9"="215,135,135";
	"Colour10"="160,192,160";
	"Colour11"="160,192,160";
	"Colour12"="255,255,135";
	"Colour13"="255,255,135";
	"Colour14"="101,121,142";
	"Colour15"="101,121,142";
	"Colour16"="241,140,150";
	"Colour17"="241,140,150";
	"Colour18"="140,208,211";
	"Colour19"="140,208,211";
	"Colour20"="255,255,255";
	"Colour21"="255,255,255";
}

### Pick a theme
$NewPuttyColors = $Theme_ZenBurn

foreach ($setting in $NewPuttyColors.GetEnumerator()) {
    Write-Host "$($setting.Name): $($setting.Value)"
    Get-ItemProperty -Path HKCU:\Software\SimonTatham\PuTTY\Sessions\* | foreach-object {set-itemproperty -path $_.pspath -name $setting.Name -value $setting.Value}
}

Write-Host "Completed applying new PuTTY color profile to all existing sessions."

I personally prefer the Solarized theme. Run these PowerShell commands to change all your current (and Default) sessions to use this theme:

image source: http://lkhill.com/reminder-solarized-for-better-terminals/


$Theme_Solarized=@{
	"Colour0"="131,148,150";
	"Colour1"="147,161,161";
	"Colour2"="0,43,54";
	"Colour3"="7,54,66";
	"Colour4"="0,43,54";
	"Colour5"="238,232,213";
	"Colour6"="7,54,66";
	"Colour7"="0,43,54";
	"Colour8"="220,50,47";
	"Colour9"="203,75,22";
	"Colour10"="133,153,0";
	"Colour11"="88,110,117";
	"Colour12"="181,137,0";
	"Colour13"="101,123,131";
	"Colour14"="38,139,210";
	"Colour15"="38,139,210";
	"Colour16"="211,54,130";
	"Colour17"="108,113,196";
	"Colour18"="42,161,152";
	"Colour19"="147,161,161";
	"Colour20"="238,232,213";
	"Colour21"="253,246,227";
}

### Pick a theme
$NewPuttyColors = $Theme_Solarized

foreach ($setting in $NewPuttyColors.GetEnumerator()) {
    Write-Host "$($setting.Name): $($setting.Value)"
    Get-ItemProperty -Path HKCU:\Software\SimonTatham\PuTTY\Sessions\* | foreach-object {set-itemproperty -path $_.pspath -name $setting.Name -value $setting.Value}
}

Write-Host "Completed applying new PuTTY color profile to all existing sessions."
Categories: Uncategorized

Python pip and vcvarsall on Windows

April 9, 2015 Leave a comment

Linking to this SO answer and re-posting it here, as I seem to search for it every few weeks or so:

For Windows installations:

While running setup.py for package installations, Python 2.7 searches for an installed Visual Studio 2008. You can trick Python to use a newer Visual Studio by setting the correct path in VS90COMNTOOLSenvironment variable before calling setup.py.

Execute the following command based on the version of Visual Studio installed:

  • Visual Studio 2010 (VS10): SET VS90COMNTOOLS=%VS100COMNTOOLS%
  • Visual Studio 2012 (VS11): SET VS90COMNTOOLS=%VS110COMNTOOLS%
  • Visual Studio 2013 (VS12): SET VS90COMNTOOLS=%VS120COMNTOOLS%
Categories: Programming, Python, Tech, Windows

FSExploitMe and Exploit-Exercises

March 17, 2015 Leave a comment

If you are interested in learning about ActiveX exploitation, security researcher/consultant/professor Brad Antoniewicz has created FSExploitMe for just that purpose.

You’ll want a copy of Internet Explorer 8 to get the most out of it, but fortunately you can get a VM running IE8 for *free* from Microsoft.

And if you are interested in getting deeper into Linux exploitation, exploit-exercises.com has pre-built VM’s with capture-the-flag style levels and challenges for each level. It also has challenges for beginners to expert and is designed to teach:

[…]about a variety of computer security issues such as privilege escalation, vulnerability analysis, exploit development, debugging, reverse engineering, and general cyber security issues.

Categories: Disassembly, Linux, Tech, Windows

Visualizing Garbage Collection

February 16, 2015 Leave a comment

Visual guide to understanding garbage collection algorithms!

Categories: Programming, Tech

Data::Dumper formatting

October 8, 2014 Leave a comment

I look this up about every couple weeks, so I’m posting it here for posterity. In order to nicely format Data::Dumper output…

I almost always set

$Data::Dumper::Indent = 1;
$Data::Dumper::Sortkeys = 1;

with Data::Dumper. The first statement makes the output more compact and much more readable when your data structure is several levels deep. The second statement makes it easier to scan the output and quickly find the keys you are most interested in.

If the data structure contains binary data or embedded tabs/newlines, also consider

$Data::Dumper::Useqq = 1;

which will output a suitable readable representation for that data.

Much more in the perldoc.

Categories: Perl, Tech