Archive

Author Archive

PsExec Software Deployer

December 26, 2016 Leave a comment

About 5 years ago I wrote a GUI wrapper around PsExec to assist me with using psexec to:

  1. Copy and execute software installations on a number of remote computers
  2. Run a command on a remote system and retrieve its output
  3. Log all activity and retrieved output in a grid view that can be exported to XLS, HTML, XML, or plain text.

When I needed to run complex scripts that depended on a number of files, I would create a self-extracting EXE (using this tool) and use this PsExec Software Deployer to copy the file and run it on remote systems.

I wrote it just for my own use, but I think others might get some use out of it as well so I am open-sourcing it. I wrote it in Delphi and as such it has no external dependencies and is a single EXE (although requires psexec.exe to be downloaded).

This tool is written to be multi-threaded, so multiple deployments can occur concurrently, which greatly sped up my ability to deploy software or retrieve data from machines.

The source is available here: https://github.com/MicksMix/psexec-software-deployer

If you just want the binary, it is here: https://github.com/MicksMix/psexec-software-deployer/blob/master/bin/debug/PsExecGui.exe

Screenshots:

screenshot01screenshot02

Here’s an example using the tool’s ability to run a command on a remote system and capture its output:

example01_01example01_03example01_04

Double-clicking on the cell the red arrow is pointing to will display the full text from the command. Also, you can simply save the grid to a file (HTML, XLS, XML, or plain text).

example01_05

Categories: Tech

Bitwise operations with Python

September 14, 2015 Leave a comment

http://blog.didierstevens.com/programs/translate/

Translate.py is a Python script to perform bitwise operations on files (like XOR, ROL/ROR, …). You

specify the bitwise operation to perform as a Python expression, and pass it as a command-line argument.

translate.py malware malware.decoded ‘byte ^ 0x10’


Direct download: https://didierstevens.com/files/software/translate_v2_0_0.zip
Categories: Python

Removing old, unused Linux kernel headers/modules from Ubuntu

July 14, 2015 Leave a comment

Taken from here: https://ubuntugenius.wordpress.com/2011/01/08/ubuntu-cleanup-how-to-remove-all-unused-linux-kernel-headers-images-and-modules/

When I’m cleaning up disk space on Ubuntu, I like to start here. This command will clean up old Linux kernels/headers:

dpkg -l 'linux-*' | sed '/^ii/!d;/'"$(uname -r | sed "s/\(.*\)-\([^0-9]\+\)/\1/")"'/d;s/^[^ ]* [^ ]* \([^ ]*\).*/\1/;/[0-9]/!d' | xargs sudo apt-get -y purge
Categories: Uncategorized

Fix PuTTY Colors

April 14, 2015 1 comment

Do you find the default colors within PuTTY to be often too dark to read?

image source: http://www.darkrune.org/blog/?p=213

With a couple snippets of PowerShell you can update all your existing saved PuTTY sessions to use a more readable shade of blue.

Get-ItemProperty -Path HKCU:\Software\SimonTatham\PuTTY\Sessions\* | foreach-object {set-itemproperty -path $_.pspath -name Colour14 -value "38,139,210"}
Get-ItemProperty -Path HKCU:\Software\SimonTatham\PuTTY\Sessions\* | foreach-object {set-itemproperty -path $_.pspath -name Colour15 -value "38,139,210"}

And now it’s much easier to read:
after

If you prefer the very nice ZenBurn theme, run these PowerShell commands and all your saved PuTTY session (including the Default) will be updated to use it:

$Theme_ZenBurn=@{
	"Colour0"="220,220,204";
	"Colour1"="220,220,204";
	"Colour2"="58,58,58";
	"Colour3"="58,58,58";
	"Colour4"="0,13,24";
	"Colour5"="143,175,159";
	"Colour6"="0,0,0";
	"Colour7"="85,85,85";
	"Colour8"="215,135,135";
	"Colour9"="215,135,135";
	"Colour10"="160,192,160";
	"Colour11"="160,192,160";
	"Colour12"="255,255,135";
	"Colour13"="255,255,135";
	"Colour14"="101,121,142";
	"Colour15"="101,121,142";
	"Colour16"="241,140,150";
	"Colour17"="241,140,150";
	"Colour18"="140,208,211";
	"Colour19"="140,208,211";
	"Colour20"="255,255,255";
	"Colour21"="255,255,255";
}

### Pick a theme
$NewPuttyColors = $Theme_ZenBurn

foreach ($setting in $NewPuttyColors.GetEnumerator()) {
    Write-Host "$($setting.Name): $($setting.Value)"
    Get-ItemProperty -Path HKCU:\Software\SimonTatham\PuTTY\Sessions\* | foreach-object {set-itemproperty -path $_.pspath -name $setting.Name -value $setting.Value}
}

Write-Host "Completed applying new PuTTY color profile to all existing sessions."

I personally prefer the Solarized theme. Run these PowerShell commands to change all your current (and Default) sessions to use this theme:

image source: http://lkhill.com/reminder-solarized-for-better-terminals/


$Theme_Solarized=@{
	"Colour0"="131,148,150";
	"Colour1"="147,161,161";
	"Colour2"="0,43,54";
	"Colour3"="7,54,66";
	"Colour4"="0,43,54";
	"Colour5"="238,232,213";
	"Colour6"="7,54,66";
	"Colour7"="0,43,54";
	"Colour8"="220,50,47";
	"Colour9"="203,75,22";
	"Colour10"="133,153,0";
	"Colour11"="88,110,117";
	"Colour12"="181,137,0";
	"Colour13"="101,123,131";
	"Colour14"="38,139,210";
	"Colour15"="38,139,210";
	"Colour16"="211,54,130";
	"Colour17"="108,113,196";
	"Colour18"="42,161,152";
	"Colour19"="147,161,161";
	"Colour20"="238,232,213";
	"Colour21"="253,246,227";
}

### Pick a theme
$NewPuttyColors = $Theme_Solarized

foreach ($setting in $NewPuttyColors.GetEnumerator()) {
    Write-Host "$($setting.Name): $($setting.Value)"
    Get-ItemProperty -Path HKCU:\Software\SimonTatham\PuTTY\Sessions\* | foreach-object {set-itemproperty -path $_.pspath -name $setting.Name -value $setting.Value}
}

Write-Host "Completed applying new PuTTY color profile to all existing sessions."
Categories: Uncategorized

Python pip and vcvarsall on Windows

April 9, 2015 Leave a comment

Linking to this SO answer and re-posting it here, as I seem to search for it every few weeks or so:

For Windows installations:

While running setup.py for package installations, Python 2.7 searches for an installed Visual Studio 2008. You can trick Python to use a newer Visual Studio by setting the correct path in VS90COMNTOOLSenvironment variable before calling setup.py.

Execute the following command based on the version of Visual Studio installed:

  • Visual Studio 2010 (VS10): SET VS90COMNTOOLS=%VS100COMNTOOLS%
  • Visual Studio 2012 (VS11): SET VS90COMNTOOLS=%VS110COMNTOOLS%
  • Visual Studio 2013 (VS12): SET VS90COMNTOOLS=%VS120COMNTOOLS%
Categories: Programming, Python, Tech, Windows

FSExploitMe and Exploit-Exercises

March 17, 2015 Leave a comment

If you are interested in learning about ActiveX exploitation, security researcher/consultant/professor Brad Antoniewicz has created FSExploitMe for just that purpose.

You’ll want a copy of Internet Explorer 8 to get the most out of it, but fortunately you can get a VM running IE8 for *free* from Microsoft.

And if you are interested in getting deeper into Linux exploitation, exploit-exercises.com has pre-built VM’s with capture-the-flag style levels and challenges for each level. It also has challenges for beginners to expert and is designed to teach:

[…]about a variety of computer security issues such as privilege escalation, vulnerability analysis, exploit development, debugging, reverse engineering, and general cyber security issues.

Categories: Disassembly, Linux, Tech, Windows

Visualizing Garbage Collection

February 16, 2015 Leave a comment

Visual guide to understanding garbage collection algorithms!

Categories: Programming, Tech