1. binfalse
  2. binfalse

binfalse

denyhosts: remove!

February 12th, 2015

Anyone of you using denyhosts? It works quite well, but I regularly need to remove some false positives. Manually. And that sucks.

Manually removing an IP

To remove a false positive you need to remove the IP from the following files:

  • /etc/hosts.deny
  • $DENYHOSTS/hosts
  • $DENYHOSTS/hosts-restricted
  • $DENYHOSTS/hosts-root
  • $DENYHOSTS/hosts-valid
  • $DENYHOSTS/users-hosts

with $DENYHOSTS being the working directory of denyhosts, in Debian’s case it is /var/lib/denyhosts/. Open every file, search for $IP, remove the line. As soon as you have a few users that do not get used to using SSH keys this workaround gets annoying quite quick..

Fortunately, there are scripts!

The scripty way

Here is the script:

#!/bin/bash

if [ -z "$1" ]
then
    echo "give me an ip"
    exit 1
fi

echo Removing $1 from denyhosts tables
WORK_DIR=/var/lib/denyhosts/
IP=`echo $1 | sed 's/\./\\\\./g'`
service denyhosts stop
eval "sed -i /$IP/d /etc/hosts.deny"
eval "sed -i /$IP/d ${WORK_DIR}hosts"
eval "sed -i /$IP/d ${WORK_DIR}hosts-restricted"
eval "sed -i /$IP/d ${WORK_DIR}hosts-root"
eval "sed -i /$IP/d ${WORK_DIR}hosts-valid"
eval "sed -i /$IP/d ${WORK_DIR}users-hosts"
service denyhosts start

Just call it passing the IP address as an argument. Also available as bf-denyhosts-remove from my apt repo.

You’re welcome :)

node? No such file or directory..

February 10th, 2015

I just wanted to install some software that uses NodeJS, but that failed with the following error:

/usr/bin/env: node: No such file or directory

I’ve been sure I installed NodeJS from the repository, so I had a look at the build script of the software that I was about to install. It started with:

#!/usr/bin/env node

As I just discovered, the debian package providing NodeJS installs the binary as:

$ dpkg -L nodejs
/.
/usr
/usr/bin
/usr/bin/nodejs
[...]

You see, on my system the NodeJS binary is called nodjs, not node (as assumed by the tool I wanted to install). Easy to work around this problem: Just create a link to nodejs and call it node:

ln -s /usr/bin/nodejs /usr/local/bin/node

I installed the link to /usr/local/bin/node because that’s also in my $PATH and won’t conflict with other software that might provide /usr/bin/node..

Useful git stuff

February 3rd, 2015

Setup

Configure some stuff before you can get started:

# which name do you want to see in your commits?
git config --global user.name "Martin Scharm"

# which email do you want to use
git config --global user.email martin@dev

# tell git which gpg key to use by default
git config --global user.signingkey E81BC3078D2DD9BD

# always push all branches and all tags
git config --global --add remote.origin.push '+refs/heads/*:refs/heads/*'
git config --global --add remote.origin.push '+refs/tags/*:refs/tags/*'

Aliases

Global aliases are stored in ~/.gitconfig. I’m using the following aliases:

# beautify the log: list actions of last 14 days in a tree like view
git config --global alias.lg "log --all --pretty=format:'%x09%C(bold blue)%an%Creset%x09%Cred%h%Creset %Cgreen%ad%Creset%x09%s%d' --graph --date=short  --since='14 days ago'"

# search for a particular thing in the history
git config --global alias.search "log --all --pretty=format:'%x09%C(bold blue)%an%Creset%x09%Cred%h%Creset %Cgreen%ad%Creset%x09%s%d' --graph --date=short -m -i -G"

# shortcut for the status
git config --global alias.s "status -s"

# shortcut for commiting
git config --global alias.c "commit -a"

# shortcut for checkout
git config --global alias.co "checkout"

# shortcut for checkout
git config --global alias.co "checkout"

# shortcut for pulling and pushing
git config --global alias.d "pull origin --all --tags"
git config --global alias.u "push origin --all --tags"

# diff two commits using meld
git config --global alias.meld "difftool -d -t meld"

# show ignored files
git config --global alias.i "clean -ndX"

Jump around the git tree

  • HEAD always points to you current position in the tree.
  • You can always checkout old commits or branches using git checkout XXX, with XXX being a commit hash or a branch name
  • Branch names are pointers to commits. If you’ve checked out a branch and do a commit the branch pointer will move on to your new commit.
  • You can address commits relatively using ^ (go one up in tree) and ~X (go X up in tree), eg.
    • git checkout master~2 Makefile checkout the file Makefile from the second last commit before master
    • git checkout master^^ get the third last commit on branch master

Move a branch

If you want the branch mybranch to point to target you just need to call the following command:

git branch -f mybranch target

You forced mybranch to point to target. target may be a commit hash or a branch name (any ref git can resolve into a commit).

Track down a bug using cherry-pick

Let’s assume you have a history such as

master: init -> c1 -> ... -> c6

and you discovered a bug in commit c6, you would probably intruduce a lot of echos/prinlns/etc to detect the bug. Afterwars you need to get rid of all these debugging things and commit just the fix.

But it’s ways easier using cherry-pick. Just create a bugfix branch. Do all your debugging stuff in there, find the bug and do another commit (commits db1 to db3). Finally, fix the bug and commit it with db4:

master: init -> c1 -> ... -> c6
                              \
                               \
bugfix*:                       db1 -> db2 -> db3 -> db4
                                ^add echo/println    ^bug fixed

You can then simply checkout the master and use cherry-pick to append the commit db4 to it, which fixes the bug in the master branch without all the debugging stuff. Git’s cherry-pick will apply commits from anywhere in the tree onto HEAD (as long as that commit isn’t an ancestor of HEAD). Here are the git commands:

git checkout master
git cherry-pick db4

And your final graph would look like:

master*: init -> c1 -> ... -> c6 ------------------------> db4'
                               \                        /
                                \                      /
bugfix:                         db1 -> db2 -> db3 -> db4
                                 ^add echo/println    ^bug fixed

Of course, your commit hashes are a bit more complex than c6 and db4, but I hope you got the idea :)

Modifying an old commit

Let’s assume you have a history such as

master: c4 -> c5 -> c6

and you forgot to do something in c5. Then you can reorder the last two commits using git rebase -i HEAD^^ --aboveAll to receive the following:

master: c4 -> c6 -> c5

now change the last commit using git commit --amend and you’ll end up with:

master: c4 -> c6 -> c5'
               \
                \
                 c5

Finally, just reorder the last two commits using git rebase -i HEAD^^ --aboveAll:

master: c4 -> c5' -> c6

You can achieve the same with less reordering using git’s cherry-pick. Just checkout the commit c to modify and modify it to c' (using --amend). Afterwards, you can cherry-pick all commits that came after c.

Further Resources

  • Learn about branching/merging/rebasing/detaching/etc in an interactive tutorial from pcottle.
  • Learn about undoing things in git, including redoing a commit, resetting a git add and unmodifying a file.

Goodmorning jekyll!

February 1st, 2015

As you can see, I left WordPress and moved to jekyll! Even if I really like the name, discarding WordPress was on my schedule for quite some time.

Why leaving?

The main reasons for leaving WordPress:

  • I always wanted to get rid of the whole overhead: admin interface, database connection, all the javascript stuff that slows the browser… All not necessary for just publishing some words…
  • I do not like software that calls home without asking me. Sure, it’s convenient for some people, but I hate such a behavior. And it makes me skeptic. No idea what is transferred exactly, but I’m almost sure they have my mail address..

There are some more reasons, but those two were sufficient to make me move.

Where to go?

Recently, Micha pointed me to jekyll. Jekyll is a software to generate websites. You can simply write your stuff using MarkDown and jekyll will build your page. Jekyll is really very simple. The generated page is static. And Jekyll is blog-aware.

I of course had a look at some other static-page-generators, but jekyll indeed seems to be the most convenient (and maybe sophisticated?) software.

But how?

Basically, building a jekyll blog is dead easy.

Install jekyll

You need to have ruby and ruby-dev installed, the just call:

gem install jekyll

Not you can create a new website using

jekyll new my-site

And you’ll find a directory structure as explained on their website. You can also just clone a git repository to get a start. There are also plenty of themes out there.

Start publishing

A bit trickier than installing: You need to think.. ;-)

Posts go to _posts and should always be named YYYY-MM-DD-identifier.md. They always have a preamble (so-called front matter) which looks like:

layout: post
title: Your title goes here.

But that’s it. Now you can start writing. Read more about posting.

Pages just live in the root of your jekyll instance. They will just be copy-translated. Thus, if you create a file about.html in the root jekyll will just translate included markdown and then copies it to your-site.com/about.html.

But how2?

Yes, of course, I didn’t want to start from scratch. So I was looking for tools to convert my WordPress stuff to markdown for jekyll. That was more or less successfull. There are tons of approaches. But non of them really met my needs. So I decided to extend on of those and forked a php-based wordpress-to-jekyll converted from davidwinter.

After a few commits the converter now exports posts, pages, and comments. It also distinguishes between published and draft. And downloads the attachments. Just give it a try and tell me if you experience any trouble.

Comments

You’re right. Comments on a static page is a bit contradictory. But not impossible.. ;-)
I saw some blogs using the crap of Disqus and Facebook and stuff. Not my world, obviously..

But there is also a static comment pluglin for jekyll. I forked it to implement my changes. I do not need the PHP stuff, to submit a comment for my blog you can use one of the following three options. I will then decide whether I’m going to include the comment in my blog. I guess that is the ultimate way to fight Spam..

Submit a comment

  • Send me an email with your comment. Do not forget to mention the article you want to comment. And optionally include a website and a name to sign the comment.
  • I am maintaining a feedback site. It is meant to receive feedback in general, for presentations, for my work, code, for the coffee that I serve to guests. Stuff, precisely. It is also available through the TOR network, so you can make sure you’re really anonymously. You can use this website to also create comments. Every page contains a link submit a comment through the feedback page, which brings you to that page. Just make sure to mention the article, and if you want me to give you the credits also add include your name and a mail address; and optionally a website.
  • You can simply fork the blog’s repository and create a comment yourself in the _comments directory. Just have a look at the other comments. Send me a pull request and I’ll have a look at it :)

Images

Converting images from WordPress was a bit trickier. There they use code similar to this:

[caption id="attachment_XXX" align="alignXXX" width="XXX" caption="XXX"]<a href="XXX"><img src="XXX" alt="XXX" title="XXX" width="XXX" height="XXX" class="size-thumbnail wp-image-XXX" /></a> XXX[/caption]

However, in jekyll you do not have the whole environment by default. After some searching I stumbled across a solution. Eventually, my wordpress-to-jekyll converter substitues these environments with

{ % include image.html align="alignXXX" url="XXX" img="XXX" title="XXX" caption="XXX" % }

and _includes/image.html (see GitHub) creates something that’s similar to the caption environment of WordPress. Some more CSS and everything worked like a charm! :)

I think that’s it for the moment. Moving to jekyll was not that difficult. And I now have a static website that’s hopefully changing from time to time…

Suspend and Resume Aircrack sessions

January 22nd, 2015

The aircrack tool unfortunately does not have a suspend or pause mechanism, thus as soon as you stop it you need to start again from the very beginning. Of course, you may manually adjust the dictionary, but that’s tedious and “error prone”.. ;-)

Lucky us, there is john the ripper to give us a hand. John knows about sessions. Just start a run which prints the words in the dictionary one after the other:

john --session=somename --stdout --wordlist=dictionary

Stop the run at any point in time using e.g. Ctrl+c and john will store the information about the session. Just return the session with --restore:

john --restore=somename

and john will continue from where it was stopped.

To make aircrack read the words from stdin use -w -. A typical run might look like

# start john
john --session=somename --stdout --wordlist=dictionary | aircrack-ng -w - handshake.cap -b 01:12:23:34:45:56
# kill the run
^C
# restart from where is was stopped
john --restore=somename | aircrack-ng -w - handshake.cap -b 01:12:23:34:45:56

Martin Scharm

stuff. just for the records.

Do you like this page?
You can actively support me!