Suspend and Resume Aircrack sessions

The aircrack tool unfortunately does not have a suspend or pause mechanism, thus as soon as you stop it you need to start again from the very beginning. Of course, you may manually adjust the dictionary, but that’s tedious and “error prone”.. ;-)

Lucky us, there is john the ripper to give us a hand. John knows about sessions. Just start a run which prints the words in the dictionary one after the other:

john --session=somename --stdout --wordlist=dictionary

Stop the run at any point in time using e.g. Ctrl+c and john will store the information about the session. Just return the session with --restore:

john --restore=somename

and john will continue from where it was stopped.

To make aircrack read the words from stdin use -w -. A typical run might look like

# start john
john --session=somename --stdout --wordlist=dictionary | aircrack-ng -w - handshake.cap -b 01:12:23:34:45:56
# kill the run
# restart from where is was stopped
john --restore=somename | aircrack-ng -w - handshake.cap -b 01:12:23:34:45:56

gem installation fails? update gcc!

Just wanted to install a ruby package using gem. However, I’m not a ruby dev and it took me a while to work around a certain problem with gem..

I wanted to install the Effing Package Management:

% gem install fpm
Building native extensions.  This could take a while...
ERROR:  Error installing fpm:
        ERROR: Failed to build gem native extension.

    /usr/bin/ruby2.1 extconf.rb
*** extconf.rb failed ***
Could not create Makefile due to some reason, probably lack of necessary
libraries and/or headers.  Check the mkmf.log file for more details.  You may
need configuration options.

Provided configuration options:
/usr/lib/ruby/2.1.0/mkmf.rb:456:in `try_do': The compiler failed to generate an executable file. (RuntimeError)
You have to install development tools first.
        from /usr/lib/ruby/2.1.0/mkmf.rb:541:in `try_link0'
        from /usr/lib/ruby/2.1.0/mkmf.rb:556:in `try_link'
        from /usr/lib/ruby/2.1.0/mkmf.rb:642:in `block in try_ldflags'
        from /usr/lib/ruby/2.1.0/mkmf.rb:635:in `with_ldflags'
        from /usr/lib/ruby/2.1.0/mkmf.rb:641:in `try_ldflags'
        from /usr/lib/ruby/2.1.0/mkmf.rb:1762:in `pkg_config'
        from extconf.rb:15:in `<main>'

extconf failed, exit code 1

Gem files will remain installed in /var/lib/gems/2.1.0/gems/ffi-1.9.6 for inspection.
Results logged to /var/lib/gems/2.1.0/extensions/x86_64-linux/2.1.0/ffi-1.9.6/gem_make.out

Especially line 35 drove me insane: You have to install development tools first. That made me think I need to install more *-dev stuff. Took me some time to find out that there was a problem with gcc! Turns out that gcc version 4.8.3 (Debian 4.8.3-13) (gcc -v) wasn’t able to build the package for me. So I installed gcc version 4.9.1 (Debian 4.9.1-19) and everything worked like a charm. :)

Web Screenshots. W/O browser!

Just discovered a nice way to take screenshots of web sites from the command line! No browser needed. Cool.

The tool I’d like to advertise is called gnome-web-photo :

aptitude install gnome-web-photo

For instance. To take generate an image of my website just call:

gnome-web-photo --timeout=60  binfalse.png

Just take a look at binfalse.png to examine the result. I obtained a 1024x6334 image. I guess the main use case is to generate some kind of preview/thumbnail. To get a thumbnail simply add --mode=thumbnail :

gnome-web-photo --timeout=60 --mode=thumbnail  binfalse-thumb.png

Afaik, there is no option to generate a larger thumb, but you could just pass --width= without the --mode=thumbnail . And then crop the pic yourself (e.g. using imagemagick). However, you need to run X and you need to have GTK, if I understand correctly. Nevertheless, I like that solution.

Record Stream Using VLC

I just needed to record a video stream. Usually, I use mplayer for these kinds of jobs, but this time it failed. However, on the internet I found a way to do it using VLC, which apparently has quite a command line interface.

This comment revealed that the VLC media player comes with some command line magic. Of course, not much is documented in the man page, but the user guide on their website seems to be useful.

Long story short, I ended up with the following command to save the stream http://STREAM.mp4 to /tmp/file.mkv :

vlc http://STREAM.mp4 --sout="#std{access=file,mux=mkv,dst='/tmp/file.mkv'}" vlc://quit


For the records, here are some alternatives:

# using mplayer
mplayer -dumpstream http://STREAM.mp4 -dumpfile /tmp/file.mp4
# using ffmpeg
ffmpeg -i http://STREAM.mp4 -acodec copy -vcodec copy /tmp/file.mp4

New GPG Key

It was time to finally replace my old GPG key. I created the key in 2008 and from today’s perspective a 1024 bit DSA key is really weak. Thus, today I decided to move to a new key and created a 4096 bit RSA key.

My old key was

pub   1024D/446DB306 2008-07-15 [expires: 2017-07-13]
      Key fingerprint = 0E75 62A5 405E 65B1 B477  4215 D9B3 5173 446D B306

And the new key is:

pub   4096R/8D2DD9BD 2014-01-15 [expires: 2019-01-14]
      Key fingerprint = 08E6 6E72 A83A 9871 CD49  3441 E81B C307 8D2D D9BD

For those of you who already trust my old key I created a transition note which is signed by both my old and my new key.

To import my new key to your key chain you can use the following command:

gpg --keyserver --recv-key 8D2DD9BD

The new key is already signed by the old key. Those of you trusting my old key may verify the signature using:

gpg --check-sigs 8D2DD9BD

To sign the new key execute the following command:

gpg --sign-key 8D2DD9BD

And it would be nice if you upload the signed to one of the key servers:

gpg --keyserver --send-key 8D2DD9BD

You are of course free to give me a call in order to verify the fingerprint ;-)

Gajim idling error

Just stumbled upon a small bug in Debian’s version of Gajim (0.15.4-2 – currently in testing and sid).

The following error occurs when Gajim starts to idle:

Traceback (most recent call last):
  File "/usr/share/gajim/src/common/xmpp/", line 533, in _process_events
    return IdleQueue._process_events(self, fd, flags)
  File "/usr/share/gajim/src/common/xmpp/", line 394, in _process_events
  File "/usr/share/gajim/src/common/xmpp/", line 420, in pollin
  File "/usr/share/gajim/src/common/xmpp/", line 606, in _do_receive
  File "/usr/share/gajim/src/common/xmpp/", line 620, in _on_receive
  File "/usr/share/gajim/src/common/xmpp/", line 488, in dispatch
    handler['func'](session, stanza)
  File "/usr/share/gajim/src/common/", line 2009, in _StreamCB
    conn=self, stanza=obj))
NameError: global name 'obj' is not defined

This results in a dis- and a subsequent reconnection. As the traceback already suggests the error can be found in /usr/share/gajim/src/common/ on line 2009. This is the corresponding function:

def _StreamCB(self, con, iq_obj):
            conn=self, stanza=obj))

Obviously, there is no variable obj : The passed argument is called iq_obj … To fix that mistake just substitute the function definition with (replace iq_objobj in line 2006):

def _StreamCB(self, con, obj):
            conn=self, stanza=obj))

This bug is already fixed in their repository (13861:239ec662de5a). Thus, this article is mainly for people not familiar with python/programming, who need a quick fix. (wasn’t able to find something on the Internet)

Btw. I’m not sure why, but this error just affected one of my four machines which are running Gajim.

Challenge is over.

SEMS challenge
SEMS challenge

About 6 or 10 moths ago we were searching for a student to work with us in the SEMS project. In order to reduce the number of applications I started a challenge. To solve this challenge you had to show some understanding for basic techniques and programming languages, so we didn’t waste our time with people not able to write a single line of source code.

And what should I say? It was successful! We’re now a great team with three students :D

However, currently this challenge seems to spread over the internet. And lot’s of people try to solve it (and many submit a wrong answer^^). But even worse, some of you guys try to exploit it by submitting something like


In general I don’t care. It was just some lines of PHP that send me an email in case of a correct answer. There is no database and the worst that can happen is a full inbox, but now I decided to close this challenge and instead forward users to this article.

Thus, if you arrive here feel free to apply for a job! I guess all of my readers, even if they didn’t solve this challenge, are perfect fellows…

If you nevertheless want to give it a try you can download the challenge.

Extended MyTinyTodo

MyTinyTodo is a self-hosted todo-list which convinces by its simplicity. It allows to maintain several different lists, you can assign tags, priorities and due dates to certain tasks. I used it myself for a long time and decided to fork the project in order to implement some stuff I missed in the original version.

 Figure 1: MyTinyTodo Result
Figure 1: MyTinyTodo Result

I do not intend to talk about MyTinyTodo a great deal. Very tiny, does nothing that isn’t necessary. No Dropbox/Facebook/Instagram etc integration. I really like this kind of software :D

But I was missing an essential feature: Creating tasks via mail. Lucky us, MyTinyTodo is distributed under the terms of GPLv3 license. Thus, I hg clone d and extended the tool with desired functionality. And since the IDE was already opened I added a tiny authentication (now: username + password; previously: .htaccess ) and secured the API by introducing a signature. Nothing special or complex, but it had to be done.

Long story short: I’m now able to submit tasks via e-mail. That means, a mail containing the following:

To: todo@your.server.tld
Subject: My New TodoItem
some more text

to describe this todo item


will result in something similar to Figure 1. All possible attributes that are recognized in the mail body are listed at the wiki on GitHub.

Find out more on GitHub.

Integrating Tomcat with Apache

You can configure the Apache web server to forward requests to Tomcat. Thus, you can speak to both servers on ports 80 or 443 and get rid of the :8080 for your Tomcat applications. I’m somehow doing that very often, so here is small how-to for copy&paste purposes.

Install jk

As you might know, while Tomcat is Java stuff Apache is written in C. So in general it’s not that easy to get them talking to each other. The key to achieve an integration is called mod_jk (see The Apache Tomcat Connector). So first of all you need to install it:

aptitude install libapache2-mod-jk

If it is installed you can configure an AJP worker in /etc/libapache2-mod-jk/ :

# Defining a worker named ajp13_worker and of type ajp13
# Note that the name and the type do not have to match.

As soon as this is done the bridge is ready to close the gap between Apache and Tomcat.

Configure Tomcat

We need to configure an AJP connector on port 8009 . So open /etc/tomcat7/server.xml and add another connector next to the other ones:

<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" address=""/>

If you’re lucky there is already such a connector defined in the comments. So just remove the comment…

Configure Apache to speak through jk

Here I’ll show you how to setup a virtual host. For example, copy the following to /etc/apache2/sites-available/012-yourapp.conf :

<VirtualHost *:80>
      ServerAdmin some@body.tld
      ServerName yourapp.yourserver.tld
      ServerAlias ya.yourserver.tld

      RewriteEngine on
      RewriteRule ^/(.*)$ /YourApp/$1 [L,PT]

      JkMount /* ajp13_worker

Ok, let me shortly explain what I did there.

  1. Everything that arrives at this vhost gets forwarded to our previously defined AJP worker (line 9)
  2. I assume your Tomcat webapp is running on server:8080/YourApp , therefor I configured a substitution of the URL to insert /YourApp (line 7). Of course you need to have mod_rewrite installed and enabled. (You may skip this line if you’re fine with having /YourApp in all your URLs)
  3. The rest should be clear. The vhost is available at http://yourapp.yourserver.tld , as well as at http://ya.yourserver.tld (lines 3&4). You can also use SSL, just configure line 1 to listen at *:433 and add the SSL stuff to the body of your vhost. (SSL exmaple)

Afterwards, enable the vhost to populate it:

a2ensite 012-yourapp

Give it a try

If this is done just restart everything:

service tomcat7 restart
service apache2 restart

Now Apache forwards all requests to http://yourapp.yourserver.tld to your Tomcat webapp at http://yourserver.tld:8080/YourApp .

Find all Text Files, recursively

Because I was thinking of something like that for a long time.

In bash/zsh (add it to your .rc ):

textfiles ()
    file $(find $*) | /bin/grep -E 'text|empty' | cut -d ':' -f1

Using this function it’s possible to open all text files of a project at once:

kate $(textfiles project/*)