shotgun scanning

 art, hack, ipmi, perl, philosophy  Comments Off on shotgun scanning
Jun 242013
shotgun scanning

UDP scanning has always been slow. Slower than slow, slower than molasses, really fucking slow. So when I started being interested in scanning for IPMI out in the wild, which runs on UDP 623, I first fired up trusty ol’ nmap… but bless it’s heart, it’s a cautious, robust scanner that is outrun by crippled snails on UDP scanning. So I thought… well, most scans don’t really need a request-response-follow-up… […]

reading wtmp

 code, perl, security, tech  Comments Off on reading wtmp
Sep 102012

Have a wtmp file you need read? A nice perl one liner to do so: perl -we ‘@type=("Empty","Run Lvl","Boot","New Time","Old Time","Init","Login","Normal","Term","Account");$recs = ""; while (<>) {$recs .= $_};foreach (split(/(.{384})/s,$recs)) {next if length($_) == 0;my ($type,$pid,$line,$inittab,$user,$host,$t1,$t2,$t3,$t4,$t5) = $_ =~/(.{4})(.{4})(.{32})(.{4})(.{32})(.{256})(.{4})(.{4})(.{4})(.{4})(.{4})/s;if (defined $line && $line =~ /\w/) {$line =~ s/\x00+//g;$host =~ s/\x00+//g;$user =~ s/\x00+//g;printf("%s %-8s %-12s %10s %-45s\n",scalar(gmtime(unpack("I4",$t3))),$type[unpack("I4",$type)],$user,$line,$host)}}print"\n"’ < /var/log/wtmp Thanks to:

 Posted by at 6:27 pm on September 10, 2012  Tagged with: , ,

…losing a half day of my life… and I’m running out of half days.

 dinosaur, perl, philosophy, security, web  Comments Off on …losing a half day of my life… and I’m running out of half days.
Jul 272012

This line did it: $ENV{‘PERL_LWP_SSL_VERIFY_HOSTNAME’} = 0; Net::Nessus::XMLRPC, which calls LWP::UserAgent, didn’t emit any hints why something that had been working for many months suddenly doesn’t when I am forced to port to a new system… same OS, how could it go wrong? Turns out LWP changed the default behavior that had been around forever – now it dies if a cert isn’t kompletely kosher.  Since virtually every Nessus install […]

restoring mysql tables….

 DB, perl, web  Comments Off on restoring mysql tables….
Mar 262012

Note to self… use this perl program+backup…. And since things break over time… the program.  Not mine, use at your own peril, etc… just don’t ask why I needed it…. extract_sql Attachments extract_sql (ERROR)

and now… custom fields

 perl, web  Comments Off on and now… custom fields
Mar 202012

Useful little things.  Beat on that old perl script and added support… a few lines of code, a lot of beating my head against the wall, but I didn’t see any other perl solutions. [attachments] Attachments wordpress-upload-post (ERROR)