幸延的聚會手記
test
test
yan
Personal Data
Real Name: 陳幸延
Known Aliases: yan
Company: None
Contact info
Phone: 0963268330
Email: moc.liamg|7h6270a#moc.liamg|7h6270a
Web: {$web}
Blog: {$blog}
Github: https://github.com/a0726h77//
Linked in: {$linkedin}
Facebook: https://www.facebook.com/HsingYanChen//
Google+: {$googleplus}
Twitter: https://twitter.com/a0726h77//
Plurk: {$plurk}//
Known Abilities
PHP, Pyhon
Welcome to H4.

2014-06-26

來源: 2014-06-26

slapd - OpenLDAP server
slurpd - 獨立的程式,監控 master ldap 的更動並記錄在 log,然後對 slave 做相同動作 (新版本 slapd 已不包含 slurpd)
syncrepl - 介於 ldap 核心與資料庫中間,當對 master 資料庫寫入資料時,同時寫入到 slave

MySQL :: Quickpoll Results
http://dev.mysql.com/tech-resources/quickpolls/index.php?pollname=mysql-proxy

# apt-get install mysql-proxy 

$ mysql-proxy -V
mysql-proxy 0.8.1
  chassis: mysql-proxy 0.8.1
  glib2: 2.30.2
  libevent: 2.0.21-stable
  LUA: Lua 5.1.4
    package.path: /usr/lib/mysql-proxy/lua/?.lua
    package.cpath: /usr/lib/mysql-proxy/lua/?.so
-- modules
  admin: 0.8.1
  proxy: 0.8.1$ mkdir mysql-proxy

$ mkdir mysql-proxy

$ cd mysql-proxy

$ wget https://raw.githubusercontent.com/cwarden/mysql-proxy/master/examples/tutorial-query-time.lua

$ vi mysql-proxy.cnl-proxy.log
log-level = debug
admin-username = 1 
admin-password = 1 
admin-lua-script = /usr/share/mysql-proxy/admin.lua
proxy-address = 0.0.0.0:3306
proxy-backend-addresses = 192.168.10.4:3306
proxy-lua-script = /home/user/mysql-proxy/tutorial-query-time.lua
$ chmod 660 mysql-proxy.cnf

$ mysql-proxy --defaults-file=mysql-proxy.cnfl-proxy.log
log-level = debug
admin-username = 1 
admin-password = 1 
admin-lua-script = /usr/share/mysql-proxy/admin.lua
proxy-address = 0.0.0.0:3306
proxy-backend-addresses = 192.168.10.4:3306
proxy-lua-script = /home/user/mysql-proxy/tutorial-query-time.lua
$ chmod 660 mysql-proxy.cnf

$ mysql-proxy --defaults-file=mysql-proxy.cnf

2014-06-19

來源: 2014-06-19
suspend to ram

# echo mem > /sys/power/state

Controlling wakeup

# cat /proc/acpi/wakeup
# echo " LID" > /proc/acpi/wakeup

test acpi event

# apt-get install acpid
$ acpi_listen

# evtest
3 -> LCD open/close
4 -> power button

熒幕開合事件

# vi /etc/acpi/events/lid
event=button[ /]lid                                                                                              
action=/etc/acpi/actions/lid_handler.sh %e

# chmod u+x /etc/acpi/events/lid

熒幕開合事件處理指令

# vi /etc/acpi/actions/lid_handler.sh

#!/bin/sh                                                                                                        
# check if the lid is open or closed, using the /proc file
if grep closed /proc/acpi/button/lid/LID/state >/dev/null ; then
    # if the lid is now closed, save the network state and suspend to RAM
    /usr/share/wicd/daemon/suspend.py
    pm-suspend
else
    # if the lid is now open, restore the network state.
    # (if we are running, a wakeup has already occured!)
    /usr/share/wicd/daemon/autoconnect.py
fi

# chmod u+x /etc/acpi/actions/lid_handler.sh

低電量事件

# vi /etc/acpi/events/battery

event=battery.*                                                                                              
action=/etc/acpi/actions/low_battery_warning.sh %e

# chmod u+x /etc/acpi/events/battery

低電量事件處理指令

# vi /etc/acpi/actions/low_battery_warning.sh

#!/bin/sh
# Location of acpi files.
path="/sys/class/power_supply/BAT1"

# full=`cat $path/info|grep 'last full capacity'|awk -F: '{print $2}'|awk -Fm '{print $1}'`
# current=`cat $path/state|grep 'remaining capacity'|awk -F: '{print $2}'|awk -Fm '{print $1}'`
# state=$(( current * 100 / $full))
capacity=`cat $path/capacity`

# export XAUTHORITY=/home/yan/.Xauthority
export DISPLAY=:0 # This is needed so that the script can post to the display (using the zenity command, running through su as steph).

if [[ $capacity -lt 21 ]]
then
    # zenity --warning --title "Battery" --text "Low battery. (state = $state)"
    su yan -c "notify-send -u critical 'Low battery.'"
fi

# chmod u+x /etc/acpi/actions/low_battery_warning.sh

acpid (简体中文) - ArchWiki
https://wiki.archlinux.org/index.php/Acpid_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)

Suspending to RAM with hibernate-script - ArchWiki
https://wiki.archlinux.org/index.php/Suspending_to_RAM_with_hibernate-script

Doro One Two Three: Debug ACPI in Ubuntu
http://rickey-nctu.blogspot.tw/2013/05/debug-acpi-in-ubuntu.html

Laptop Mode Tools (many device tweak setting + acpid + CPU frequency scaling + pm-utils)
https://wiki.archlinux.org/index.php/Laptop_Mode_Tools

2014-06-12

來源: 2014-06-12
$ crontab -e
or
$ crontab mycron

$ contab -l
concat two row into one column

select userRoles.userId, GROUP_CONCAT(roles.name) from roles, userRoles where roles.id=userRoles.roleId group by userRoles.userId

sqlalchey subquery
http://stackoverflow.com/questions/6206600/sqlalchemy-subquery-in-a-where-clause

2014-06-05

來源: 2014-06-05
system-config-printer - graphical interface to configure the printing system

https://developers.google.com/places/documentation/autocomplete

2014-05-29

來源: 2014-05-29
$ nosetests —nocapture -v mytest.py

SymPy
http://docs.sympy.org/latest/tutorial/basic_operations.html

http://www.electroind.com/pdf/Modbus_messaging_on_TCPIP_implementation_guide_V11.pdf
PDU (Protocol Data Unit)
Function Code | Data
ADU (Application Data Unit) (8 bytes)
Additional address | PDU | Error Check (CRC16(PDU))
MODBUS TCP/IP ADU (12 bytes)
MBAP Header | PDU

2014-05-22

來源: 2014-05-22
veox/sgminer
https://github.com/veox/sgminer

2014-05-15

來源: 2014-05-15
evilcos/xssprobe
https://github.com/evilcos/xssprobe

lulzlabs/AirChat
https://github.com/lulzlabs/AirChat/

QModBus - a free ModBus master application
http://qmodbus.sourceforge.net/

Modbus simulator
http://sourceforge.net/projects/modrssim/

from pymodbus.client.sync import ModbusTcpClient
client = ModbusTcpClient('192.168.34.13',port=502)
print client.read_holding_registers(0).registers
client.close()

2014-05-08

來源: 2014-05-08
qsynth
DIN Is Noise
hydrogen
kluppe
rakarrack - Guitar effects for Linux
Patchage - a modular patch bay for audio and MIDI systems based on Jack and Alsa

2014-05-01

來源: 2014-05-01
http://www.ibm.com/developerworks/opensource/library/l-wifiencrypthostapd/index.html

hostapd.conf

interface=wlan1
driver=nl80211
ssid=test
channel=1
auth_algs=1
wpa=2
wpa_psk_file=/etc/hostapd-psk
wpa_key_mgmt=WPA-PSK 
wpa_pairwise=CCMP TKIP
rsn_pairwise=CCMP

/etc/hostapd-psk

00:00:00:00:00:00 testtesttest
# hostapd ./hostapd.conf

2014-04-24

來源: 2014-04-24

$ modpoll -m tcp 172.16.46.204 -p 1000 -a 5 -r 4 -c 5

http://www.modbusdriver.com/modpoll.html

sole/aafm - Android ADB file manager
https://github.com/sole/aafm

osmino Wi-Fi: free WiFi - Android Apps on Google Play
https://play.google.com/store/apps/details?id=com.osmino.wifil

2014-04-17

來源: 2014-04-17
http://rashidkpc.github.io/Kibana/infrastructure.html

2014-04-10

來源: 2014-04-10
OpenSSL 漏洞
CVE-2014-0160 Heartbleed Bug
http://heartbleed.com/

Test your server for Heartbleed (CVE-2014-0160)
http://filippo.io/Heartbleed/

HOST='example.com'
$ echo -e "quit\n" | openssl s_client -connect $HOST:443 -tlsextdebug 2>&1| grep 'TLS server extension "heartbeat" (id=15), len=1'

SSegurança #infosec #DFIR: Heartbleed openSSL Bug re-cap
http://sseguranca.blogspot.tw/2014/04/heartbleed-ssl-bug.html

Appium - open source test automation framework for use with native and hybrid mobile apps.
http://appium.io/

Sikuli Script - a visual technology to automate and test graphical user interfaces using screenshot images.
http://www.sikuli.org/

StackEdit - Full-featured, open-source Markdown editor based on PageDown, the Markdown library used by Stack Overflow and the other Stack Exchange sites.
https://stackedit.io/

benweet/stackedit · GitHub
https://github.com/benweet/stackedit

Chrome Web Store - StackEdit
https://chrome.google.com/webstore/detail/stackedit/iiooodelglhkcpgbajoejffhijaclcdg?hl=en

2014-04-03

來源: 2014-04-03
查开房
http://594sgk.com/

JSON2HTML | Transform JSON to HTML
http://json2html.com/

2014-03-27

來源: 2014-03-27
APT 潛伏 UNIX 三年!25,000 伺服器後門全開
http://www.hkitblog.com/?p=20784
http://www.welivesecurity.com/wp-content/uploads/2014/03/operation_windigo.pdf

Automated Malware Analysis - Cuckoo Sandbox

romanHunter - ROuter MAN HUNTER detects wireless attackers and captures their MAC

Web Application Scanner
Vega (Java)
Wapiti (Python)

2014-03-20

來源: 2014-03-20

$ ssh -D 1234 user@myhost.com
# apt-get install proxychains
# vi /etc/proxychains.conf
socks5 127.0.0.1 1234
$ proxychains curl icanhazip.com

Kali | VSLA - Virtual Security Labs Anywhere
https://firebitsbr.wordpress.com/category/kali/

2014-03-13

來源: 2014-03-13
RFC3339
2008-09-08T22:47:31-07:00

RFC2445 (iCalendar)
20121211155343

ISO8601
2008-12-19T16:39:57.67Z

ATOM = "Y-m-d\TH:i:sP";
COOKIE = "l, d-M-y H:i:s T";
ISO8601 = "Y-m-d\TH:i:sO";
RFC822 = "D, d M y H:i:s O";
RFC850 = "l, d-M-y H:i:s T";
RFC1036 = "D, d M y H:i:s O";
RFC1123 = "D, d M Y H:i:s O";
RFC2822 = "D, d M Y H:i:s O";
RFC3339 = "Y-m-d\TH:i:sP";
RSS = "D, d M Y H:i:s O";
W3C = "Y-m-d\TH:i:sP";


速度比較
http://jsperf.com/prop-vs-ischecked/5
$el.prop('checked');
$el.is(':checked');
$el.attr("checked");
$el[0].checked;

2014-03-06

來源: 2014-03-06

# docker export <container-id> > ubuntu.tar
# cat ubuntu.tar | docker import - my-ubuntu
# apt-get install inotify-tools
# inotifywait -rme modify,attrib,move,close_write,create,delete,delete_self /

http://www.ibm.com/developerworks/linux/library/l-ubuntu-inotify/index.html
http://www.infoq.com/articles/inotify-linux-file-system-event-monitoring

Ubuntu Sources List Generator
http://repogen.simplylinux.ch/

$ tr -dc "[:alpha:]" < /dev/urandom | head -c 8
$ pwgen -c -n -1 8
$ ls /usr/share/icons/
$ vi ~/.gtkrc-2.0
gtk-icon-theme-name = "Humanity"

Get packages and dependencies for installing offline | TuxRadar Linux"
http://www.tuxradar.com/answers/517

$ apt-get --print-uris --yes install pkgspec | grep ^\' | cut -d\' -f2 >downloads.list
$ wget --input-file myurilist

2014-02-27

來源: 2014-02-27

First steps with Docker - Docker Documentation
http://docs.docker.io/en/latest/use/basics/

$ sudo docker run -i -t ubuntu /bin/bash
// To detach the tty without exiting the shell, use the escape sequence **Ctrl-p + Ctrl-q**
$ sudo docker.io attach <container-id>

C:\Python27\Lib\site-packages\sitecustomize.py

import sys
sys.setdefaultencoding('big5')

Kali LInux Metapackages | Kali Linux
http://www.kali.org/news/kali-linux-metapackages/

Backtrack

# Debian / Ubuntu
deb http://all.repository.backtrack-linux.org revolution main microverse non-free testing
deb http://32.repository.backtrack-linux.org revolution main microverse non-free testing
deb http://64.repository.backtrack-linux.org revolution main microverse non-free testing
deb http://source.repository.backtrack-linux.org revolution main microverse non-free testing

Kali

# Debian
# source
deb [arch=i386,amd64,armel,armhf] http://http.kali.org/kali kali-dev main contrib non-free
deb [arch=i386,amd64,armel,armhf] http://http.kali.org/kali kali-dev main/debian-installer
deb-src http://http.kali.org/kali kali-dev main contrib non-free
# binary
deb [arch=i386,amd64,armel,armhf] http://http.kali.org/kali kali main contrib non-free
deb [arch=i386,amd64,armel,armhf] http://http.kali.org/kali kali main/debian-installer
deb-src http://http.kali.org/kali kali main contrib non-free
# stablerelease
deb [arch=i386,amd64,armel,armhf] http://security.kali.org/kali-security kali/updates main contrib non-free
deb-src http://security.kali.org/kali-security kali/updates main contrib non-free
# nextrelease
deb [arch=i386,amd64,armel,armhf] http://repo.kali.org/kali kali-bleeding-edge main
deb-src http://repo.kali.org/kali kali-bleeding-edge main
for i in range(1, 5): 
    print globals()['somevar_%s' % i]
>>> class foo():
...    bar = 1
... 
>>> foo.bar
1
>>> foo.__dict__['bar']
1
# nmap -sP 192.168.1.1-254

# nmap -sT 192.168.1.1-254 -p 22

2014-02-20

來源: 2014-02-20

// web snapshot
$ cutycapt --url="http://tw.yahoo.com/" --out=/tmp/snapshot.png
// epub reader
$ fbreader xxxx.epub
// DNS reflection attack sample
$ dig @DNS_SERVER QUERY_HOST ANY +stats +dnssec
// NTP monlist reflection attack detect
$ cd /usr/share/nmap/scripts
# wget http://nmap.org/svn/scripts/ntp-info.nse
# wget http://nmap.org/svn/scripts/ntp-monlist.nse
# nmap --script-updatedb
# nmap -sU -pU:123 -Pn -n --script=ntp-info time.stdtime.gov.tw
# nmap -sU -pU:123 -Pn -n --script=ntp-monlist time.stdtime.gov.tw

ntp 4.2.7 已移除 monlist

# python
from scapy.all import *
hexdump(NTP(version=2, mode=7, stratum=0, poll=3, precision=42))

2014-02-13

來源: 2014-02-13

$ pip freeze > requirements.txt
$ pip install -r requirements.txt

Heroku Add-ons
https://addons.heroku.com/

Yahoo! Weather API
http://weather.yahooapis.com/forecastrss?w=551801&u=c

lxml.etree

Logsene - Log Analytics
http://sematext.com/logsene/

2014-02-06

來源: 2014-02-06

retext - Simple text editor for Markdown and reStructuredText

# apt-get install python3-docutils python3-markdown retext

gourmet - Recipe organizer and shopping list generator.

2014-01-23

來源: 2014-01-23
Logs management
http://www.slideshare.net/MantasK/logs-management

log system dashboard
http://a0726h77.blogspot.tw/2014/01/log-system-dashboard.html

Diamond - a python daemon that collects system metrics and publishes them to Graphite
https://github.com/BrightcoveOS/Diamond

Vimeo graphite dashboard
https://github.com/douban/graph-index

fpm - Build packages for multiple platforms (deb, rpm, etc) with great ease and sanity.
https://github.com/jordansissel/fpm

2014-01-16

來源: 2014-01-16
Cool.io v1.2 now supports the Windows environment.
http://docs.fluentd.org/articles/faq#does-fluentd-run-on-windows

Cppcheck - A tool for static C/C++ code analysis
http://cppcheck.sourceforge.net/

OpenBCI
http://www.openbci.com/technology-update/

VIM学习笔记 配色方案(Color Scheme)
http://yyq123.blogspot.tw/2011/02/vim-color-scheme.html

2014-01-09

來源: 2014-01-09
convert m2t to mp4

$ ffmpeg -i xxx.m2t -vcodec copy -acodec copy xxx.mp4

convert webm to mp4

$ ffmpeg  -i xxx.webm -strict experimental -sameq xxx.mp4

2014-01-02

來源: 2014-01-02

NOSQL Databases
http://nosql-database.org/

相片轉場效果影片
Imagination, a lightweight and simple DVD Slideshow Maker
http://imagination.sourceforge.net/screenshots.html

2013-12-26

來源: 2013-12-26

將家目錄下使用者資料夾權限改成 711

# find /home/ -maxdepth 1 -type d -not -path /home/ -exec chmod 711 {} \;

Markdown Editor
StackEdit
https://stackedit.io/

Icinga vs Nagios
https://www.icinga.org/nagios/feature-comparison/

SAE 中文分词服务
http://apidoc.sinaapp.com/sae/SaeSegment.html

2013-12-19

來源: 2013-12-19

$ echo '{"a":1, "b":2}' | python -m json.tool

saidar - curses-based program which displays live system statistics

How Chromecast Works, Chromecast Protocol Described | computer solution
http://computers-solution.com/how-chromecast-works-chromecast-protocol-described/

Arduino and Python
http://playground.arduino.cc/interfacing/python

2013-12-12

來源: 2013-12-12
Taiwan Hadoop Ecosystem Workshop 2013 Q4
http://www.accupass.com/go/hadooptw2013q4

2013-11-21

來源: 2013-11-21

vim open huge file upto multi-gigabyte

$ split -l 8000000 myBigFile
$ vim -u "NONE" x*
$ du -sh cred 
9.3G    cred

$ time split -l 8000000 cred 

real    5m22.930s
user    0m3.024s
sys    1m52.783s

一種追蹤郵件是否已讀的方式
Awesome Email open tracking with PHP and MySQL « PHP Dev Tips PHP Dev Tips

網頁使用 OpenStreetMap 標記 Marker
https://github.com/a0726h77/OpenLayersExample

2013-11-14

來源: 2013-11-14

$ echo -n password | md5sum
$ echo -n password | sha1sum
$ date +%s

virtualenv

error: Setup script exited with error: command 'gcc' failed with exit status 1

# apt-get install python-dev

error: Setup script exited with error: command 'i486-linux-gnu-gcc' failed with exit status 1

# apt-get install g++

开源分布式文件系统比较
http://www.tuicool.com/articles/NRZFNb

2013-11-07

來源: 2013-11-07
start browser in private mode
firefox : -private-window
chrome : -incognito
opera : -newprivatetab
IE : -private

via Eric Bi@KSDG
各大站使用的後端架構技術
http://www.unmanageability.com/backend-architectures/

JS Bin - Collaborative JavaScript Debugging
http://jsbin.com/
JSFiddle - Test your JavaScript, CSS, HTML or CoffeeScript online with JSFiddle code editor.
http://jsfiddle.net/

ASCIINEMA - Record Your Terminal
http://asciinema.org/
RailsCasts - Ruby on Rails Screencasts
http://railscasts.com/

exec /sbin/getty -n -l  theInputScript.sh -8 38400 tty1

get my ip:
$ curl icanhazip.com

Password Haystacks - 密碼強度檢測
https://www.grc.com/haystack.htm

Anonymous-OS Live CD Based on Ubuntu is Fake

Tools:
ParolaPass - The Password Generator
Find Host IP - Finds the IP address of a website. (找不到專案網頁,但有另一個在線服務http://just-ping.com)

DDOS Tools:
DDOSIM - Layer 7 DDoS Simulator
Pyloris - A protocol agnostic application layer denial of service attack
Slowloris - HTTP DoS
Tor's Hammer - Slow POST Denial Of Service Testing Tool
Anonymous HOIC (High Orbit Ion Cannon) - DDoS tool

SQL injection tools:
sqlmap: automatic SQL injection and database takeover tool
Havij - Advanced SQL Injection
Sql Poison - SQLi Exploit Scanner

Admin page finders:
Admin Finder - Admin Page Finder

Password decrypters:
John the Ripper - John the Ripper password cracker
Hash Identifier - identify the different types of hashes

Communicaion:
XChat - Multiplatform Chat Program
Pidgin - the universal chat client

Network:
Tor - Anonymity Online
Vidalia - cross-platform graphical controller for the Tor
Polipo - a caching web proxy
JonDo - the IP changer
I2P - Anonymous Network
HTTPS Everywhere - HTTPS Everywhere is a Firefox and Chrome extension that encrypts your communications with many major websites
FoxyProxy - proxy management tools for Firefox, Google Chrome, and Internet Explorer
Greasemonkey -Customize the way a web page displays or behaves, by using small bits of JavaScript

Sniffer:
Wireshark - network protocol analyzer

Scanner:
Zenmap - cross-platform Nmap Security Scanner GUI

List of tools in BackTrack
http://secpedia.net/wiki/List_of_tools_in_BackTrack

2013-10-31

來源: 2013-10-31

video file to stream
server :

$ vlc -vvv XXX.mp4 --sout '#rtp{sdp=rtsp://192.168.4.4:6060/test.sdp}'

client :

$ vlc rtsp://192.168.4.4:6060/test.sdp

http://www.videolan.org/doc/streaming-howto/en/ch04.html#id349956

SSL 攻擊
http://resources.infosecinstitute.com/ssl-attacks/
1. Browser Exploit Against SSL/TLS Attack (BEAST)
2. SSL Renegotiation Attack (MITM)
SSLInsecureRenegotiation -> off
http://httpd.apache.org/docs/2.2/mod/mod_ssl.html

Reverse MD5 lookup in multiple databases
http://md5.noisette.ch/
API : http://md5.noisette.ch/md5.php?hash=2a0231531bc1a7fc29e2fa8d64352ae9

2013-10-24

來源: 2013-10-24
Dunst - notifications for tiling wm's
http://www.knopwob.org/dunst/screenshots.html

MySQL 中文全文檢索
https://docs.google.com/presentation/d/1N3WNV8XwSicI8d8JUpGtaqiEO-N0A77wh-I_I6AKzGg/edit?usp=sharing

HTML 4.01 圖片地圖 <map> <area>

maschek.hu - Online Image Map Editor
http://www.maschek.hu/imagemap/

crunch - wordlist generator | Free software downloads at SourceForge.net
http://sourceforge.net/projects/crunch-wordlist/
http://a0726h77.blogspot.tw/2013/10/crunch-wordlist-generator.html

xhydra
hydra-gtk - very fast network logon cracker - GTK+ based GUI

2013-10-17

來源: 2013-10-17
[APK] Chromecast APKs for anyone outside of the US. - xda-developers
http://forum.xda-developers.com/showthread.php?t=2410660

$ echo -n OK! | /usr/bin/osd_cat --pos=middle --offset=0 --align=center --indent=0 --lines=1 --font='10x20' --shadow 0 --color=green --delay=1
$ fc-match --sort sans

2013PHP技术峰会
http://php.thinkinlamp.com/2013
投影片下載:
http://vdisk.weibo.com/s/z7TskCOlaGuQ1

$ LC_ALL=C 7z x PHPCON_2013_THINK_THINKINLAMP_PPT_ALL.zip -oPHPCON2013
$ convmv -f cp936 -t utf8 -r --notest -- PHPCON2013/*

2013-10-10

來源: 2013-10-10
Gearman
http://www.slideshare.net/magentodev/gearman-jobqueue

GearmanManager
https://github.com/brianlmoon/GearmanManager

Gearman-Monitor
https://github.com/yugene/Gearman-Monitor

Gearman 使用 Mysql 作 Job Queue
http://atan.cn/gearman-installation/

2013-10-03

來源: 2013-10-03

  • 使用 pdfpc 做簡報,可以預先看到下一張投影片內容
# apt-get install pdf-presenter-console
$ xrandr --output LVDS --auto --output VGA-0 --auto --primary --left-of LVDS
$ pdfpc xxx.pdf
  • PHP UTF-8 BOMB

http://linux.cn/portal.php?mod=view&aid=759

  • 要看 Linux 開機訊息可用 Ctrl+s 暫停, Ctrl+q 恢復
  • python get function parameter
>>> help('func')
寫在函式裏的註解說明會被顯示出來
>>> inspect.getargspec(func) 
Get the names and default values of a Python function’s arguments.
  • qtile widget 位置

/usr/local/lib/python2.7/dist-packages/qtile-0.5-py2.7.egg/libqtile/widget

  • Bash

Alt + b Back (left) one word
Alt + f Forward (right) one word

$ echo 10 > /sys/class/backlight/acpi_video0/brightness
bash: /sys/class/backlight/acpi_video0/brightness: 拒絕不符權限的操作

# 使用 tee 然後直接輸入數值
$ sudo tee /sys/class/backlight/acpi_video0/brightness
powertop - Linux tool to find out what is using power on a laptop
thinkfan - simple and lightweight fan control program
xinput - Runtime configuration and test of XInput devices
evtest - utility to monitor Linux input device events
showkeys
xbindkeys - Associate a combination of keys or mouse buttons with a shell command
  • bitbucket 支援的 README 格式

If your repository contains a README file at the root level, Bitbucket displays its contents below on the repository's Overview page. Bitbucket can parse and display Markdown, reStructuredText, Textile, and plain text README files.
https://confluence.atlassian.com/display/BITBUCKET/Display+README+text+on+the+overview

$ grep -rH 'start' /etc/

2013-09-26

來源: 2013-09-26
Chrome 遠端桌面
https://chrome.google.com/webstore/detail/chrome-remote-desktop/gbchcmhmhahfdphkhkmpfmihenigjmpp?hl=zh-TW

javascript sidebar
http://www.berriart.com/sidr/

# Python
dd = {'a': 1, 'b': 2}
aa = dd
aa['c'] = 3
print dd
bb = dd.copy()
bb['d'] = 4
print dd

遠端安裝服務 Remote Installation Service,RIS
http://support.microsoft.com/kb/325862#3
如何遠端安裝 Windows ? (需要架一台 RIS Server (Win2kX、DNS、DHCP、AD))
http://qa.pcuser.com.tw/modules/newbb/viewtopic.php?topic_id=29261&forum=2

IE
Quirks Mode 接縫模式:使用舊的(而往往是錯誤的)CSS/HTML規則的舊瀏覽器模式(主要是IE4、IE5、IE6採用)
Standard Mode 標準模式:簡要而言可以說是完整支援 CSS/HTML 的模式
由於 HTML5 的制定,現可以下列簡潔的語法宣告:

<!DOCTYPE html>

2013-09-19

來源: 2013-09-19
http://hashcat.net/oclhashcat-plus/

https://www.opennetworking.org/sdn-resources/sdn-definition

http://devopsangle.com/2012/06/18/build-your-own-splunk-like-central-log-management-tool-with-open-source-software/

http://standin.io/

Social Plugins - Facebook Developers
https://developers.facebook.com/docs/plugins/

2013-09-12

來源: 2013-09-12
jQuery website tour plugin

jQuery Joyride Plugin
http://zurb.com/playground/jquery-joyride-feature-tour-plugin

preStepCallback, postStepCallback function hack
https://github.com/zurb/joyride/pull/141

Power Tour - Powerfull creative jQuery tour plugin (nonfree)
http://www.jquerypowertour.com/index.html

Intro.js
http://usablica.github.io/intro.js/

2013-09-05

來源: 2013-09-05

寫了一個小程式 sync from Facebook to Blogger,comment 也有過來,試著拆出 label

IFTTT 沒有轉存 comment

Blogger 一天可以發 40 篇文章,再來就要輸入驗証碼

測試頁
http://www.facebook.com/groups/openlab.taipei/
http://yanfbsynctest1.blogspot.tw/

from honki:
壓力導電膠
http://learn.adafruit.com/firewalker-led-sneakers/make-velostat-step-sensors
http://www.youtube.com/watch?v=gWZi71JkPAA#t=19

2013-08-29

來源: 2013-08-29
Get all your access tokens for facebook apps
https://developers.facebook.com/tools/access_token/

Mockingbird - online prototypes
https://gomockingbird.com/mockingbird/

2013-08-15

來源: 2013-08-15

https://help.ubuntu.com/community/OCR

tesseract-ocr
http://code.google.com/p/tesseract-ocr/

中文字庫
tesseract-ocr-chi-sim tesseract-ocr-chi-tra

基礎只支援 tif, 3.02 以上可支援 jpg

-psm 設定內文樣式與字距 (默認為 3) (可提高辨識度)

辨識度 : 英文 > 簡體中文 > 繁體中文
速度 : 英文 > 簡體中文 > 繁體中文

// 英文
$ time tesseract 32.tif 32
Tesseract Open Source OCR Engine v3.02.01 with Leptonica
real    0m13.695s
user    0m8.501s
sys    0m0.148s
// 簡體中文
$ time tesseract -l chi_sim 2.tif 2
Too many unichars in ambiguity on line -1218034641
Too many unichars in ambiguity on line -1218034641
Tesseract Open Source OCR Engine v3.02.01 with Leptonica
real    1m4.348s
user    0m40.711s
sys    0m0.360s
// 繁體中文
$ time tesseract -l chi_tra 10.tif 10
Tesseract Open Source OCR Engine v3.02.01 with Leptonica
real    3m27.403s
user    1m51.675s
sys    0m0.472s

Training Tesseract
http://code.google.com/p/tesseract-ocr/wiki/TrainingTesseract3

可以嘗試辨認驗証碼 ~~

vim spell check
:set spell
]s 跳到下個錯字
[s 跳到前個錯字
z= 顯示建議字詞
zg 新增正確拼字
zug 刪除正確拼字
zw 新增錯誤拼字
zuw 刪除錯誤拼字

Python
locals()
globals()
locals is read-only, globals is not

>>> x = 1
>>> locals()['x'] = 2
>>> x 
>>> globals()['x'] = 3
>>> x

http://www.diveintopython.net/html_processing/locals_and_globals.html

程式碼就是最好的文件

>>> help('func')

寫在函式裏的註解說明會被顯示出來
Get the names and default values of a Python function’s arguments.

>>> inspect.getargspec(func)

2013-08-01

來源: 2013-08-01
輔助 CSS Coding 的有用工具 | iCoding
http://www.icoding.co/2013/07/useful-tools-for-css-coding

XPCOM Interface Reference
https://developer.mozilla.org/en-US/docs/XPCOM_Interface_Reference

2013-07-18

來源: 2013-07-18
SnortSam - The plugin allows for automated blocking of IP addresses on following firewalls:
Checkpoint Firewall-1
Cisco PIX firewalls
Cisco Routers (using ACL's or Null-Routes)
Former Netscreen, now Juniper firewalls
IP Filter (ipf), available for various Unix-like OS'es such as FreeBSD
FreeBSD's ipfw2 (in 5.x)
OpenBSD's Packet Filter (pf)
Linux IPchains
Linux IPtables
Linux EBtables
WatchGuard Firebox firewalls
8signs firewalls for Windows
MS ISA Server firewall/proxy for Windows
CHX packet filter
Ali Basel's Tracker SNMP through the SNMP-Interface-down plugin
http://www.snortsam.net/

knockd - a port-knocking server
http://www.zeroflux.org/projects/knock/

# mount -t ecryptfs ~/private ~/private key=passphrase,ecryptfs_cipher=aes,ecryptfs_key_bytes=24,ecryptfs_passthrough=n,ecryptfs_enable_filename_crypto=y,ecryptfs_fnek_sig=cbd6dc63028e5602

2013-07-04

來源: 2013-07-04

社群資源圖
http://www.mindmeister.com/303031964

政府推動中小企資科應用徵建議書
http://www.bqjournal.com/ict-fund-invites-proposals

Breadcrumbs In Web Design
http://www.smashingmagazine.com/2009/03/17/breadcrumbs-in-web-design-examples-and-best-practices-2/

from iCoding.co :
AlloyUI
http://alloyui.com/

// nodejs_jquery.js
require("node-jquery");
a = ['aaa', 'bbb', 'ccc', 'ddd'];
$.each(a, function(key, val) { console.log(key + " => " + val); });

2013-06-27

來源: 2013-06-27

google://

"create_engine('mysql://" filetype:py -inurl:github -inurl:googlecode

share :
YouTube TV
https://www.youtube.com/tv

2013-06-20

來源: 2013-06-20

整理一些社群資源
http://www.mindmeister.com/303031964/community-map

Lazy Load Plugin for jQuery
http://www.appelsiini.net/projects/lazyload

Android :
SSHelper
http://arachnoid.com/android/SSHelper/
AirDroid | Your Android, on the Web.
http://www.airdroid.com/

2013-06-13

來源: 2013-06-13

py-pretty 1 - Formats dates, numbers, etc. in a pretty, human readable format.
https://pypi.python.org/pypi/py-pretty

ValueError: time data '23/Nov/2012:11:15:44' does not match format '%d/%b/%Y:%H:%M:%S'
Solution :
import locale
locale.setlocale(locale.LC_TIME, "C")

2013-06-06

來源: 2013-06-06

Python autoimp module
http://www.connellybarnes.com/code/autoimp/

Qubes is an open source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers.
http://qubes-os.org/trac/wiki

HTML KickStart HTML Elements & Documentation
http://www.99lime.com/elements/#form-example

Metro UI CSS
http://metroui.org.ua/

trembits: Clipboard from the command line — xclip versus xsel
http://trembits.blogspot.tw/2009/09/clipboard-from-command-line-xclip.html

Pyperclip – A cross-platform clipboard module for Python
http://coffeeghost.net/2010/10/09/pyperclip-a-cross-platform-clipboard-module-for-python/

python-l33t-translator - Translate normal English into l33t/leet speak.
https://code.google.com/p/python-l33t-translator/

PyZenity-0.1.7
http://pypi.bearstech.com/PyZenity/PyZenity-0.1.7.tar.gz#md5=dcacadafafaa1d71abfec06805936aef

2013-05-30

來源: 2013-05-30

Using tab pages - Vim Tips Wiki
http://vim.wikia.com/wiki/Using_tab_pages

可疑Google獵才電子郵件,數學家揭露巨大的網路安全漏洞 | WIRED.tw
http://wired.tw/2012/11/19/dkim-vulnerability-widespread/index.html

FriendCode
https://friendco.de/

Haniboi
http://www.haniboi.com/


Topcoat
http://topcoat.io/

Pure
http://purecss.io/

from HTML5與CSS3在台灣


2013-05-23

來源: 2013-05-23

$ git config --global alias.lg "log --color --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset
' --abbrev-commit"

https://coderwall.com/p/euwpig

2013-05-02

來源: 2013-05-02
run script after git clone

$ mkdir ~/.git/hooks 

$ vi ~/.git/hooks/post-checkout
#!/bin/sh                                                                                                                     
echo "Project : $0"
some_hook()

$ chmod u+x -R ~/.git/hooks

$ git clone --template=/home/user/.git ssh://user@gerrit.server:29418/my_project

2013-04-25

來源: 2013-04-25
MooseFS network file system
http://www.moosefs.org/

2013-04-18

來源: 2013-04-18

Zabbix :: An Enterprise-Class Open Source Distributed Monitoring Solution
http://www.zabbix.com/

2013-04-11

來源: 2013-04-11

VPN協議比較名單
http://tw.giganews.com/vyprvpn/compare-vpn-protocols.html

php pear 自動下載相依函示庫
$ pear config-set auto_discover 1

http://jenkins-php.org/

2013-03-28

來源: 2013-03-28

使用 pathogen 管理 vim 套件
http://a0726h77.blogspot.tw/2013/03/vim-pathogen.html

2013-03-14

來源: 2013-03-14
JS Bin - Collaborative JavaScript Debugging
http://jsbin.com/

2013-03-14

來源: 2013-03-14
Android APP 分享

Simeji (Japanese Keyboard)
JED - Japanese Dictionary
MoreLocale2

2013-02-28

來源: 2013-02-28
javascript sprintf
http://www.webtoolkit.info/javascript-sprintf.html

<html>
<head>
    <meta content='text/html; charset=UTF-8' http-equiv='Content-Type'/>                                                         
    <script type='text/javascript' src='webtoolkit.sprintf.js'></script>
</head>
<body>
    <script>
        alert(sprintf('%s %d %.2f', 'testttt', 123, 456)); 
    </script>
</body>
</html>

2013-02-07

來源: 2013-02-07

ALTER TABLE tablename ENGINE = INNODB;

How to Convert MySQL from MyISAM to InnoDB Using a Script « Ryan’s Tech Notes"http://technotes.twosmallcoins.com/?p=356

2013-01-10

來源: 2013-01-10
$ cat /var/log/dpkg.log | grep 'install '

2012-12-27

來源: 2012-12-27
MySQL 5.5: Storage Engine Performance Benchmark for MyISAM and InnoDB

Full-text search indexes in MyISAM are
useful for many simple read-only web applications, though often users deploy MySQL and InnoDB
with Sphinx or Lucene for fast text searches as an alternative to MyISAM.

Other use cases that are potentially suitable for MyISAM include:
• Applications demanding very high raw INSERT speeds where concurrency is not a
consideration. Performance will always be application dependent, so benchmarking is
necessary to determine the best solution for your own environment.
• Caches or temporary tables.
• Blogs / Wikis / RSS feeds.
• Read-only tables.

Wiki Syntax - Wikidot - Free and Pro Wiki Hosting

2012-11-22

來源: 2012-11-22
Web XEN / KVM 虛擬機管理

Splunk顛覆Log管理的應用型式
機房事件監控軟體介紹-Splunk

Download Splunk for free on your operating system
Download Splunk Universal Forwarder | Splunk

教你如何在Google App Engine上运行PHP

KSM(Kernel Samepage Merging) 剖析:Linux 内核中的内存去耦合

2012-11-15

來源: 2012-11-15
T-Shirt 廠商,歡迎補齊、取用 :)
http://www.hackingthursday.org/printer--friendly//t-shirt

2012-11-08

來源: 2012-11-08
Metasploitable
http://sourceforge.net/projects/metasploitable/

2012-11-01

來源: 2012-11-01
监测 Xen 服务器的几个常用命令 | vpsee.com
http://www.vpsee.com/2010/01/xen-monitoring-commands/

All commands | commandlinefu.com
http://www.commandlinefu.com/commands/browse

2012-10-25

來源: 2012-10-25
(OP)
Exploring the software behind Facebook, the world's largest site
http://royal.pingdom.com/2010/06/18/the-software-behind-facebook/
Open Source
http://developers.facebook.com/opensource/

2012-10-18

來源: 2012-10-18
Linux Commando: How to show apt log history
http://linuxcommando.blogspot.tw/2008/08/how-to-show-apt-log-history.html

2012-10-11

來源: 2012-10-11
Search and replace in multiple buffers - Vim Tips Wiki
http://vim.wikia.com/wiki/Search_and_replace_in_multiple_buffers

http://sourceforge.net/projects/fleaphp/
http://code.google.com/p/qeephp/

加密資料夾 - ecryptfs

# mount -t ecryptfs /media/sdb1/download_e /home/user/download -o key=passphrase,ecryptfs_cipher=aes,ecryptfs_key_bytes=24,ecryptfs_passthrough=n,ecryptfs_enable_filename_crypto=y,ecryptfs_fnek_sig=6cefce143cec554e

加密分區 dm-crypt / LUKS

2012-10-04

來源: 2012-10-04

$ **(** time ls **)** **2>&1** | grep user
$ uptime | grep **-o** '[0-9]\+ users'
$ xgettext -d messages ./APP/View/*.html --from-code=UTF-8 **--language=PHP**

joonty/vim-phpqa
https://github.com/joonty/vim-phpqa

http://www.wikimatrix.org/compare/Wikidot+Zim

2012-09-27

來源: 2012-09-27
$ ccmake ..

2012-09-20

來源: 2012-09-20
libgooglepinyin - A fork from google pinyin on android - Google Project Hosting
http://code.google.com/p/libgooglepinyin/

2012-09-13

來源: 2012-09-13
windows get current user SID from command line

For /F %I in ('wmic useraccount where name^="%username%" get sid ^| findstr ^2') Do Set SID=%I
echo %SID%

2012-09-06

來源: 2012-09-06
Travis CI - A hosted continuous integration service for the open source community.
http://about.travis-ci.org/

https://github.com/Your_Account/Your_Project/admin/hooks

browserling - interactive cross-browser testing
https://browserling.com/

2012-08-02

來源: 2012-08-02
最新發票資料整理 => H4基金

2012-07-26

來源: 2012-07-26

101 年 1-2 月份 發票沒中 T T

2012-02-02 $101 / 1 張

101 年 3-4 月份 發票中了 $200 (當時未記名, 發票為2012-03-08 消費 $513者)

2012-04-16 $120 / 1 張
2012-03-08 $2123 / 13 張
2012-03-15 $475 / 3 張

101 年 5-6 月份 發票沒中 T T

2012-05-03 $108 / 1 張
2012-05-10 $373 / 2 張
2012-05-17 $120 / 1 張
2012-05-24 $184 / 1 張
2012-05-31 $652 / 4 張
2012-06-07 $304 / 2 張
2012-06-14 $653 / 3 張
2012-06-21 $276 / 1 張
2012-06-28 $175 / 2 張

感謝 HYChen 另捐給 H4 5-6 月發票共十張

2012-07-19

來源: 2012-07-19
臺北市政府公開資料平台
http://data.taipei.gov.tw/opendata

JOSM
http://josm.openstreetmap.de/

2012-07-05

來源: 2012-07-05
請問有沒有不用 box (gtk+) 或 sizer (wxWidget) 機制的程式語言 或 UI Designer ??

2012-06-21

來源: 2012-06-21
今天可能不會到,先分享最近整的東東
Vim as python IDE
.vimrc

" Flake8 (pyflakes + pep8 check)
" 禁止PyFlakes使用QuickFix,这样在按下<F7>时会调用flake8,而有对于代码编辑时的错误仍能得到有效的提示
let g:pyflakes_use_quickfix = 0

" 如有需要,可设置忽略部分错误
let g:flake8_ignore="W404"
"pydiction 1.2 python auto complete
filetype plugin on
let g:pydiction_location = '~/.vim/tools/pydiction/complete-dict'
"defalut g:pydiction_menu_height == 15
"let g:pydiction_menu_height = 20 
" python indent (TAB to 4 SPACE)
filetype plugin indent on
autocmd FileType python setlocal et sta sw=4 sts=4
" pylint
autocmd FileType python compiler pylint
" don't exec Pylint on save file, use :Pylint or :make
let g:pylint_onwrite = 0
" remove whitespace on save file
autocmd FileType c,cpp,python,php autocmd BufWritePre <buffer> :%s/\s\+$//e

Jenkins 裡的 shell script
echo "clonedigger ...."                                                                             
clonedigger --cpd-output -o clonedigger.xml .
echo "pep8 ...."
pep8 --filename=*.py  . > pep8.txt
echo "pylint ...."
for f in `find . -name "*.py"`; do
pylint --output-format=parseable --reports=y $f >> pylint.log
done || :

http://www.flickr.com/photos/a0726h77/7408785128/in/photostream
http://www.flickr.com/photos/a0726h77/7408773646/in/photostream
http://www.flickr.com/photos/a0726h77/7408808350/in/photostream/
感謝 Amos 推薦這套系統, 正搭建一個 Python 開發鍵
發現對岸也有過 Hacking Thursday
http://h4.opensource.hk/

2012-05-17

來源: 2012-05-17
http://www.autobuy.tw/pc/pro_info.php?id=40335&sid=1873

2010-10-28

來源: 2010-10-28

在 ntpasswd 工具組裡, 有個 chntpw 常被用來恢復忘記的 Windows 登入密碼, 內附還有一個工具 - reged 可以 parse and edit Windows Registry file, 希望用 LiveUSB 來解 Windows 的病毒
git://github.com/a0726h77/reg_delete_test.git

用 firefox 置換 cookie 的大概範例
cookie_replace.html (use XPCOM)

<script>

function savecookie()
{
    url = document.getelementbyid("cookieurl").value;
    cookiecontent = document.getelementbyid("cookiecontent").value;

    netscape.security.privilegemanager.enableprivilege('universalxpconnect');
    var cookieuri = components.classes["@mozilla.org/network/io-service;1"].getservice(components.interfaces.nsiioservice).newuri(url, null, null); 
    var cookiesvc = components.classes["@mozilla.org/cookieservice;1"].getservice(components.interfaces.nsicookieservice);

    cookiecontentarr = cookiecontent.split(";");
    for ( var i = 0; i < cookiecontentarr.length; i++)
    {
        cookiesvc.setcookiestring(cookieuri, null, cookiecontentarr[i] + ((document.getelementbyid('isdomain').checked) ? ';domain=.' + cookieuri.host : ''), null);
    }
}

</script>

2010-10-21

來源: 2010-10-21
Google App Engine、DataStore、Map testttt ….
http://yanliveintaiwan.appspot.com/
moc.buhtig|tig#moc.buhtig|tig:a0726h77/liveintaiwan.git

REST API Design (appengine-rest-server http://code.google.com/p/appengine-rest-server/)
http://yanliveintaiwan.appspot.com/rest/metadata
http://yanliveintaiwan.appspot.com/rest/metadata/place
http://yanliveintaiwan.appspot.com/rest/place

一個假想:不知道有沒有人試過 DTMF訊號轉FSK 接到 modem card 讀取電話來電號碼

Wikimedia to Wikidot
http://autodmc.org/wikimedia-to-wikidot.php?show_yourself=true

zim --export dir=./myexport/,format=html ./myworknote

2010-10-14

來源: 2010-10-14

不架資料庫伺服器, 用 SQL Query Syntax 來查詢 CSV 小量文件

squawk : SQL query tool and library for static files
http://pypi.python.org/pypi/squawk/0.2.3

pyparsing : A general parsing module for Python
http://pyparsing.wikispaces.com/

test.csv

studentid,name,sex,id
,,,
310001,王小明,男,W123456789
310002,林小美,女,P987654321

query.py

# coding:utf-8

from squawk.query import *
from squawk.parsers.csvparser import *

query = Query(
    "SELECT name,id FROM file WHERE name LIKE '%%%s%%'" % '王')
source = CSVParser("test.csv")

for row in query(source):
    print '%s => %s' % (row['name'], row['id'])

申請到 wikidot API key, 希望可以讓 h4 wiki 維護更方便, 修改後即將釋出

h4_wikidot_test.py

from xmlrpclib import ServerProxy

s = ServerProxy('https://h4_wikidot_creater:YOUR_API_KEY@www.wikidot.com/xml-rpc-api.php')

site = 'hackingthursday'
page = 'test'
title = 'api test'
content = 'wikidot api testttt'

s.page.save({'site' : site, 'page' : page, 'title' : title, 'source' : content})

print 'To view : http://%s.wikidot.com/%s' % (site, page)

也發佈聚會相關消息到 facebook 上了

h4_faceook_test.py

# coding:utf-8

#
# A comand line fasebook publisher
# http://github.com/a0726h77/yan_console_fb_client
#
# To run this script, need pyfacebook library
# pyfacebook not use the new facebook Graph API
# http://github.com/sciyoshi/pyfacebook
#
# 用來發佈的用戶需 follow h4 粉絲頁
# http://www.facebook.com/group.php?gid=173053565674
#

# Your Configuration
email = 'xxxxx'
passwd = 'xxxxx'

# My Configuration
API_KEY = '11e517548871c8813a8923b40009a060'
SECRET = 'c322efb76ecbdb2eca2b61a1719cc8e4'
session_code = ''
# h4 facebook group gid
gid = '173053565674'

status = '2010-10-14 聚會手記 http://hackingthursday.wikidot.com/2010-10-14'
attachment = {
    'name':'2010-10-14 聚會手記',
    'href':'http://hackingthursday.wikidot.com/2010-10-14',
    'caption':'hackingthursday.wikidot.com'
}

import urllib
import urllib2
import sys
import re
import facebook

class myFBAuth():
    def __init__(self):
        # build opener with HTTPCookieProcessor
        self.opener = urllib2.build_opener( urllib2.HTTPCookieProcessor() )
        urllib2.install_opener( self.opener )

        print 'Login...'
        self.form_id = self.login(email, passwd)

    def login(self, email, passwd):
        login_url = 'https://login.facebook.com/login.php?m=m&refsrc=http://m.facebook.com/index.php&fbb=rd88e1687&refid=8'
        loginRequest = urllib2.Request ( login_url , 'email=%s&pass=%s&login=Login' % (email, passwd))
        urllib2.urlopen (loginRequest)                                                 
        connection = urllib2.urlopen ('http://m.facebook.com/')                        
        form_id = re.findall ('name="post_form_id" value="(\w+)"', connection.read ())[0]

        print 'Get form id : %s' % form_id

        return form_id 

    def get_session_code(self):
        print 'Get session code : ',

        p = urllib.urlencode( {'fb_dtsg':'v-rAp','generate': '1','v' : '1.0','api_key':API_KEY,'post_form_id':self.form_id} )
        request = urllib2.Request('http://m.facebook.com/code_gen.php/code_gen.php?api_key=%s&fbb=r97f53b86' % API_KEY, p)
        connection = urllib2.urlopen (request)
        data = connection.read ()
        session_code = re.findall ('你的單次有效的驗證碼是: <b>(\w+)</b>', data)[0]
#    session_code = re.findall ('Your one-time code is: <b>(\w+)</b>', data)[0]

        print session_code

        return session_code

def post():
    auth = myFBAuth()
    session_code = auth.get_session_code()

    fb = facebook.Facebook(API_KEY, SECRET, session_code)
    session = fb.auth.getSession ()

    uid = fb.users.getInfo ([fb.uid])[0]['uid']
    print 'Get Uid : %s' % uid 

    info = fb.users.getInfo([fb.uid], ['name'])[0]
    print 'Your Name :', info['name'][1:]

    # 透過此用戶張貼到粉絲的塗鴉牆
    print 'publish to h4 facebook group'
    fb.stream.publish(status, attachment, None, gid, uid)

    print '\n'

if __name__ == "__main__":

    post()

2010-09-16

來源: 2010-09-16

從CCN那邊聽來的:Google Maps 地圖的人偶上面有個點, 是用無線網路做定位的點, 街景車收集無線基地台的資訊的用途之一

Q : ThreatExpert 惡意檔案的分析報告, 不知道有沒有另外其他的網站或是搭建分析的系統與工具呢? http://www.threatexpert.com/report.aspx?md5=bee99e6c402e8436fd39c11488bb36bb

(sm + dbus) + shell script
http://github.com/a0726h77/sm

from Mat: 我測過了,可以用! 建議可以在專案裡加上 README.txt
from yan: OK

reset git local commit, then push rejected.
Resolve : http://www.tech126.com/git-reset/

from Mat: 對了, dbus 有 auto-launch service 的機制 ( 參考 /usr/share/dbus-1/services/* ),或許可以設定一個,這樣子 dbus-send 時,發現沒有執行中的 sm.py 時,會自動啟動 sm.py,就不需要手動啟動 sm.py 了 ?
from yan: ㄟˊ, 感謝 Mat, 可以了, 想一下這可以玩什麼

# vi /usr/share/dbus-1/services/sm.service

[D-BUS Service]
Name=org.sm.EventService
Exec=/usr/bin/python /home/user/practice/sm/sm.py

2010-06-17

來源: 2010-06-17

#include <ft2build.h>
#include FT_FREETYPE_H 
#include <freetype/ftglyph.h>

        FT_Render_Glyph( face->glyph, FT_RENDER_MODE_NORMAL );
        FT_Glyph_To_Bitmap( &glyph, ft_render_mode_normal, 0, 1 );
        FT_BitmapGlyph bitmap_glyph = (FT_BitmapGlyph)glyph;

        XPutImage( display, win, gc, bitmap_glyph->bitmap, 0, 0,
                pos_x,
                pos_y+ glyph->top),
                glyph->width, glyph->height );

建議 survey 兩個字型的格式:

  • FT_Bitmap

*需要指定 pixel_mode http://www.freetype.org/freetype2/docs/reference/ft2-basic_types.html#FT_Pixel_Mode

  • XImage

2010-05-27

來源: 2010-05-27
OVIMGeneric 吃 .cin表格時,單字結尾有空白會失常。
記得將空白去掉

( Mat:下載程式碼 hg clone http://hg.suckless.org/wmii/ )
( Mat:在 include/stuff/x11.h有 Font的結構,還有一個 drawstring()的函式 )
( Mat:猜測應該是 font rendering的一個 hook point…)

2010-04-22

來源: 2010-04-22
ESX Server 3.5, vmware
這個是server side ,light 版,
vmware 的公司用 linux 打造出來的版本,直接燒成光碟然後直接安裝,本身就是 OS,只要 32 MB。
(給不想裝 linux 可以直接都弄好直接使用的人)

有後台裝好的畫面:
http://benjr.tw/?1=node/480

想架一台 linux server, 在上面跑 windows guest OS, 這樣子可以偶爾來跑一下需要 windows 的程式時來用。
就找到這個,只有看,還沒有確實跑過。

目前佈署上,想在遠端先跑 ESX server,然後將 windows 裝到遠端去。

2010-04-15

來源: 2010-04-15
書籍分享

Linux 與 Windows 共舞 - 異質平台整合方案
http://www.anobii.com/books/Linux_%E8%88%87_Windows_%E5%85%B1%E8%88%9E/9789574420841/010cf83e85835710e4/

30天打造OS!作業系統自作入門
http://www.anobii.com/books/30天打造OS!作業系統自作入門/9789866348297/01de93b5067b190863/

程式設計師的自我修養 - 連結、載入、程式
http://www.anobii.com/books/%E7%A8%8B%E5%BC%8F%E8%A8%AD%E8%A8%88%E5%B8%AB%E7%9A%84%E8%87%AA%E6%88%91%E4%BF%AE%E9%A4%8A/9789861818283/013c0a82ac9f5e83ca/

雲端運算的關鍵技術與應用實例
http://www.anobii.com/books/%E9%9B%B2%E7%AB%AF%E9%81%8B%E7%AE%97%E7%9A%84%E9%97%9C%E9%8D%B5%E6%8A%80%E8%A1%93%E8%88%87%E6%87%89%E7%94%A8%E5%AF%A6%E4%BE%8B/9789866381508/01485a6d77b42df6ed/

2010-04-08

來源: 2010-04-08
HP 的 SmartStart
=> download iso
=> 看似是 WEB UI ,可以執行系統指令

主要的介面在這裡 => /usr/core_html

=> 看到 system.nsp 的檔案 ?
=> 找到 FireCat

Firecat, is a server-side Javascript Web server.

It is similar to ASP and JSP, but instead of VBScript and Java, it uses JavaScript (NSP) as the main scripting language.

http://firecat.nihonsoft.org/firecat_1_0_x/release_note.nsp

2010-04-01

來源: 2010-04-01

phpldapadmin
這個是 Linux 上管理 LDAP 的 php 網頁後台

etherwake 用來作網路開機

etherwake ${MAC}

x60 要設定成 wake on lan

從 debian 下載 netboot.tar.gz
http://ftp.nl.debian.org/debian/dists/etch/main/installer-i386/current/images/netboot/netboot.tar.gz
這個裡面有提供 linux 跟 initrd.gz
然後放上 tftp
之後設定 dhcp server 來提供 kernel 跟 rootfs
x60 開機後,就會去作 bootp, 和 dhcp 來下載 pxelinux.0 bootloader

x60 要插上電源才會啟動 wake on lan!

2010-03-25

來源: 2010-03-25

skipfish
測試網站漏洞
http://code.google.com/p/skipfish/
搜集一些常用攻擊跟檢測的手法, 測試時只會將漏洞危害列出, 似乎不會整個攻破
不能簡單自己寫 extension

編譯時需要的表頭, 因為沒有做 configure, 依據 Makefile 發現需要 crypto、ssl、idn、z
LIBS += -lcrypto -lssl -lidn -lz
./skipfish -W dictionary/default.wl -o output1 http://127.0.0.1/

執行時…
http://163.21.82.202/~yan/output_test2/skipfish.png

可以從 web server log 發現測試使用的規則 (動態網頁的話會有 6000 次以上)
http://163.21.82.202/~yan/output_test2/access.log

產生的 report
http://163.21.82.202/~yan/output_test2/

屬於黑箱測試法。

wmii 有支援中文,只要有選對字型即可。

nikto
也是一個黑箱的,open source 的網站掃瞄。

XWindow 下的 gdm, kdm 可以選的選項都放在
/usr/share/xsessions/ 下

2010-03-18

來源: 2010-03-18

ssp
stack smashing protection
要測 buffer overflow 時,發現不是在 kernel 保護,是 compiler 在保護

#include <stdio.h>                                                                               
#include <string.h>
#include <stdlib.h>

h()
{
        printf("Hello World\n");
        exit(1);
}
cp(char *str)
{
        char buff[16];
        strcpy(buff, str);
        printf("%s\n", buff);
}
int main(int argc, char* argv[])
{
        if(argc > 1)
        {
                cp(argv[1]);
        }
        return 0;
}
default:
$ gcc -o simple_overflow simple_overflow.c -fstack-protector
$ gcc -o simple_overflow-nosp simple_overflow.c -fno-stack-protector
$ objdump -d simple-overflow-nosp | grep '<h>'
$ ./simple_overflow $'12345123451234512345\x04\x84\x04\x08'
$ ./simple_overflow-nosp $'12345123451234512345\x04\x84\x04\x08'

https://www.ibm.com/developerworks/cn/linux/l-cn-gccstack/

[buffer 16 || EBP 4 || return address ]]

2010-03-04

來源: 2010-03-04
chsdir (http://code.google.com/p/easyscripts/wiki/chsdir)
$ cd 軟體
$ cd rt<TAB>

unzip 可以指定 charset

$ unzip -I CHARSET xxx.zip
$ unzip -O CHARSET xxx.zip

2010-02-25

來源: 2010-02-25

./lrcdis.sh -c cli

什麼是 LRC ? 歌詞英文為 lyric, 動態歌詞檔案副檔名則為 lrc

可以到官網(http://code.google.com/p/lrcdis/)看看支援的播放軟體, 我用 mocp, mocp 有選項 -i 可以得知現在播放器的資訊, 但像 audacious的話, 獲取現正播放歌曲則是透過 dbus, lrcdis 會呼叫另一支用 python 寫的程式

shell script 寫的,歌詞抓下來原本是簡體

簡轉繁, 用 cconv 轉的。
( Mat: 對了,我覺得 "(新)同文堂" 轉的很齊全,或許可以去找看看他所使用的碼表? )

似乎不支援播放程式的快轉 (沒有測過全部播放程式)

bash 內建支援 gettext,語法是

echo $"hello world"

bash —dump-po-strings hello.sh 則會輸出

#: test.sh:4
msgid "hello world"
msgstr ""

script 的開頭要加上環境參數,就可以使用了~
export TEXTDOMAIN="hello"
export TEXTDOMAINDIR=`pwd`"/lang"

2010-01-21

來源: 2010-01-21
分享、重新整理 CIH @SA_Tainan — using ptrace to crack

摘自 jserv's blog

  • ptrace 系統呼叫用以實做 gdb 一類可斷點 (breakpoint) 的追蹤除錯,或作系統呼叫的追蹤分析
  • ptrace 允許一個 parent process 去監控另一個 process 的執行,並得以檢驗 / 更改執行時期的系統 image (映射於虛擬記憶體) 和暫存器
  • 使用情境可透過 fork 系統呼叫去建立 child process (搭配 exec 系統呼叫) 或者直接追蹤某個已執行的 process

這邊給出運用 ptrace 的 [code], 利用上述, 在此用以打印出每行機械碼執行的記憶體位址 (eip)

$ touch 123
$ ./ptrace /bin/rm 123 2> y

b7eef810
b7eef812
b7eefa60
b7eefa61
b7eefa63
b7eefa64
b7eefa65
b7eefa66
b7f047db
b7f047de

$ ./ptrace /bin/rm 123 2> n

b7fd9810
b7fd9812
b7fd9a60
b7fd9a61
b7fd9a63
b7fd9a64
b7fd9a65
b7fd9a66
b7fee7db
b7fee7de

要使用 diff -ruN y n (或 vimdiff y n ) 去查程式的分叉點

一開始執行時就不一樣, 位址是 b7xxxxxx, 怎麼不是程式的 Entry Point

用 strace 在 trace 看看發現應該是 kernel 將檔案映射進記憶體的過程

$ touch 123
$ strace /bin/rm 123 &> strace

用 readelf 可以知道 object 檔結構 (定義於 i386 System V 版 ABI)

$ readelf -a /bin/rm | less

大概在 6x 行, 看到程式執行其實會先經由 interpreter, ( Thinker : 這邊也可以指定, 比如 jave 的程式可能透過 jre, 而 arm 的程式可以交由 qemu 來執行 )

  Entry point address:               0x80492b0
      [Requesting program interpreter: /lib/ld-linux.so.2]
  LOAD           0x000000 0x08048000 0x08048000 0x0acec 0x0acec R E 0x1000
  LOAD           0x00b000 0x08053000 0x08053000 0x00220 0x005c8 RW  0x1000

作弊一下, 把的程式的位址過濾出來就好,

$ grep "^0804*" y > yy
$ grep "^0804*" n > nn

用 vimdiff 比較有成功刪除檔案和沒成功刪除檔案的, 在 475 行後開始有不一樣

   475 08049baa                                   |   475 08049baa
   476 08049bac                                   |   476 08049bb4
   477 08049baf                                   |   477 08048ea8
   478 08049bb2                                   |   478 08048eae
       -------------------------------------------|   479 08048eb3
       -------------------------------------------|   480 08048e88
       -------------------------------------------|   481 08048e8e
       -------------------------------------------|   482 08049bb9
       -------------------------------------------|   483 08049bbb
       -------------------------------------------|   484 08049bbd
       -------------------------------------------|   485 08049bbf

$ touch 123
$ gdb /bin/rm
(gdb) b *0x08049baa 設定中斷在此位址
(gdb) i b 看看設定的 break point
(gdb) r 123 執行程式 /bin/rm 123
(gdb) si 單步執行, 會發現到了 0x08049bac
(gdb) set $eip=0x08049bb4 設定指令指位器去執行判斷結果是沒有檔案的位址
(gdb) c

Continuing.
/bin/rm: cannot remove ‘123’: No such file or directory

Program exited with code 01.

看看執行結果是否為找不到檔案而跳出, 若不是則試試下個分叉點

找到差異處 08049baa,可以從此分叉點的的組合語言來看看 ,可以發現在這裡有作一個 je 的 jump

$ objdump -d /bin/rm | less (為 AT&T 語法 GAS vs NASM)

 8049baa:       74 08                   je     8049bb4 <geteuid@plt+0x91c>

修改十六進制檔, 但是要減去程式的基底位址, 因為編輯器通常從 00000000 開始算起

$ printf "%x\n" `echo $((0x08049baa-0x08048000))`

$ sudo vim /bin/rm
:%!xxd

 443 0001ba0: 4424 04e8 c0f6 ffff 85c0 7508 8b5f 2c8b  D$........t.._,.

到達 1baa 位置, 把 75 改成 74 [Intel Pentium Instruction Set Reference (Basic Architecture Overview)]
修改完後要轉回來

:%!xxd -r

$ rm 123

rm: cannot remove ‘123’: No such file or directory

不過以 rm 這個例子在我 eeepc 上好像有點不正常, 如果要安全一點請先用 ls 測試

關於怎麼修改成你要的 shell code, 研究中….

2010-01-14

來源: 2010-01-14
basename 和 dirname 可以取出檔案的名稱和資料夾路徑
連結的實際路徑的話用 readlink (也可安裝 realpath)

三芝鄉 芝柏村
有好吃的柴燒 pizza, 那邊的住家配置也很有特色
http://www.facebook.com/album.php?aid=14622&id=1801815672&l=5008fa583a

好吃巧克力
台電大樓站 2 號出口
杜娟咖啡附近
巷口賣餛飩麵、.. 有歡迎光臨的柱子 彎進去
還有 pizza 店 (店名 : so free)

2009-12-24

來源: 2009-12-24
新增幾張相片 http://www.flickr.com/groups/hackingthursday/

2009-12-17

來源: 2009-12-17
在eeepc上有插一張記憶卡存放資料並備份設定檔, 然後也備份到 Dropbox (安裝參考 http://wiki.dropbox.com/TipsAndTricks/TextBasedLinuxInstall)
參考 Mat 的程式, 使用 osd_cat 做 on-screen 顯示, 在 wmii 綁了一個快捷鍵, 以查看資料是否同步完成, 這樣再離開網路

for i in 0 1 2;
do
    echo -n `python dropbox/dbcli.py status`' ...' | /usr/bin/osd_cat --pos=top --offset=18 --align=right --indent=16 --lines=1 --font='10x20' --shadow 0 --color=green --delay=1
    sleep 1
done

fourdollars: 有 inotify 可以監視資料夾, 並 trigger 一個事件

小豬: 用 nohup 來脫離父行程, 並且執行的使用者登出後不會關閉

2009-12-10

來源: 2009-12-10
http://www.flickr.com/photos/7193204@N06/4173860527/
使用 tftpd-hpa、dhcp3-server 和 alternate/server (或下載網路安裝版)光碟中 install/netboot/ 取出所需檔案, 完成 PXE 安裝 ubuntu

Distributor ID: Ubuntu
Description: Ubuntu 8.04.3 LTS
Release: 8.04
Codename: hardy

## 設定 tftpd

  1. vi /etc/default/tftpd-hpa
RUN_DAEMON="yes"
  1. mkdir -p /var/lib/tftpboot
  1. /etc/init.d/tftpd-hpa restart

## 設定 dhcp server

  1. vi /etc/default/dhcp3-server
#設定為服務的網卡介面
INTERFACES="eth0"
  1. vi /etc/dhcp3/dhcpd.conf
subnet 192.168.4.0 netmask 255.255.255.0 {
        range 192.168.4.1 192.168.4.20;
        option domain-name-servers 168.95.1.1;
        option subnet-mask 255.255.255.0;
        option broadcast-address 192.168.4.255;
        option routers 192.168.4.254;
        filename "pxelinux.0";
        next-server 192.168.4.254;
    }
  1. ifconfig eth0 192.168.4.254
  2. /etc/init.d/dhcp3-server restart

## 從光碟取出 netboot 所需檔案

  1. mount -o loop /media/sda6/backup/ubuntu-9.10-server-i386.iso /mnt/
  2. mkdir -p /var/lib/tftpboot/ubuntu-9.10-server-i386
  3. cp /mnt/install/netboot/ubuntu-installer/i386/linux /var/lib/tftpboot/ubuntu-9.10-server-i386/
  4. cp /mnt/install/netboot/ubuntu-installer/i386/initrd.gz /var/lib/tftpboot/ubuntu-9.10-server-i386/
  5. cp /mnt/install/netboot/ubuntu-installer/i386/pxelinux.0 /var/lib/tftpboot/
  6. cp /mnt/install/netboot/ubuntu-installer/i386/pxelinux.cfg/ /var/lib/tftpboot/

## 或從網路下載

  1. cd /var/lib/tftpboot/
  2. lftp -c "open http://archive.ubuntu.com/ubuntu/dists/karmic/main/installer-i386/current/images/netboot/netboot.tar.gz"
  3. tar zxf pxeboot.tar.gz
  1. vi /var/lib/tftpboot/pxelinux.cfg/default
default 0
prompt 1
display msgs/boot.msg
#label 0
#localboot 1
label 1
kernel ubuntu-8.04-server-i386/linux
append initrd=ubuntu-8.04-server-i386/initrd.gz
label 2
kernel ubuntu-9.10-server-i386/linux
append initrd=ubuntu-9.10-server-i386/initrd.gz
  1. vi /var/lib/tftpboot/msgs/boot.msg
1.ubuntu-8.04-server-i386
2.ubuntu-9.10-server-i386

## 檔案目錄結構
/var/lib/tftpboot/
|— msgs
| `— boot.msg
|— pxelinux.0
|— pxelinux.cfg
| |— default
| `— default.change
|— ubuntu-8.04-server-i386
| |— initrd.gz
| `— linux
`— ubuntu-9.10-server-i386
|— initrd.gz
`— linux

## 主機端還要做 NAT 才能讓 client 從網路上下載所需套件

## 接著希望能讓光碟內容直接放在硬碟上, 這樣在沒網路的環境也可以安裝
## 還有能用 grub 的開機選單方式

2009-12-03

來源: 2009-12-03

這個可以把常用的密碼剪貼到 x window 的剪貼簿,這樣子就不用再用 mouse 剪貼

openssl end -d des -in .pw.cpt | cut  -c 3-11 | xclip -selection clipboard

Q: xclip 是什麼
A: xclip - command line interface to X selections (clipboard)

掛 server 載片幫手 (need framebuffer)
開網頁 : netsurf-linuxfb // 功能還不強, 可以解析 HTML4、CSS1
看圖片 : fbi
看影片 : mplayer -vo fbdev qqq.avi

2009-11-26

來源: 2009-11-26
lshw 可以協助找硬體資訊

lshw
lshw -C Network
./sql_injection_demo.php "26' and 1=2 union select 1,user,passwd,4,5,6 from xxx#"

2009-11-19

來源: 2009-11-19
最近在看 Unix System V/386 和 Linux char device 和 framebuffer 方面
又另外想到我們常用的一些終端機下的軟體(ex: vim、……), 除了擴充模組外, 另一方面就是提供的介面和熟悉的鍵盤控制(終端控制部份)
所以以下分享有一些 terminal 或 curses 還有 sysv 相關的東東

char device / framebuffer / curses

gitkeys 和 showkey 可以看到一些鍵盤掃描碼或是輸入的顯示字元

tput //初始化或查詢終端機的相關設定 ( define by terminfo )
stty -a // can show the the capability value

setterm 、 stty 和 tput 也可以設定終端機 (如反白、打密碼時不在螢幕顯示輸入的字元、…)
setterm -reverse [off]
stty [echo | -echo]
tput -rev

tty : teletype

tty 命令可以顯示目前的終端機種類 (可以在 Console 模式、X 下的 terminal、Console 下用 screen 輸入看看)
tty1 虛擬終端1
ttys1 序列埠終端1 (如 win 的 COM1)
ptyp0 主虛擬終端 Master PTY
ttyp0 從虛擬終端 Slave PTY
ptm - pty master <-> /dev/pts/N

wycc: terminfo 代替了 termcap, 再早一點有 termlib, termios 是比較底層的

General procedure for building a terminal description: // from UNIX system V-386 programmer's guide
1. Give the known names of the terminal.
2. Learn about, list, and define the known capabilities.
3. Compile the newly-created description.
4. Tet the entry for correst operation.
5. Go back to step 2, add more capabilities, and repeat, as necessary.

tic -v myterm.ti // translate the terminfo data base into the compiled formate
infocmp -I linux // print out terminfo description, (linux : terminal name, /lib/terminfo/l/linux)
infocmp -C linux // print out termcap description

captoinfo // convert a termcap desccription into a terminfo description

curse 會讀取 terminfo 的資料
strace -o tracefile xxx.php
看看 trace 檔可以看到, 有時我們在 curses 下需要獲得或控制終端機, 就會用到 terminfo

#!/usr/bin/php -q                                                                     
<?
        $ncurses = ncurses_init();

        $mainscreen = ncurses_newwin(0, 0, 0, 0); 

        ncurses_getmaxyx(&$mainscreen, $lines, $columns);

        for($i = 0; $i < $lines; $i++)
        {
                if(($i%10)+1 == 10) 
                {
                        ncurses_attron(NCURSES_A_REVERSE);
                        ncurses_mvaddstr($i, 0, ($i%10)+1);
                        ncurses_attroff(NCURSES_A_REVERSE);
                }
                else
                {
                        ncurses_mvaddstr($i, 0, ($i+1)%10);
                }
                ncurses_refresh();
        }

        for($i = 0; $i < $columns; $i++)
        {
                if(($i%10)+1 == 10)
                {
                        ncurses_attron(NCURSES_A_REVERSE);
                        ncurses_mvaddstr(0, $i, ($i+1)%10);
                        ncurses_attroff(NCURSES_A_REVERSE);
                }
                else
                {
                        ncurses_mvaddstr(0, $i, ($i+1)%10);
                }
                ncurses_refresh();
        }

        ncurses_getch();

        ncurses_end();
?>

curses 的運作與操作以後再補充 :)

IPC (message、semaphore、shared memory)

ipcs 可以用來看 ipc 的狀態, 提供 ipc 的 information

ftok 函式可以把 path 跟 project identifier 轉成 sysv 的 ipc key

semaphore

ipcs -s
ipcs -s -i semid

範例下次重新 demo

2009-11-12

來源: 2009-11-12
把 sm 再改成自動載入模組

當看一些二進制檔搞亂了你的終端機, 可以

$ tput init 或 reset

fbterm 會綁住 Ctrl+Alt, 這時不能切換 tty, 可以

$ chvt 3

原來在ttyN下只要Alt+F[1-9]就可以切換了

Compromised Website

大砲開講
http://rogerspeaking.com/2007/01/32
天罣—輪迴的阿修羅
http://tw.myblog.yahoo.com/edward_205_6/
TW 網站淪陷資料庫
http://www.itis.tw/compromised
XSSed
http://www.xssed.com/

2009-11-05

來源: 2009-11-05
作了一個 sm ( screen message ) 的 patch,加上了倒數計時的功能

git://github.com/a0726h77/sm.git

小插曲:因為之前 dns server 的關係, 所以將 github ip 給設在 /etc/hosts, 結果他們系統好像轉換了, 之前那網站登入的話會變成 Read-Only Mode, 難怪我不能運作, 不過現在好了 ;-)

** remote file include ** 簡稱 RFI

觸發條件 php.ini:
register_globals = On // 這樣子參數就可以亂傳
allow_url_fopen = On // php 4.x
allow_url_include = On // php 5.2.x
舊的機器 by default 是舊設定

2009-10-29

來源: 2009-10-29

Ctrl 25招

Ctrl-[A-Z] 的熱鍵 for Bash
A: [Home]
B: [Left]
C: 中止
D: [Delete] or 關閉X終端機 or 登出
E: [End]
F: [Right]
G:
H: [Backspace]
I: [Tab]
J: [Enter]
K: 從游標處刪除到行尾
L: clear screen
M: [Enter]
N: [Down] 向下找歷史命令 (配合 Ctrl+p)
O: [Enter] 會再次帶出執行的命令
P: [Up] 向上找歷史命令 (配合 Ctrl+n)
Q: 恢復螢幕輸出 (配合 Ctrl-s)
R: 搜尋歷史命令
S: 暫停螢幕輸出 (配合 Ctrl-q)
T: 掉換游標所在與游標前的字母
U: 從游標處刪除到最頭
V: Ctrl-v 後可以輸入特殊字元 (^I、….)
W: 從游標觸刪除一個 word
X: Ctrl-x x 可以移動游標所在單字的頭<->尾
Y: 貼上剪下的 (配合Ctrl-w Ctrl-u Ctrl-k)
Z: 將程序送到背景

Alt-[U|L|C]
Alt-U 將游標往後一整個單字都變成大寫
Alt-L 將游標往後一整個單字都變成小寫
Alt-C 將游標往後一個單字開頭變成大寫

話說以前也是先從 tsung 這邊學習的 (http://plog.longwin.com.tw/my_note-unix/2006/09/18/bash_hot_key_2006)。好麻, 人家有補充 m 和 o 和 x

AEWAN, 這個是 ascii art 的工具
可以作圖層合併,跟顏色,

11:38 回到宿舍了

標記為 HackingThursday 的相片 http://www.flickr.com/photos/7193204@N06/tags/hackingthursday/

另外另外, 今天忘記公開討論那家的咖啡店, 是純分享呢?還是??

最近試著用 git, 在 commit 的時候說有 trailing whitespace, 暫時在 commit 時加上 —no-verify

===== 共玩發生的事 ====
用的無線網路有加密是字串, 所以
$ sudo iwconfig essid SSID key s:xxxx
但事實上, 似乎是 WPA 加密的, google 一下查到 tsung 的 blog (http://plog.longwin.com.tw/my_note-unix/2007/03/05/ubuntu_setup_wireless_wpa_2007), 不過因為是第一次, 沒有成功

2009-10-22

來源: 2009-10-22
calcurse: 這個是 console 的行事曆
有 todo list, 日曆, events

manpages-dev:
裝了這個套件後,可以用 man 3 <function> 來查函式庫
man -k <function>
man -wa <function>

skolelinux

sm ( screen-message )
http://packages.debian.org/lenny/sm

Xvfb + Firefox (偶還跑不起來)
http://www.semicomplete.com/blog/geekery/xvfb-firefox.html

note: 像是 console 上的 tomboy ,可以用來作小筆記

abook: console 版的通訊錄

shell 按 Ctrl-T 可以交換游標附近的兩個字元

今天的部份相片(縮圖至1280 x 960)
http://www.flickr.com/photos/7193204@N06/tags/hackingthursday091022/

2009-10-15

來源: 2009-10-15
忘記登入 wikidot 也可以編輯
因為假日宅在家, 覺得 gcin 詞音的詞庫有些還是沒有(如 : 女優(誤)), 發現可以用 Shift + Enter 可以將語詞加入詞庫中, 在思考有什麼方法可以分享和更新詞庫。先到詞庫網貢獻一下 詞庫網

另外有個疑問, 我們可以從新詞庫得知一些熱門的美食、連續劇、……,, 但會不會有廣告或置入性行銷的疑慮, 讓我不知道該不該按下勾

希望詞庫網站可以另外上 tag, 讓他有特殊分類, 像IT、醫學、植物、…., 方便各取所需

還有還有, Tsung 說希望讓他變成 facebook 上有趣的小遊戲, 讓貢獻度更高

到 tossug 聊天, 聽了建議說詞庫整理好應該給讓個輸入法都可以使用, 希望有開發的話可以讓詞庫可以在輸入法框架上讓他成為預選詞, 這樣多種國字輸入法就可以更方便或打字更準確


firefox 外掛: hackbar, refcontrol, vimperator

vimperator:
可以用 vim 的操作方式來瀏覽網頁
( Rex, 也就是說,可以一手操作,另一手作別的事嘍…XD )
pct, 有沒有 vim 的搜尋功能

refcontrol: 可以偽裝 referer

hackbar: 方便用來改變網址的參數及計數器

yan 說,聖誕節抽到禮物會公開

搜尋文章用 '%', 就可以把所有的文章搜出來了。再 regexp 抓連結之類的…

Tsung: 檔案名稱跟 timestamp 有沒有關係呢

如果 php 的話,就用 snoopy 網路函式庫來作,可以像 browser 來連網路。

作法是掃出這些人的 blog 中最後幾篇網址,再取圖片。請來信索取程式碼。

chihchun: 這是 Geek 版 freshget XD

#!/bin/sh
# $Id: $
url=$1
start=$2
end=$3
if [ -z $start ] ; then
    echo "$0 url num_of_images"
    exit;
fi
# export http_proxy=http://proxy.hinet.net/
for (( i=$start ; i<=$end ; i++ )) ; do 
    wget -c $(printf "$url" $i)
done

yan: in python.

#!/usr/bin/env python
# coding:utf8
# 請自由 hack

import sys
import os
import urlparse
import urllib2

def get_pic(url):
    referer = 'http://%s/' % urlparse.urlparse(url)[1]
    filename = url.split('/')[-1]

    if os.path.exists(filename):
        print "File %s existed." % filename
        pass
    else:
    # 檔案不存在的話開始下載
    try:
        req = urllib2.Request(url)
            req.add_header("Referer", referer)
            socket = urllib2.urlopen(req)
        except Exception, msg:
            sys.stderr.write("[ERROR] %s\n" % msg)

        # 讀取數據流
        data = socket.readline()
        results = ""
        while len(data):
            results += data
            data = socket.readline()
        socket.close()
    print "Read socket data."

        # 寫入檔案
        f = open(filename, "w")
        f.writelines(results.split('\r\n\r\n')[-1])
        f.close()
        print 'Write data to file %s' % filename

def main():
    if(len(sys.argv) < 2):
        print "Usage: %s URL" % sys.argv[0]
        exit(1)
    else:
        get_pic(sys.argv[1])

if __name__ == "__main__":
    main()

2009-10-08

來源: 2009-10-08
幸延 & 孟賢 的 vitetris 對戰 (http://www.flickr.com/photos/7193204@N06/3992515539/sizes/l/)
幸延$ tetris listen 9999
孟賢$ tetris connect 幸延:9999

2009-09-24

來源: 2009-09-24
byobu, music on console, 用 fbterm 來作 utf8 顯示

除非特別註明,本頁內容採用以下授權方式: Creative Commons Attribution-ShareAlike 3.0 License