Displaying 1 - 10 of 27 entries.

All you need in CPAN

  • Posted on June 24, 2019 at 00:54

Just copy-paste:

Authen::NTLM Bundle::CPAN Config::Simple Digest::SHA Digest::SHA1 Digest::SHA2 Digest::SHA256 Digest::SHA3 Digest::xxHash Email::Find Email::Send::SMTP::TLS Email::Sender Email::Simple File::Binary lib::relative Log::Log4perl Moose MooseX MooseX::ClassAttribute MooseX::MultiMethods MooseX::Singleton namespace::autoclean SQL::Abstract

Fully Ready Ubuntu Machine

  • Posted on June 24, 2019 at 00:11

# apt update && apt upgrade && apt autoremove

# apt install \
bless \
bmon \
build-essential \
busybox-static \
cifs-utils \
cmake \
dcfldd \
dictionaries-common \
dialog \
disktype \
dmidecode \
dnsutils \
ewf-tools \
exfat-utils \
exiftool \
foremost \
gpart \
guymager \
hexedit \
htop \
kpartx \
libdbd-pg-perl \
libssl-dev \
maven \

mc \
nfs-common \
nfs-kernel-server \
nmap \
ntfs-3g \
okteta \
p7zip \
par2 \
perl \
postgresql \
postgresql-plperl \
pv \
pinta \
python-pip \
python-psycopg2 \
python3-pip \
python3-psycopg2 \
qemu-utils \
samba \
shotwell \
scalpel \
screen \
sleuthkit \
ssh \
sshfs \
testdisk \
traceroute \
unrar \
volatility \
vim \
wireshark \
xfsprogs \
zlib1g-dev \

# snap refresh

# snap install sublime3

For CPAN modules check this post!

Sublime Text 2 on macOS: Package Control: Error: InvalidCertificateException

  • Posted on March 31, 2019 at 23:19

Error

The complete console error messsage is something like this:
Package Control: Error downloading package. HTTP exception InvalidCertificateException (Host codeload.github.com returned an invalid certificate ([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:548)))wnloading package. Htto exception InvalidCertificateExceptio

Solution

In Sublime Text 2, go to: Preferences->Package Settings->Package Control->Settings-Default,

Here, change:

“downloader_precedence”: {
“windows”: [“wininet”],
“osx”: [“urllib”],
“linux”: [“urllib”, “curl”, “wget”]
},

To:

“downloader_precedence”: {
“windows”: [“wininet”],
“osx”: [“curl”, “urllib”],
“linux”: [“urllib”, “curl”, “wget”]
},

Installing the Python urllib will probably also solve the problem, but it might brings up new questions like: Which Python version? Is urllib in the Sublime Text search path…
Then changing the preferred downloader to curl is easier.

Credits go to LandisTwo

Inetutils: ftpd with extensive logging

  • Posted on December 2, 2018 at 13:58

By default this ftp-server does not log a lot by default.

To enable extensive logging to the default logger use the –debug option

Example systemd-script

[Unit]
Description=FTPD Daemon
After=network.target

[Service]
Type=forking
PIDFile=/run/ftpd.pid
ExecStart=/usr/bin/ftpd --daemon --debug
ExecStopPost=/usr/bin/rm -f /run/ftpd.pid

[Install]
WantedBy=multi-user.target

 

 

Perl and macOS Mojave: Header files not found. Use Perlbrew!

  • Posted on November 29, 2018 at 23:15

Having trouble in CPAN, getting messages like: fatal error: ‘EXTERN.h’ file not found.
Use Perlbrew and all your worries are gone.

$ brew install perl

$ brew link –overwrite perl

After this Perl and CPAN are installed /usr/local/bin:

$ which perl cpan
/usr/local/bin/perl
/usr/local/bin/cpan

 

 

 

LISA Prerequisites

  • Posted on January 1, 2016 at 15:34

Super Quick Start Guide II: LISA

# pacman -Sy perl-dbd-pg
# cpan
cpan> install lib::relative
cpan> install Filesys::Df
cpan> install Moose
cpan> install namespace::autoclean
cpan> install DBI
cpan> install SQL::Abstract
cpan> install xxHash
cpan> install Filesys::DiskFree
cpan> install Filesys::Path
cpan> install Config::Simple
cpan> install Email::Send::SMTP::TLS
cpan> install Email::Simple

File names:

  • Transponder: lisa-bot-1.5.pl
    Call: ./transponder/lisa-bot-1.5.pl 3
  • Heartbeat Share Checker: lh-sharechecker-1.8.pl
    Call: .heartbeat//lh-sharechecker-1.8.pl –runmode=3 –interval=60
  • Acquire Storage Device: lisa-dn-acquire-storage-device-1.3.1pl
    Call: ./bootdisk/lisa-dn-acquire-storage-device-1.3.1pl 3
  • Acquire Computer: ls-dn-acquire-computer-1.4.0.pl
    Call: ./bootdisk/lisa-dn-acquire-computer-1.4.0.pl 3

Everything you really need in Arch

  • Posted on December 13, 2015 at 18:07

Creating a list of everything installed:

# pacman -Qe | awk '{print $1 " \\" }'

 

apache \
atril \
autoconf \
automake \
bash \
bind-tools \
binutils \
bison \
bzip2 \
caja-gksu \
caja-image-converter \
caja-open-terminal \
caja-sendto \
caja-share \
coreutils \
cryptsetup \
device-mapper \
dcfldd \
dhcpcd \
dialog \
diffutils \
e2fsprogs \
engrampa \
eom \
fakeroot \
file \
filesystem \
findutils \
flex \
foremost \
fping \
galculator-gtk2 \
gawk \
gcc \
gcc-libs \
gettext \
glibc \
grep \
groff \
grub \
gzip \
hfsprogs \
htop \
inetutils \
iproute2 \
iputils \
jfsutils \
less \
libtool \
licenses \
lightdm \
linux \
logrotate \
lsof \
lvm2 \
m4 \
make \
man-db \
man-pages \
marco \
mate-applets \
mate-backgrounds \
mate-control-center \
mate-icon-theme-faenza \
mate-media \
mate-netspeed \
mate-notification-daemon \
mate-power-manager \
mate-screensaver \
mate-sensors-applet \
mate-system-monitor \
mate-terminal \
mate-themes \
mate-user-guide \
mate-user-share \
mate-utils \
mc \
mdadm \
mlocate \
mozo \
mtools \
nano \
net-tools \
netctl \
nfs-utils \
nmap \
openssh \
os-prober \
p7zip \
php-apache \
php-gd \
pacman \
par2cmdline \
patch \
pciutils \
pcmciautils \
perl \
perl-dbd-pg \
pkg-config \
pluma \
postgresql \
procps-ng \
psmisc \
reiserfsprogs \
rsync \
s-nail \
screen \
sed \
shadow \
sleuthkit \
sshfs \
sudo \
sysfsutils \
tar \
testdisk \
texinfo \
tree \
unrar \
usbutils \
util-linux \
vi \
vim \
vimpager \
wget \
which \
xfsprogs \
zip \

And then CPAN:

Authen::NTLM
Config::Simple
Email::Send
Email::Sender
DBI
DBD::Pg
Digest::SHA1
Digest::SHA2
Digest::SHA256
Digest::SHA3
File::Binary
File::Tail 
File::Slurp
Filesys::Df
Email::Find
Log::Log4perl
Moose
MooseX
MooseX::ClassAttribute
MooseX::Singleton
SQL::Abstract

Python: My own Evernote

  • Posted on December 8, 2015 at 21:31

Search for file with extension (case-insensitive)

#!/usr/bin/python

import re


"""
CASE INDEPENDENT SEARCH FOR EXTENSION (JPG)
"""

filename = "KrusjMe_at_the_dentist.jpg"

prog  = re.compile(r"\.jpe{0,1}g$", re.IGNORECASE)
if prog.search(filename):
    print "Match!"
else:
    print "No match :-("

Arch LAMP: Super quick start guide

  • Posted on October 7, 2015 at 19:14

Get your terminal ready…

Install necessary packages

# pacman -S --noconfirm apache
# pacman -S --noconfirm mysql

Set DocumentRoot in /etc/http/conf/httpd.conf

Afterwards continue install PHP stuff…

# pacman -S --noconfirm php-apache
# pacman -S --noconfirm php
# pacman -S --noconfirm php-gd

Uncomment some extensions (modules) in /etc/php/php.ini

extension=gd.so
extension=iconv.so
extension=mysql.so
extension=openssl.so
extension=pdo_mysql.so
extension=soap.so

Now it’s time to configure your Virtual Hosts in /etc/httpd/conf/extra/httpd-vhosts.conf
When all is done, check your configuration and make Apache en MySQL startup automatically from now on

# apachectl configtest
# systemctl enable httpd
# systemctl enable mysql

Done! Happy webserving!

 

References:
https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-arch-linux

Deduplicating: EWF vs Raw

  • Posted on August 4, 2015 at 14:24

Is ‘good old’ Expert Witness Format still the preferred choice?

In the recent years huge centralized storage has become pretty much a standard everywhere. And pretty much everywhere EWF has become standard for forensics imaging.
I wonder if this is still the most optimal combination from the perspective of storage-efficiency.

How does deduplicating perform on ewf-images compared to raw? In fact, my assumption is: The more raw images saved to a deduplicating volume, the more efficient duplicating will do its job.

 

Let’s bring them to the test!

EnCase
After booting up with a Windows 7 machine, I imaged the boot disk using EnCase 6. (run 1)
Immediately after, I initiated a second acquisition using the same EnCase session (run 2)
All settings for acquisition are kept to default, using ‘Good compression’ and a split size of 640MB.

FTK Imager
After EnCase finished both acquisition sessions successfully, I started two acquisition sessions with FTK Imager using the same approach: Start one, When it runs, start session number two.