Ever needed a serial to test your Mac applications… Good change it’s in the Serial Box.
You can find the latest version of the SerialBox here:
Displaying 1 - 10 of 13 entries.
SerialBox 04-2012 “Sharing is Caring”
John Doe?
Although I didn’t want to contribute to the contest, this step was to easy not to take:
Found a JPEG-Header, did some copy-pasting et voila!
Good this be our guy?
PostgreSQL, Perl and Ubuntu
Make it work
# apt-get install postgresql postgresql-contrib # apt-get install libpq-dev cpan> install DBD::Pg $ sudo su postgres -c psql template1 template1=# ALTER USER postgres WITH PASSWORD 'password'; template1=# \q $ sudo passwd -d postgres $ sudo su postgres -c passwd $ sudo su postgres -c psql < /usr/share/postgresql/8.4/contrib/adminpack.sql
From iPhone to Galaxy: MP3
Description
Since I am pretty damn disappointed in my iPhone thanks to Apple, who took my freedom, I decided, although it hurts, to put aside this infernal machine and switch to a Samsung Galaxy ACE. Imagine how desperate I was!
But first I had to copy over my stuff! Let’s start with the music…
It’s really easy, just follow this the next thousand steps!
Procedure
- Install Apple Developer Tools
- Install MacPorts (http://www.macports.org)
- Install sshfs
($ sudo port -v install sshfs) - Jailbrake your iPhone (http://www.youtube.com/watch?v=04zUl-zZnXk)
- mount your iPhone using sshfs, asuming your iPhone has IP: 192.168.1.12
($ mkdir /Volumes/iPhone; sudo sshfs root@192.168.1.12:/ /Volumes/iPhone) - Create a temporary directory for your Music
(mkdir ~/Desktop/mp3s) - Copy your precious music
(cp -v `find /Volumes/iPhone/private/var/mobile/Media/iTunes_Control/Music -iname \*\.mp3` ~/Desktop/mp3s/. - Install WinAmp for OS X (download here)
- Connect your Galaxy ACE to your Mac using USB
- Make the MicroSD-card available for writing on your ACE
(if everything goes well, your WinAmp will see the SD-card as a storage-medium) - Import your Music (from ~/Desktop/mps3s) in WinAmp
- Select all the Music, right click and select “Send selection to Devices:ACE”
(or whatever you called your microSD-card)
And that’s all! 
Knowing your dynamic IP-address
The troubling situation
Being a nerd, there is nothing more frustrating than having a dynamic IP-address.
Being a nerd and doing some hosting locally actually makes it even worst!
There’s not much use to running services like Apache or Sendmail with an IP-address that changes at random times.
Random in this particular case means: “When we of Ziggo want it to!”.
Alert by email
So what you basically want is to be altered whenever you IP has changed.
I wrote some perl-code that does exactly that! And as a bonus, it does some handy logging.
The script can be initiated from command-line, but the best way is making a cronjob of course.
Realworld example
I created two new e-mailadresses; newipkrusjme@gmail.com and newipkrusjme@hotmail.com. Both addresses are now configured on my iPhone to receive all mail automatically,
In the cron, I set it to run as an hourly-job,
And then I did “the Dutch approach“…
Sourcecode
Thanks to Vim it was quite easy to make the sourcecode readable using :TOhtml.
If you love to see the amazing Vim-output or you’re actually seriously interested: You can find the sourcecode here: http://www.krusj.nl/files/newip-2.0.pl.html
Download directly: http://www.krusj.nl/files/newip-2.0.pl
Installing
- download the script, (for example to /usr/local/bin)
- change the email-addresses to your preferred ones,
- change the interface-card, (eth1, eth0 or whatever)
- mkdir /var/log/newip /var/newip,
- chmod 755 /usr/local/bin/newip-2.0.pl,
Testing / Forcing
If you want to test it, just run the script from command-line using:
# /usr/local/bin/newip-2.0 --force-mail
Processes and ports
Ever wondered which process is behind which port? Well, I do pretty often!
And also pretty often I have to look it up again…
Let’s change that for once and for all!
Here’s a really obvious example with port number 80 in use by Apache. (Such a surprise!)
Netstat: The syntax
# netstat -a -n -p | egrep 'Proto|LISTEN' | grep 80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1840/apache20
Forcing open doors
This output shows that Apache2.0 runs with PID 1840 and it’s listening to port 80.
After this I did a ‘ps aux | grep 1840′ and it turned out to be true!
CPAN, MacPorts and Eclipse: The hard-life
Developing machine configuration
My workstation is an Apple MacPro, running Snow Leopard. And I do my developing in Eclipse. For me undoubtedly the number one IDE. The Perl-support is really fantastic.
Unless you installed MacPorts!
Description
Although I was sure I installed the used CPAN-Modules, Eclipse kept complaining about not able to find them, blablabla….
Cause
MacPorts installed it’s own Perl! Although not necessarily, it can happen easily. With a little bit of playing around in MacPorts, it’s quite probable than MacPorts installed it’s own Perl. Although it really isn’t a big issue in everyday use. (I never ran into any trouble, so far) it may result in Eclipse fooling you.
Because since my OS now by default uses the MacPorts version of Perl, it will also use the CPAN that’s installed by MacPorts. And, once again: It works just fine!
The only trouble is Eclipse. Eclipse, or actually E-P-I-C, still only looks in the default Perl search-paths.
So if you install a new module using CPAN when MacPorts has installed Perl, it will install that new module in the MacPorts-CPAN-Path, and not in the default OSX-CPAN-Path. That’s all!
Remedy
Just install your CPAN module also in the default OS X-Path using the absolute path.
Example:
$ sudo /usr/bin/cpan
cpan> install Archive::TarGzip
cpan> reload cpan
cpan> exit
Now restart your Eclipse….
Problem solved!
Continue reading CPAN, MacPorts and Eclipse: The hard-life »
/etc/fstab and bind-mount
I use a Software RAID0 for data
And on this software-raid-volume, there are my MySQL-Databases, /home and other stuff that should be fast…
And, like all volumes, this software-raid-volume is mounted during boot-time.
But since my /home is also on that volume, it should be mounted using a bind-mount.
So first there is a mount using a mdadm: /dev/md127 -> /mnt/data,
And second there is a mount using bind-mount /mnt/data/home -> /home
It took me quite a while to figure out how to get this done at boot-time, but I managed!
Here’s what my /etc/fstab looks like:
# /etc/fstab: static file system information.
#
# noatime turns off atimes for increased performance (atimes normally aren't
# needed; notail increases performance of ReiserFS (at the expense of storage
# efficiency). It's safe to drop the noatime options if you want and to
# switch between notail / tail freely.
#
# The root filesystem should have a pass number of either 0 or 1.
# All other filesystems should have a pass number of 0 or greater than 1.
#
# See the manpage fstab(5) for more information.
# <fs> <mountpoint> <type> <opts> <dump/pass>
# NOTE: If your BOOT partition is ReiserFS, add the notail option to opts.
LABEL=boot /boot ext2 noauto 1 2
#/dev/sda3 /boot ext2 noauto 1 2
LABEL=root / ext3 defaults 0 1
#/dev/sda4 / ext3 noatime 0 1
# DATA
LABEL=data /mnt/data ext3 defaults 0 1
# HOME (bindmount)
/mnt/data/home /home bind defaults,bind 0 0
# SWAP like RAID0. The higher the value the higher the priority. (max=32767)
/dev/sda5 none swap sw,pri=1 0 0
/dev/sdb5 none swap sw.pri=1 0 0
#/dev/cdrom /mnt/cdrom auto noauto,ro 0 0
#/dev/fd0 /mnt/floppy auto noauto 0 0
# glibc 2.2 and above expects tmpfs to be mounted at /dev/shm for
# POSIX shared memory (shm_open, shm_unlink).
# (tmpfs is a dynamically expandable/shrinkable ramdisk, and will
# use almost no memory if not populated with files)
shm /dev/shm tmpfs nodev,nosuid,noexec 0 0
proc /proc proc defaults 0 0
For the attentive readers:
Yes, I did put my boot on a separate partition. And getting this done on a PowerMac G5 is quite an exhibition! Maybe someday, someday I’m gonna blog about that too!
rsync and cp -r
Since I lately had to do a lot of data-migrating stuff, I made myself an alias for rsync and I use it as recursivecopy-command. Works great! Write this down…
Alias
# alias rcp='rsync --owner --group --perms --times --archive --recursive --progress'
Some advantages
- No worries about accidentally overwriting important files
- No struggle with long syntaxis anymore
- Same syntaxformat as cp
Example:# rcp -v /home/user1/* /home/user2/* - Progress indicator
- Retaining file permissions and ownerships
- Very forgiving with interruptions!
You can hit CTRL-C without any risk. Just restart your rcp-action. And it will continue where it left of…
And sure you can add this alias to the bashrc, the .bash_profile, and so on….
FTK: “Runtime error” on raw-image
Today we discovered some strange behavior of Forensic ToolKit opening a raw image.
We use different software to acquire evidence:
- rdd-copy (my favorite)
- FTK Imager
- Tableau IMager
Description
Fortunately we now only use uncompressed raw images*. And depending on the situation we create them with one of the above mentioned tools. For some strange reason FTK crashed immediately after adding a raw image made by rdd-copy. My colleague appeared to be so patient and eager to find the reason for this strange behavior that he acquired that same harddrive again. Even though rdd-copy didn’t report any errors on the device! And this time he used Tableau IMager….
After all that was done, he added the raw-image, made by Tableau IMager, to the case… And to our big surprise: It worked flawlessly! And it got even more strange when we checked the hashes, The MD5s were the same! Go figure…
Cause
The extension! WTF! Our default choice for an evidence-extension is .IMG. (Works pretty nice with OS X)
And this was causing that runtime error!
Remedy
We changed .IMG to .DMG. Keeping the powerful functions of OS X available.
Everybody happy.
*If you want discussions about EnCase Evidencefiles again,
If you honestly really don’t know why not,
Or if you just want to make me mad,
Send an email to ‘whatssodamnhorribleaboutencaseevidencefiles@krujs.nl‘