Tuesday, September 01, 2009

I have moved!

New/current blog location can be found at blog.rayfoo.info, heh.

The old stuff here and at pleasefeedthegeek.wordpress.com will be left behind for reference.

Saturday, August 08, 2009

Writing stuff that helps others

After looking at my stats for this site, it seems that the HOWTO posts are still of use to other people, not like those rants/etc :P

Looks like I'll just stick to writing HOWTOs, etc :) Since it really does help people heh.

Friday, July 31, 2009

Nginx + PHP-FPM : $_SERVER[PHP_SELF] returning itself twice

Writing this down here in case anyone else encounters the same.

I got the $_SERVER[PHP_SELF] returning itself twice (eg. /123.php/123.php instead of /123.php as it should be) with my Nginx and PHP-FPM server. (Nginx 0.7.61, PHP 5.3.0)

Seems that the issue lies with the fastcgi configuration that I used. Make sure that this is not set.

# fastcgi_param PATH_INFO $fastcgi_script_name; #do not use, causes php_self to screw up

Wednesday, April 29, 2009

HOWTO: Share internet connection (painlessly) from your Ubuntu machine over Wireless

Internet connection sharing (ICS) had been one of the insane things that I've always made use of, be it in Windoze or otherwise. And now with us using mobile broadband, me having my Acer Aspire One notebook installed with Ubuntu on it, it's time to take up the challenge again to get this up and running! No need for Wireless@SG anymore, I can BECOME Wireless@SG! :D

Problem was, after reading many Ubuntu forums and HOWTOs, trying out Firestarter many times (and I'm currently too lazy to learn to configure iptables myself manually), I was almost ready to give up, until I read up on ipmasq out of curiousity... You would need to use the terminal, so if you have an allergy to the terminal it'd be good to learn and overcome that first :)

If this was helpful to you, or if you have any questions, do leave a comment!

This HOWTO was done on the following:
  • Ubuntu Jaunty 9.0.4 UNR (Ubuntu Netbook Release)
  • Huawei E180 HSPA USB Modem
  • Acer Aspire One A150

Here's what you do:
1) Install dnsmasq and ipmasq
Run the following command in terminal:
sudo apt-get install dnsmasq ipmasq -y

2) Disable dnsmasq from autostarting
In your terminal, type:
sudo gedit /etc/default/dnsmasq

Look for the line that states "ENABLED=1" and change it to "ENABLED=0"

3) Kill off dnsmasq daemon
We don't want dnsmasq to be running as a daemon here, since NetworkManager tries to start it for shared connections.
sudo killall dnsmasq

4) Enable wireless
You should know how to do this if it's not already on...

5) Configure wireless
  1. Left click network manager applet in the top panel.
  2. Select "Create new wireless network".
  3. Type in the network name and change your security settings as needed.
This would tell NetworkManager to create an ad-hoc wireless network.

6) Check wireless config
  1. Right click network manager applet.
  2. Select "Edit Connections...".
  3. Go to the "Wireless" tab.
  4. Select your ad-hoc network and click on "Edit".
  5. Go to "IPv4 Settings" tab
  6. The method should be "Shared to other computers"
This is so that dnsmasq will run whenever this network is connected to, providing us a DHCP and DNS server for that ad-hoc network.

7) Configure ipmasq
In terminal, type:
sudo dpkg-reconfigure ipmasq
  1. Should PPP connections recompute the firewall? Yes
  2. Just press Ok
  3. When should ipmasq be started? After network interfaces are brought up

8) Connect internet facing modem connection if not already done so
For me I just select my service provider and Ubuntu "dials up" to connect

9) Run ipmasq to configure iptables
iptables configs does the actual routing, ipmasq helps configure iptables PAINLESSLY :)
From terminal, type:
sudo ipmasq

10) Get ipmasq to run whenever a network interface goes up or down
iptables configurations are not persistent, so I use ipmasq to autoconfig for me everytime a network interface goes up. Note that you can also use other methods to persist iptables. NetworkManager fires off scripts in /etc/network/if-up.d whenever an interface goes up, so let's tell it to run ipmasq too.
In terminal, type these commands:
cd /etc/network/if-up.d
sudo gedit config-iptables
Copy and paste the following into the editor, save and exit.
#! /bin/sh

/usr/sbin/ipmasq
Then in terminal again, make the script executable:
sudo chmod +x config-iptables
You will want ipmasq to autoconfig again when a network interface goes down, so run the following in terminal:
sudo cp config-iptables /etc/network/if-post-down.d

11) Connect client, start surfing :)
You're done! Now just get another wifi client to join in the ad-hoc network, and after it gets an IP automatically we should be good to go!

Sunday, April 05, 2009

Ubuntu on Acer Aspire One cannot see or join wireless network

In case anyone encounters the same problems, hopefully this saves the sanity of these people trying to troubleshoot this.

I'm using an Acer Aspire One A150, running Ubuntu Intrepid Ibex 8.10, madwifi-hal drivers as instructed here.

I was not able to see my wireless network even though it could detect and join other networks.  The problem was caused by the wireless network being set to a radio channel higher than 11.

Possible solutions:
1) (recommended) Change the wireless AP channel to between 1 and 11.
2) If (1) is not possible for you, follow squire_uk's forum post made on February 10th, 2009, 06:11 PM for his fix.

References:

Friday, March 27, 2009

It (still) hurts like hell

It's probably been just over a year since the changes in my mum towards me, and even longer for her towards my brother, but the hurt and disappontment at my mum's actions are still basically there. Because of what she did which I thought of as nothing less than the betrayal and disowning of her sons.

I think most people would never come close to understanding this kind of pain, which would be good if this were true... I'm grateful to God really for Yifen who really does love and know me, and I'm sure my sister-in-law does too for my brother. But even with the many people around who know about this and show concern, I believe the only one who can come close to understanding this would be my brother only.

Which is why I get quite frustrated when people come and say "Oh, you should keep trying to contact her. See, your mum is so hurt." or "It's only right to keep trying because we need to honour our parents."

Honouring father and mother I totally agree with. And that's because that is what God (or Christ) wants. But all this time thrashing it out in my mind what I still can't figure out is: why does it mean for me to honour her? Definitely far more than just fulfilling obligations/duty, but what I wish to do is exactly what's not possible now counting what's happened/happening. Totally frustrating...

Still much more floating around in my head, and after so long a time of thinking heh. But all still in a mess..

Tuesday, March 24, 2009

HP SWFScan Static Code Analysis Tool for Flash


HP has released SWFScan, a free static code analysis tool for Flash. It does decompiling and static code analysis for a pretty huge list of vulnerabilities in Flash. Supports up to ActionScript 3.

Using it is easy: point it to the flash file, click on "Get" to retrieve and decompile, then click on "Analyse" to well...Analyse the source code :)

Decompiled source codes can be saved, and a HTML vulnerability report can be generated too after analysis.

FAQ
http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2009/03/20/hp-swfscan-faq.aspx

Blog post
http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2009/03/20/exposing-flash-application-vulnerabilities-with-swfscan.aspx

Download

Wednesday, March 18, 2009

ProxyStrike!

Another tool to try out!

From the site:

ProxyStrike is an active Web Application Proxy, is a tool designed to find vulnerabilities while browsing an application. It was created because the problems we faced in the pentests of web applications that depends heavily on Javascript, not many web scanners did it good in this stage, so we came with this proxy.

Right now it has available Sql injection and XSS modules. Both modules are designed to catch as many vulnerabilities as we can, it's that why the SQL Injection module is a Python port of the great DarkRaver "Sqlibf". The XSS module is made by us, using our library Gazpacho (soon will be released as standalone tool).

The process is very simple, ProxyStrike runs like a passive proxy listening in port 8008 by default, so you have to browse the desired web site setting your browser to use ProxyStrike as a proxy, and ProxyStrike will analyze all the paremeters in background mode. For the user is a passive proxy because you won't see any different in the behaviour of the application, but in the background is very active. :)

Features:

  • Plugin engine (Create your own plugins!)
  • Request interceptor
  • Request diffing
  • Request repeater
  • Automatic crawl process
  • Save/restore session
  • Http request/response history
  • Request parameter stats
  • Request parameter values stats
  • Request url parameter signing and header field signing
  • Use of an alternate proxy (tor for example ;D )
  • Sql attacks (plugin)
  • Server Side Includes (plugin)
  • Xss attacks (plugin)
  • Attack logs
  • Export results to HTML or XML

Wednesday, March 11, 2009

HOWTO: Determining the day of the week from the date in Microsoft Logparser

One of the issues we encountered in working with Microsoft Logparser is that we needed to determine which day of the week it was given a date.  Though there wasn't any function to do so, it seemed that the solution was pretty simple, actually.

(Apologize in advance for the bad reading formatting here, but these should work just by copying and pasting into your command prompt.  For some additional sanity I colour the more important parts red, heh.)

The code itself to convert is like this:
MOD(DIV(TO_INT(TO_DATE(DateTime)), 86400), 7)
Where DateTime is the input column with the datetime stamp.  86400 is the number of seconds in a day, and 7 is well....the number of days in a week :P

The return values (proved consistent within the range of my testing) are with Sunday as 1, and running all the way to Saturday as 0, i.e.:
Sat - 0
Sun - 1
Mon - 2
Tue - 3
Wed - 4
Thu - 5
Fri - 6

Combined into a simple query:
logparser -i:csv -o:datagrid "SELECT DISTINCT TO_DATE(DateTime), MOD(DIV(TO_INT(TO_DATE(DateTime)), 86400), 7) FROM datetest.csv"
(datetest.csv is my input test file here.)


And making use of some additional (simple but crazy!) programming to output as days instead of numbers (referencing from this article)
logparser -i:csv -o:datagrid "SELECT DISTINCT TO_DATE(DateTime), Day USING CASE MOD(DIV(TO_INT(TO_DATE(DateTime)), 86400), 7) WHEN 0 THEN 'SAT' ELSE CASE MOD(DIV(TO_INT(TO_DATE(DateTime)), 86400), 7) WHEN 1 THEN 'SUN' ELSE CASE MOD(DIV(TO_INT(TO_DATE(DateTime)), 86400), 7) WHEN 2 THEN 'MON' ELSE CASE MOD(DIV(TO_INT(TO_DATE(DateTime)), 86400), 7) WHEN 3 THEN 'TUE' ELSE CASE MOD(DIV(TO_INT(TO_DATE(DateTime)), 86400), 7) WHEN 4 THEN 'WED' ELSE CASE MOD(DIV(TO_INT(TO_DATE(DateTime)), 86400), 7) WHEN 5 THEN 'THU' ELSE 'FRI' END END END END END END AS Day FROM datetest.csv"

The output that I get :D

Hope this helped you.  Any comments/feedback is much appreciated!

References:

Sunday, March 08, 2009

Tweet Tweet!

Have not been able to blog much lately, but have been doing more of microblogging on Twitter.  So...you can follow me there ;)