Tuesday, April 15, 2008


it's not that i can't remember flags to a command line application, but it just takes too long to type everything. thus, i have made an attempt to shorten the typing time taken to ssh into a box, whether or not it requires an ssh key. here, i will share with you my python ssh wrapper. how it works: basically, the only command line argument you give it is the location of your ssh key (if needed). it asks for username and hostname; anything else would take too much time. enjoy!

import os, sys

# process cli args
keyfile = sys.argv[1]
usekey = 0
print "no arguments given, assuming no key needed!"
usekey = 1

# request username and hostname
user=str(raw_input('user: '))
host=str(raw_input('host: '))
except EOFError:
print r" "
print r"caught eof"
except KeyboardInterrupt:
print r" "
print r"caught interrupt"

# combine arguments and flags
if usekey == 0:
sshargs=" -i "+keyfile+" -l "+user+" "+host

if usekey == 1:
sshargs=" -l "+user+" "+host

# in a shell, run ssh and fg /w ssh args

Monday, April 14, 2008

sony gets hacked, i get spammed

so i'm sitting at work and i receive three e-mail's from "LiLi_woman@gmail.com" subjugated "Hello!!!". well, my first impression since they were received on an internally known address, are that it's spam. i opened them and they were all the same. they had a link labeled "More beautiful woman information" to some Asian website and, since Thunderbird picked up on it being spam, a blocked image. i was curious what this image was (it was quite large, in size) so i viewed the message source: spoofed address from gmail and relayed through yahoo, looks like standard spammer junk ... ah! i found an image html tag that goes to (note: i split these into two lines so you could see the whole link):

i copied the address into FireFox, and replaced my e-mail address with the address they spoofed. in my address bar, i entered:

i pressed enter. a blank image appeared on my screen. it instantly clicked in my head what they must be trying to do. they send you an e-mail, you open it and it connects and upon requesting this image it sends your e-mail address to them, confirming you are a real person. they are fishing for real people to spam.

i was curious if they were running apache or micro$oft's iis; i hacked off everything after the last whack:

damn! virtual directory listing denied. okay, let's request a document that probably doesn't exist.

yes! and it looks like we get the standard iis 404 page not found error. i was still curious who owned this box that had obviously been hacked. i attempted to browse to just the ip address, but nobody was home. i did a reverse dns check on the ip address, which turned up nothing. in my last attempt to find out who this address belonged to, i did a whois and got something:

% [whois.apnic.net node-2]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

inetnum: -
netname: SONET-NET
country: TW
descr: Sony Network Taiwan Limited
descr: 2Fl., Building E, No. 19-13, San Chung Road
descr: Taipei Taiwan 115
admin-c: JC417-AP
tech-c: CC115-AP
changed: hm-changed@apnic.net 20031125
source: APNIC

looks like our friends at Sony have been exploited, or are supporting it. well, i guess the moral of today's story is that a quitter never wins and never trust micro$oft.

Saturday, April 5, 2008

couple sues google

the invasion of privacy ... i can sorta see that; but devaluing their home, i'm not too comfortable with that.

Link: Article @ Yahoo

Friday, April 4, 2008

'service' for the rest of us

so my buddy scott likes the "service" command shipped with redhat. he has ubuntu installed on his computer, but was frustrated with not being able to list what existed in /etc/init.d, in a quick manner. i popped into his box and rewrote the "service" shell script to my own liking, and made it easy for him to use. for your enjoyment, i have posted that script here:

# updated by Matthew Stephen Hartmann (***@***.***)
# 04/04/2008


set -e

if [ $# -eq 0 ]
echo "Usage: `basename $0` [option] service-name [instruction]"
echo "Use '-h' or '--help', for help"

while [ $# -gt 0 ]; do
case "$1" in
ls /etc/init.d/
exit $E_GOOD_DAY
/etc/init.d/$1 $2 $3
exit $E_GOOD_DAY
echo "Usage: `basename $0` [option] service-name [instruction]"
echo ""
echo "-s | --service option executes the instruction"
echo "i.e.: service -s samba restart"
echo ""
echo "-l | --list option lists services available"
echo "i.e.: service -l"
echo ""
exit $E_GOOD_DAY
* )
echo "Usage: `basename $0` [option] service-name [instruction]"
echo "Use '-h' or '--help', for help"
echo "** invalid argument given **"

needless to say, it makes having to "ls /etc/init.d/" easier; simply type "service -l" and you're done. to run a service you type "service -s samba restart". cheers!

Wednesday, April 2, 2008

a fun trick for unwelcome visitors

this link was passed to me from a good friend of mine. it's a fun trick to play on people if you host an open wireless network.