#!/usr/bin/python
import os, sys
run=os.system
# process cli args
try:
keyfile = sys.argv[1]
usekey = 0
except:
print "no arguments given, assuming no key needed!"
usekey = 1
# request username and hostname
try:
user=str(raw_input('user: '))
host=str(raw_input('host: '))
except EOFError:
print r" "
print r"caught eof"
sys.exit(122)
except KeyboardInterrupt:
print r" "
print r"caught interrupt"
sys.exit(122)
# combine arguments and flags
if usekey == 0:
sshargs=" -i "+keyfile+" -l "+user+" "+host
if usekey == 1:
sshargs=" -l "+user+" "+host
# in a shell, run ssh and fg /w ssh args
run('/usr/bin/ssh'+sshargs)
sys.exit(0)
Tuesday, April 15, 2008
pyssh
it's not that i can't remember flags to a command line application, but it just takes too long to type everything. thus, i have made an attempt to shorten the typing time taken to ssh into a box, whether or not it requires an ssh key. here, i will share with you my python ssh wrapper. how it works: basically, the only command line argument you give it is the location of your ssh key (if needed). it asks for username and hostname; anything else would take too much time. enjoy!
Monday, April 14, 2008
sony gets hacked, i get spammed
so i'm sitting at work and i receive three e-mail's from "LiLi_woman@gmail.com" subjugated "Hello!!!". well, my first impression since they were received on an internally known address, are that it's spam. i opened them and they were all the same. they had a link labeled "More beautiful woman information" to some Asian website and, since Thunderbird picked up on it being spam, a blocked image. i was curious what this image was (it was quite large, in size) so i viewed the message source: spoofed address from gmail and relayed through yahoo, looks like standard spammer junk ... ah! i found an image html tag that goes to (note: i split these into two lines so you could see the whole link):
http://219.84.167.230:8888/AD.png?
eid=my_email@domain.com&pid=gao
i copied the address into FireFox, and replaced my e-mail address with the address they spoofed. in my address bar, i entered:
http://219.84.167.230:8888/AD.png?
eid=LiLi_woman@gmail.com&pid=gao
i pressed enter. a blank image appeared on my screen. it instantly clicked in my head what they must be trying to do. they send you an e-mail, you open it and it connects and upon requesting this image it sends your e-mail address to them, confirming you are a real person. they are fishing for real people to spam.
i was curious if they were running apache or micro$oft's iis; i hacked off everything after the last whack:
http://219.84.167.230:8888/
damn! virtual directory listing denied. okay, let's request a document that probably doesn't exist.
http://219.84.167.230:8888/foobar
yes! and it looks like we get the standard iis 404 page not found error. i was still curious who owned this box that had obviously been hacked. i attempted to browse to just the ip address, but nobody was home. i did a reverse dns check on the ip address, which turned up nothing. in my last attempt to find out who this address belonged to, i did a whois and got something:
looks like our friends at Sony have been exploited, or are supporting it. well, i guess the moral of today's story is that a quitter never wins and never trust micro$oft.
http://219.84.167.230:8888/AD.png?
eid=my_email@domain.com&pid=gao
i copied the address into FireFox, and replaced my e-mail address with the address they spoofed. in my address bar, i entered:
http://219.84.167.230:8888/AD.png?
eid=LiLi_woman@gmail.com&pid=gao
i pressed enter. a blank image appeared on my screen. it instantly clicked in my head what they must be trying to do. they send you an e-mail, you open it and it connects and upon requesting this image it sends your e-mail address to them, confirming you are a real person. they are fishing for real people to spam.
i was curious if they were running apache or micro$oft's iis; i hacked off everything after the last whack:
http://219.84.167.230:8888/
damn! virtual directory listing denied. okay, let's request a document that probably doesn't exist.
http://219.84.167.230:8888/foobar
yes! and it looks like we get the standard iis 404 page not found error. i was still curious who owned this box that had obviously been hacked. i attempted to browse to just the ip address, but nobody was home. i did a reverse dns check on the ip address, which turned up nothing. in my last attempt to find out who this address belonged to, i did a whois and got something:
% [whois.apnic.net node-2]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
inetnum: 219.84.0.0 - 219.85.255.255
netname: SONET-NET
country: TW
descr: Sony Network Taiwan Limited
descr: 2Fl., Building E, No. 19-13, San Chung Road
descr: Taipei Taiwan 115
admin-c: JC417-AP
tech-c: CC115-AP
status: ALLOCATED PORTABLE
changed: hm-changed@apnic.net 20031125
mnt-by: MAINT-TW-TWNIC
source: APNIC
looks like our friends at Sony have been exploited, or are supporting it. well, i guess the moral of today's story is that a quitter never wins and never trust micro$oft.
Saturday, April 5, 2008
couple sues google
the invasion of privacy ... i can sorta see that; but devaluing their home, i'm not too comfortable with that.
Link: Article @ Yahoo
Link: Article @ Yahoo
Friday, April 4, 2008
'service' for the rest of us
so my buddy scott likes the "service" command shipped with redhat. he has ubuntu installed on his computer, but was frustrated with not being able to list what existed in /etc/init.d, in a quick manner. i popped into his box and rewrote the "service" shell script to my own liking, and made it easy for him to use. for your enjoyment, i have posted that script here:
needless to say, it makes having to "ls /etc/init.d/" easier; simply type "service -l" and you're done. to run a service you type "service -s samba restart". cheers!
#!/bin/sh
# updated by Matthew Stephen Hartmann (***@***.***)
# 04/04/2008
E_BADARGS=100
E_GOOD_DAY=101
set -e
if [ $# -eq 0 ]
then
echo "Usage: `basename $0` [option] service-name [instruction]"
echo "Use '-h' or '--help', for help"
exit $E_BADARGS
fi
while [ $# -gt 0 ]; do
case "$1" in
-l|--list)
shift
ls /etc/init.d/
exit $E_GOOD_DAY
;;
-s|--service)
shift
/etc/init.d/$1 $2 $3
exit $E_GOOD_DAY
;;
-h|--help)
echo "Usage: `basename $0` [option] service-name [instruction]"
echo ""
echo "-s | --service option executes the instruction"
echo "i.e.: service -s samba restart"
echo ""
echo "-l | --list option lists services available"
echo "i.e.: service -l"
echo ""
exit $E_GOOD_DAY
;;
* )
echo "Usage: `basename $0` [option] service-name [instruction]"
echo "Use '-h' or '--help', for help"
echo "** invalid argument given **"
exit $E_BADARGS
;;
esac
shift
done
needless to say, it makes having to "ls /etc/init.d/" easier; simply type "service -l" and you're done. to run a service you type "service -s samba restart". cheers!
Wednesday, April 2, 2008
a fun trick for unwelcome visitors
this link was passed to me from a good friend of mine. it's a fun trick to play on people if you host an open wireless network.
http://www.ex-parrot.com/~pete/upside-down-ternet.html
http://www.ex-parrot.com/~pete/upside-down-ternet.html
Subscribe to:
Posts (Atom)